urlscan.io logo urlscan.io
SecurityTrails logo

buhgalter.com.ua Open in urlscan Pro
136.144.183.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buhgalter.com.ua/
Effective URL: https://buhgalter.com.ua/
Submission: On December 07 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 14 countries across 94 domains to perform 328 HTTP transactions. The main IP is 136.144.183.196, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is buhgalter.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 31st 2022. Valid for: a year.
This is the only time buhgalter.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41 136.144.183.196 20857 (TRANSIP-A...)
11 45.133.44.4 39572 (ADVANCEDH...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a03:2880:f08... 32934 (FACEBOOK)
1 95.170.82.90 20857 (TRANSIP-A...)
2 185.187.81.40 43332 (IDSTRATEG...)
1 45.79.77.20 63949 (LINODE-AP...)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a0c:5c81:514... 55081 (24SHELLS)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 80.77.87.163 46636 (NATCOWEB)
1 13.248.245.213 16509 (AMAZON-02)
2 63.251.14.60 32475 (SINGLEHOP...)
2 2 54.38.197.123 16276 (OVH)
2 62.149.1.122 15497 (COLOCALL ...)
1 185.187.81.41 43332 (IDSTRATEG...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
10 2602:803:c003... 26667 (RUBICONPR...)
36 35.157.246.167 16509 (AMAZON-02)
1 185.184.8.90 204995 (RTB-HOUSE...)
9 34.149.50.64 15169 (GOOGLE)
1 2 185.172.90.251 49981 (WORLDSTREAM)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 18.194.114.29 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 104.18.33.19 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 37.97.131.40 20857 (TRANSIP-A...)
1 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 141.95.98.64 16276 (OVH)
3 23.35.236.201 16625 (AKAMAI-AS)
4 23.79.143.124 16625 (AKAMAI-AS)
1 104.18.132.145 13335 (CLOUDFLAR...)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.18.36.94 13335 (CLOUDFLAR...)
1 184.30.20.22 16625 (AKAMAI-AS)
6 7 35.157.180.193 16509 (AMAZON-02)
2 2 3.121.53.43 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
3 4 37.252.171.21 29990 (ASN-APPNEX)
9 12 142.250.181.226 15169 (GOOGLE)
2 3 35.227.248.159 15169 (GOOGLE)
3 5 37.157.2.239 198622 (ADFORM)
8 52.223.40.198 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 3 185.64.190.78 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.247.60.250 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
4 5 185.86.139.89 201081 (SMARTADSE...)
2 52.49.92.250 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
5 5 3.126.56.137 16509 (AMAZON-02)
1 1 52.58.215.26 16509 (AMAZON-02)
2 34.98.67.61 396982 (GOOGLE-CL...)
2 54.72.96.20 16509 (AMAZON-02)
1 4 168.119.79.223 24940 (HETZNER-AS)
4 4 151.101.194.49 54113 (FASTLY)
1 1 13.32.99.109 16509 (AMAZON-02)
1 1 34.207.40.113 14618 (AMAZON-AES)
4 7 67.220.228.200 16509 (AMAZON-02)
1 184.30.16.79 16625 (AKAMAI-AS)
1 1 54.228.118.174 16509 (AMAZON-02)
3 5 69.173.144.138 26667 (RUBICONPR...)
3 5 172.64.154.237 13335 (CLOUDFLAR...)
1 1 23.1.110.85 16625 (AKAMAI-AS)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 67.202.105.22 32748 (STEADFAST)
1 185.255.84.152 200271 (IGUANE-)
1 51.89.9.252 16276 (OVH)
1 52.28.133.172 16509 (AMAZON-02)
4 4 37.252.171.85 29990 (ASN-APPNEX)
1 1 50.31.142.255 23352 (SERVERCEN...)
5 5 185.94.180.126 35220 (SPOTX-AMS)
2 2 52.213.69.170 16509 (AMAZON-02)
1 37.157.4.29 198622 (ADFORM)
2 2 185.29.134.248 30419 (MEDIAMATH...)
16 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 54.85.128.169 14618 (AMAZON-AES)
5 5 52.30.148.32 16509 (AMAZON-02)
1 1 198.148.27.139 ()
1 1 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 213.19.147.44 26120 (RHYTHMONE)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.54.172 213230 (HETZNER-C...)
1 1 141.94.240.141 16276 (OVH)
1 1 141.94.170.77 16276 (OVH)
1 72.251.241.206 32475 (SINGLEHOP...)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 1 141.94.170.64 16276 (OVH)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.149 13768 (COGECO-PEER1)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
4 4 69.173.144.139 26667 (RUBICONPR...)
3 5 52.46.143.56 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 4 185.80.39.216 27381 (CASALE-MEDIA)
1 184.25.50.34 20940 (AKAMAI-ASN1)
1 172.64.151.162 13335 (CLOUDFLAR...)
1 69.173.144.165 26667 (RUBICONPR...)
328 99
41    136.144.183.196 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 136-144-183-196.colo.transip.net
buhgalter.com.ua
11    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.gravitec.net
player.adtelligent.com
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
18    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    95.170.82.90 (Amsterdam, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 95-170-82-90.colo.transip.net
analytics.factor.ua
2    185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
1    45.79.77.20 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1176-20.members.linode.com
jsonip.com
4    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
id.gravitec.net
6    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
5    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
4    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
6    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    63.251.14.60 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
2    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
1    185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
49b0b297964990c651f24ede970312f2.safeframe.googlesyndication.com
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
10    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
36    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
9    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
2    185.172.90.251 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net
pbjs.e-planning.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.194.114.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-114-29.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    37.97.131.40 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 37-97-131-40.colo.transip.net
reactive.factor.ua
1    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-fra5-2.xx.fbcdn.net
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.18.132.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cs.seedtag.com
16    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
7    35.157.180.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-180-193.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.121.53.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-53-43.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
12    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
8    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f602:82a0:df8e:67ea:6e72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b001:f5c1:a58:c5c6:d8ee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.247.60.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-60-250.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
2    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
5    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
2    52.49.92.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-92-250.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.58.215.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-215-26.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    54.72.96.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-96-20.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.32.99.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-109.fra60.r.cloudfront.net
engine.widespace.com
1    34.207.40.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-40-113.compute-1.amazonaws.com
usermatch.krxd.net
7    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    184.30.16.79 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-79.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.228.118.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-118-174.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    23.1.110.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-110-85.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
3    2a02:26f0:1700:d::1737:6e88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
1    67.202.105.22 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    52.28.133.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-133-172.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    50.31.142.255 (Elmhurst, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    52.213.69.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-69-170.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
16    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    54.85.128.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-128-169.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    52.30.148.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-148-32.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.139 (None, )

ASN- ()
bh.contextweb.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    141.94.240.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-12.cloudy.ovh
green.erne.co
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    2a05:d018:d29:3605:f9a9:36e4:6c12:d8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a02:26f0:1700:d::1737:6e99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    184.25.50.34 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-50-34.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
Apex Domain
Subdomains		 Transfer
44 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1227
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1037
ups.analytics.yahoo.com — Cisco Umbrella Rank: 317
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
6 KB
41 buhgalter.com.ua
buhgalter.com.ua
733 KB
25 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 533
image6.pubmatic.com — Cisco Umbrella Rank: 734
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 1051
image4.pubmatic.com — Cisco Umbrella Rank: 982
32 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 498
eus.rubiconproject.com — Cisco Umbrella Rank: 587
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1032
token.rubiconproject.com — Cisco Umbrella Rank: 615
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2379
38 KB
23 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
137 KB
16 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3654
mwzeom.zeotap.com — Cisco Umbrella Rank: 2922
4 KB
14 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 786
scontent-fra5-2.xx.fbcdn.net — Cisco Umbrella Rank: 14678
164 KB
12 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1057
s.amazon-adsystem.com — Cisco Umbrella Rank: 302
9 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588
dsum.casalemedia.com — Cisco Umbrella Rank: 1571
9 KB
11 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6425
ghb.adtelligent.com — Cisco Umbrella Rank: 6025
sync.adtelligent.com — Cisco Umbrella Rank: 4649
147 KB
10 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 6233
cs.seedtag.com — Cisco Umbrella Rank: 15025
17 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2441
dis.criteo.com — Cisco Umbrella Rank: 752
9 KB
9 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4563
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 87
2 KB
8 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1667
csync.smartadserver.com — Cisco Umbrella Rank: 3438
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 602
21 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
2 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
secure.adnxs.com — Cisco Umbrella Rank: 486
7 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1023
x.bidswitch.net — Cisco Umbrella Rank: 322
2 KB
8 googlesyndication.com
49b0b297964990c651f24ede970312f2.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
42 KB
8 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3116
adservice.google.co.uk — Cisco Umbrella Rank: 4931
2 KB
8 gravitec.net
cdn.gravitec.net — Cisco Umbrella Rank: 24095
id.gravitec.net — Cisco Umbrella Rank: 141833
62 KB
6 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4690
cm.adform.net — Cisco Umbrella Rank: 1674
c1.adform.net — Cisco Umbrella Rank: 718
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
65 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 549
2 KB
5 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 620
4 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
14 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
202 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 638
1 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2186
976 B
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1005
179 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 601
usermatch.krxd.net — Cisco Umbrella Rank: 1437
942 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 496
932 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
190 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 985
1 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 14384
pixel.onaudience.com — Cisco Umbrella Rank: 3226
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 975
s.tribalfusion.com — Cisco Umbrella Rank: 2229
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5758
560 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 509
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 719
646 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1148
462 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1050
sync.crwdcntrl.net — Cisco Umbrella Rank: 930
530 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 28071
681 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1554
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 222
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1513
751 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4400
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 653
cdn.indexww.com — Cisco Umbrella Rank: 1673
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 476
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 675
57 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
contextual.media.net — Cisco Umbrella Rank: 600
9 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7247
2 KB
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10265
513 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 635
554 B
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 170386
24 KB
2 factor.ua
analytics.factor.ua
reactive.factor.ua
687 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 682
694 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2658
3 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 458
921 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3826
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2422
555 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 936
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 655
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3848
104 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1521
283 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 17018
367 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6298
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5648
279 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 915
244 B
1 contextweb.com
bh.contextweb.com
553 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 784
615 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 721
588 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 617
304 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 557
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 847
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 952
178 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1060
1 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 54142
214 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 575
145 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 74995
484 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 507
530 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8312
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 13447
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 735
161 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209
403 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6154
179 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 560875
169 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 404
140 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1259
189 B
1 jsonip.com
jsonip.com — Cisco Umbrella Rank: 25103
449 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
28 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 170
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 435
12 KB
328 94
Domain Requested by
41 buhgalter.com.ua 1 redirects buhgalter.com.ua
36 c2shb.ssp.yahoo.com player.adtelligent.com
15 mwzeom.zeotap.com spl.zeotap.com
13 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
12 cm.g.doubleclick.net 9 redirects spl.zeotap.com
11 simage2.pubmatic.com ads.pubmatic.com
10 fastlane.rubiconproject.com player.adtelligent.com
9 s.seedtag.com player.adtelligent.com
cs.seedtag.com
8 match.adsrvr.org spl.zeotap.com
cs.seedtag.com
ads.pubmatic.com
ssum-sec.casalemedia.com
7 aax-eu.amazon-adsystem.com 4 redirects spl.zeotap.com
ads.pubmatic.com
7 x.bidswitch.net 6 redirects
7 cdn.gravitec.net buhgalter.com.ua
cdn.gravitec.net
6 www.google.com buhgalter.com.ua
tpc.googlesyndication.com
6 www.google.co.uk buhgalter.com.ua
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
buhgalter.com.ua
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 match.prod.bidr.io 5 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 sync.search.spotxchange.com 5 redirects
5 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
5 pixel.rubiconproject.com 3 redirects
5 ups.analytics.yahoo.com 5 redirects
5 www.facebook.com buhgalter.com.ua
connect.facebook.net
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
5 ghb.adtelligent.com player.adtelligent.com
5 connect.facebook.net buhgalter.com.ua
www.googletagmanager.com
connect.facebook.net
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 secure.adnxs.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 sync.richaudience.com 1 redirects spl.zeotap.com
cs.seedtag.com
4 sync.smartadserver.com 3 redirects cs.seedtag.com
4 ib.adnxs.com 3 redirects spl.zeotap.com
4 eus.rubiconproject.com player.adtelligent.com
eus.rubiconproject.com
cs.seedtag.com
4 gum.criteo.com 2 redirects static.criteo.net
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 use.fontawesome.com buhgalter.com.ua
use.fontawesome.com
4 player.adtelligent.com buhgalter.com.ua
player.adtelligent.com
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 ads.pubmatic.com player.adtelligent.com
cs.seedtag.com
ads.pubmatic.com
3 mug.criteo.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.googletagmanager.com buhgalter.com.ua
www.googletagmanager.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ad.360yield.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 odr.mookie1.com spl.zeotap.com
ads.pubmatic.com
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 id5-sync.com player.adtelligent.com
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 pbjs.e-planning.net 1 redirects buhgalter.com.ua
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.co.uk securepubads.g.doubleclick.net
2 sync.adtelligent.com buhgalter.com.ua
2 a4p.adpartner.pro 2 redirects
2 ap.lijit.com buhgalter.com.ua
cs.seedtag.com
2 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
2 s.zmctrack.net buhgalter.com.ua
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 ced-ns.sascdn.com csync.smartadserver.com
1 px.ads.linkedin.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 cm.adform.net cs.seedtag.com
1 b1sync.zemanta.com 1 redirects
1 match.sharethrough.com cs.seedtag.com
1 onetag-sys.com cs.seedtag.com
1 visitor.omnitagjs.com cs.seedtag.com
1 ssc-cms.33across.com cs.seedtag.com
1 secure-assets.rubiconproject.com 1 redirects
1 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net spl.zeotap.com
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 lb.eu-1-id5-sync.com player.adtelligent.com
1 contextual.media.net player.adtelligent.com
1 js-sec.indexww.com player.adtelligent.com
1 spl.zeotap.com player.adtelligent.com
1 cs.seedtag.com player.adtelligent.com
1 scontent-fra5-2.xx.fbcdn.net www.facebook.com
1 reactive.factor.ua cdn.jsdelivr.net
1 fonts.gstatic.com fonts.googleapis.com
1 htlb.casalemedia.com player.adtelligent.com
1 prebid.media.net player.adtelligent.com
1 grid.bidswitch.net player.adtelligent.com
1 hbopenbid.pubmatic.com player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 49b0b297964990c651f24ede970312f2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 loadercdn.net buhgalter.com.ua
1 eb2.3lift.com player.adtelligent.com
1 cs.admanmedia.com player.adtelligent.com
1 region1.analytics.google.com www.googletagmanager.com
1 id.gravitec.net cdn.gravitec.net
1 jsonip.com buhgalter.com.ua
1 analytics.factor.ua buhgalter.com.ua
1 www.googletagservices.com buhgalter.com.ua
1 fonts.googleapis.com buhgalter.com.ua
1 www.googleadservices.com buhgalter.com.ua
1 cdn.jsdelivr.net buhgalter.com.ua
328 141

This site contains links to these domains. Also see Links.

Domain
i.factor.ua
factor.academy
buhgalter911.com
reklama.factor.ua
bit.ly
fit.com.ua
www.youtube.com
Subject Issuer Validity Valid
buhgalter.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-10-31 -
2023-10-31		 a year crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2022-03-22 -
2023-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
player.adtelligent.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-15 -
2022-12-14		 3 months crt.sh
*.factor.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-12-28 -
2022-12-28		 a year crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-25		 a year crt.sh
jsonip.com
R3		 2022-11-12 -
2023-02-10		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
loadercdn.net
R3		 2022-10-12 -
2023-01-10		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-08 -
2023-08-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh

This page contains 45 frames:

Primary Page: https://buhgalter.com.ua/
Frame ID: F9097367883F0CE0D8399BCA613C5E4A
Requests: 263 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 04F6E115587E45F319EC84531B03C199
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: ABDE915539DD139DE1C93EE3B19A0C82
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: 4E581EE91361237BB92BD0C7A3BD8F0C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Frame ID: 2ED07959FB3918C28FBAF2D41A0739F3
Requests: 1 HTTP requests in this frame

Frame: https://49b0b297964990c651f24ede970312f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1BA857F48C98325B9640A00F123C32F1
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: A35310F099A5F561C985C17EED4001C0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 24CDCBC660444ED49C553C680ACA76E1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Frame ID: AE18917588DFB43D25D095CF0D15D5C5
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9BA32BE3653BF951CBFA29058F52B064
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 69A0B35DA77B5C773ABDA30DA4CEBDC6
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=buhgalter.com.ua
Frame ID: A8C721F85E37F2DFD26D56E41E4596A6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 29C9B03304917D25F4DE8800EFFDA0EA
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 7E7AAC68DF15CBF22811A228F96A960A
Requests: 10 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Frame ID: FD88EB149F857CC7CC34A49C990B8772
Requests: 15 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: F2D9EB9469F0665EE63F340B2F8AC5BB
Requests: 31 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 91F49A0807032BFD630EECBF2DA2EA12
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 26500CDE7E2268F4BE9ADA987F6A7BBB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B274A87F213EF84373793F9B20F90C80
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 99C66471489BBB1241675106AAC9A737
Requests: 3 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: C0B8F00CDF72A0C0C3544C8DF3AFA812
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: 6F3EA313A60200AB54B36CC7C58749F1
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1670374825038&pubconsent=&euconsent=&hasConsent=1
Frame ID: 6B0BB0C02E764F32DF474020046B59FE
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Frame ID: 35A5FFE55524C9639750218FCA96C6B1
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Frame ID: 798F0E81C3CAA134D388A505BDB5DEB4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: DED5B76DE95A1380C1A2761657DC4765
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 4C1F6C2C9FC6AF4396E1283A82DF6E5C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent=
Frame ID: D09ED269901809F459751015458AC2CC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b7b8638f-e5a9-4b00-b446-e849c67287f6&gdpr=0&gdpr_consent=
Frame ID: E93283E38E6B115CD0F1B7253015F782
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=826291927493921925
Frame ID: 5C29592D69A80513279F1F9BD15DBDDE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B0E544DB7157712106570606723AD81D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: E7118AB0B4267A6E91D953E18DBC0056
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4042716502955769651&gdpr=0&gdpr_consent=
Frame ID: 266D089C7FD0D673B21406DA22895485
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM
Frame ID: 6DD61B3E22F730CFBA2D0F0D6A735351
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174205245442226322&gdpr=0&gdpr_consent=
Frame ID: 7406053B32EB2F6A9974D9C928436344
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Zt4U-DIVRElFbl4BcsHRf9mKxGs
Frame ID: 5240E394E1939E232369A9AA8F48CAA7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZQk7HH8sAACAPo8FIJA&gdpr=0&gdpr_consent=
Frame ID: 22468652DCFCF8EDFAF288EA30072B4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4-lqQAAAgwH6AAo&gdpr=0&gdpr_consent=&_test=Y4-lqQAAAgwH6AAo
Frame ID: 47328BC839043B18E07C61AE690B3038
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 3EB681BC432B91763EC006D5CF43A4FA
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E556F64DE6FE94F9532C9A4C3BA537B0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2148933789
Frame ID: DEB3E20EC179B52AE9E30C999096E77E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 4BCEB8869B43EBC43050946E4FDEF647
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: FAD8B02537EDF3158A073B82B35363BD
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=927d11725dba782a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRXTQbbTXVQhgTSXg
Frame ID: 66B30014DC14429674002EEA80435310
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5DD209FBF68C8541D1C8318B7C513FA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Сайт для бухгалтерів бюджетних установ

Page URL History Show full URLs

  1. http://buhgalter.com.ua/ HTTP 301
    https://buhgalter.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

328
Requests

83 %
HTTPS

30 %
IPv6

94
Domains

141
Subdomains

99
IPs

14
Countries

2250 kB
Transfer

6297 kB
Size

119
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buhgalter.com.ua/ HTTP 301
    https://buhgalter.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c679ac17-aa91-4cd3-b5f9-66c420c339ba
Request Chain 161
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.4885872677289891&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.3&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=858925cf-e801-4d3b-b016-145cf68b74db HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.4885872677289891&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.3&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=858925cf-e801-4d3b-b016-145cf68b74db
Request Chain 281
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=buhgalter.com.ua&sn=ChromeSyncframe&so=0&topUrl=buhgalter.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qzaR4Hw1NGNXbFRadUEwc3RoRnEydnRXUVJvUUptYXpIWEVGNFBVSlBndE0wUWtuRlNnS0VuU1FjWEIvbnM1VENnMXV4eTF3YjVZeTI2RlBZZUZCTFQ1UGd2SEVuZGtEVTFkVmpTQlJOTkRVYkZUdmdBcXlvSkZzdzk5UkVFbTJMM1hTdHhzSEJ3MVVPOHQ5Qmw2WjhibWJpN2ZDb05UZzQ0Rk1xSkVPSW5DUWlRbjg4QmpDOWR6UXhFdUg4cjdnZG5GeEJCMW5DYmdGamlZMEk0VW9CUytHMTZ0U3dmZS9YWW1kUVZ0OGJZSlZhZzM4Sy9CalNBaFc0YjFEU0tpakxoQnJJQ2Fod1FoemFxbkRxWUR1b1NpTWdIZz09fA&cppv=2
Request Chain 286
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=TjBNBXxNZ2htS3hhTGVYa1NRRi85YlZFYjJwZkJIWFQ2N3hEaUcxRVlla2VsZEdvY0s1Qm1zMDJqck1GRERrTnZwSlJtemhHWHE2dGhWV3VaWnhROEREYnZVYk5YUjhlYy85dEFVZGdzUVI5TkFIaUU2RG5uUSttTm84MkVmSWFwNkR0VXlUMjZwZDA0M0lCNkE5SWl2TEl6T1VySGI3SkdtMHVOb0xtWWRJU2Rud2E4YU9MMUJFc1NwTVR4SE9BSklWOWdrUjBRRU4rdGNDYm9JWVg3a2ovcVJXb3Q3bU5KdXhUM3hDdnNwdTFCUkJWbXA2ZkdZSUVKSHNkSnNaaXptaFVRRHBGbkF1NlVnZzIzWlRzWDhvQTY3UT09fA&cppv=2
Request Chain 294
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=104318fa-8f73-4d1d-bf62-04e2c2d939dd HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=104318fa-8f73-4d1d-bf62-04e2c2d939dd HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=abd0edc0-eabd-4d26-8383-354fafecdfda&ssp=themediagrid&expires=30&user_group=5&bsw_param=104318fa-8f73-4d1d-bf62-04e2c2d939dd
Request Chain 295
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c679ac17-aa91-4cd3-b5f9-66c420c339ba
Request Chain 299
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=744282d9-2fa5-4e68-8caf-87cfa330b8be&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Request Chain 304
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361&rdf=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Request Chain 305
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=65999cd0-7a38-482c-a630-a03e4ba1e4b2&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 306
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=19507286425610026150227966955575629655&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Request Chain 308
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7174205245442095257&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Request Chain 310
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361&bounce=1&random=228282499 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=mPStCyrgmZOPr1eU2CbEO.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Request Chain 311
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 313
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-pSChlvdE2oqOBPcHGBJ3CJL3B3wx1VaVqA--~A&zpartnerid=570&env=mWeb
Request Chain 314
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=tZwRcsfmRDsC8xjc597RFNfC042Rz5io%2BS41iYitP1U%3D
Request Chain 318
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361&_test=Y4-lqQACForG0AAp HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4-lqQACForG0AAp&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361&_test=Y4-lqQACForG0AAp
Request Chain 319
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.6ef5b87e-22f9-4ea8-a48d-912da4ddbc25&zdid=1361
Request Chain 320
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Request Chain 321
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361&dcc=t
Request Chain 323
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Request Chain 324
  • https://pixel.rubiconproject.com/token?pid=41544&puid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LBCY1H06-28-M04H&env=mWeb&zpartnerid=1770&gdpr=0
Request Chain 325
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=104318fa-8f73-4d1d-bf62-04e2c2d939dd&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Request Chain 328
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 331
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 340
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.seedtag.com%252Fcs%252Fcookiesync%252Fappnexus%253Fchanneluid%253D%2524UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=1395078466316344542
Request Chain 341
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
Request Chain 342
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Request Chain 344
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=seedtag&bsw_param=104318fa-8f73-4d1d-bf62-04e2c2d939dd&google_hm=MTA0MzE4ZmEtOGY3My00ZDFkLWJmNjItMDRlMmMyZDkzOWRk HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHFmg_7j2W1_mDHrncCsJsY&google_cver=1&ssp=seedtag&bsw_param=104318fa-8f73-4d1d-bf62-04e2c2d939dd HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=104318fa-8f73-4d1d-bf62-04e2c2d939dd
Request Chain 345
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=88885732-75ca-11ed-80d6-141484330306 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/spotx?channeluid=888856c4-75ca-11ed-80d6-141484330306
Request Chain 346
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
Request Chain 347
  • https://sync.search.spotxchange.com/partner?source=249286 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=8888a966-75ca-11ed-a74f-174deb1e0206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&us_privacy= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESECOueE8ql8DJdOTqoBs3MLE&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 348
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=265ea304-ff96-47e5-a779-8041ed39ad10
Request Chain 349
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D&s=191730&C=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y4-lqUGfx1L42fTczLqeyAAA%261852
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58427/occ?verify=true HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-Dcd0r21E2uE98JsVmeKGZ3ntGboht3qKgQOs9_I-~A
Request Chain 354
  • https://c1.adform.net/serving/cookie/match?party=14&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent=
Request Chain 355
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b7b8638f-e5a9-4b00-b446-e849c67287f6&gdpr=0&gdpr_consent=
Request Chain 356
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=826291927493921925
Request Chain 357
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 358
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 359
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4042716502955769651&gdpr=0&gdpr_consent=
Request Chain 360
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM
Request Chain 361
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174205245442226322&gdpr=0&gdpr_consent=
Request Chain 362
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Zt4U-DIVRElFbl4BcsHRf9mKxGs
Request Chain 363
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWlFrN0hIOHNBQUNBUG84RklKQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEZQk7HH8sAACAPo8FIJA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2659778366685093041&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEZQk7HH8sAACAPo8FIJA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2659778366685093041%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2659778366685093041&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEZQk7HH8sAACAPo8FIJA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZQk7HH8sAACAPo8FIJA&gdpr=0&gdpr_consent=
Request Chain 364
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y4-lqQAAAgwH6AAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4-lqQAAAgwH6AAo&gdpr=0&gdpr_consent=&_test=Y4-lqQAAAgwH6AAo
Request Chain 365
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 366
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 367
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670374825257 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2148933789
Request Chain 370
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=927d11725dba782a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRXTQbbTXVQhgTSXg
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d4XtBvvmRJyaJA29EmfS5w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 373
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f693638f-e5a9-4300-a4a4-58fa6cb21f5f
Request Chain 374
  • https://pixel.onaudience.com/?partner=214&mapped=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzc4NUVEMDYtRkJFNi00NDlDLTlBMjQtMERCRDEyNjdEMkU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGW-kzc1vDtXhS-ZLjEZBH4&google_cver=1
Request Chain 378
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1875249585118522708
Request Chain 380
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=104318fa-8f73-4d1d-bf62-04e2c2d939dd&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 382
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-axqcT25E2uXV65iOsPNMza02YOF.n4s-~A&gdpr=0&gdpr_consent=
Request Chain 385
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3285593131473095809&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 386
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bd269736-02eb-43c7-905d-6b66696da5b2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 387
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4042716502955769651
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAKiQ-3UV2vRi8fb-pObwXg&google_cver=1
Request Chain 389
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzM4NTk3ODc4NGU5ZGJjMjlkZDkwNDkxNGFhOWFhM2U1YjU4YmVkZQ&gdpr=0
Request Chain 391
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W5j4vLf9ROqpuDMcctrs0A&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W5j4vLf9ROqpuDMcctrs0A&gdpr=0
Request Chain 392
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDWTFIMDYtMjgtTTA0SA==&gdpr=0
Request Chain 393
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lC2rnqDcQqqoOOcqi5hOgQ&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lC2rnqDcQqqoOOcqi5hOgQ&gdpr=0
Request Chain 394
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bwn0aC1ypS1vlQ_bJjR4f8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tLcm6cdE2oIqAoAACMTZoXYZT8__fhq1IfPjkA--~A
Request Chain 395
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCY1H06-28-M04H&gdpr=0
Request Chain 399
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4-lqUaMEHtn.41eWKcz3QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPj5j6STt4R7vq0LPoebLUc&google_cver=1&google_hm=2
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4_lqUaMEHtn-41eWKcz3QAAApsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHlMsIFiHo94nMhqJCu3y_s&google_cver=1
Request Chain 402
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4_lqUaMEHtn-41eWKcz3QAAApsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4_lqUaMEHtn-41eWKcz3QAAApsAAAIB&dcc=t
Request Chain 403
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1395078466316344542
Request Chain 405
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F146EA15AC2A4D398A7CBE2D2123DB28
Request Chain 406
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1395078466316344542

328 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buhgalter.com.ua/
Redirect Chain
  • http://buhgalter.com.ua/
  • https://buhgalter.com.ua/
105 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
28e5d10398d7626da007fad02d23b5a13dfe561f3dbe7a699967d75dec771792
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 no-transform
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 01:00:20 GMT
expires
Wed, 07 Dec 2022 02:00:20 GMT
last-modified
Thu, 28 May 2020 12:12:45 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
233
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 07 Dec 2022 01:00:20 GMT
Keep-Alive
timeout=5, max=100
Location
https://buhgalter.com.ua/
Server
Apache
Strict-Transport-Security
max-age=15768000; includeSubdomains;
x-xss-protection
1; mode=block
jquery.min.js
buhgalter.com.ua/assets/templates/base/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Fri, 25 Jan 2019 12:46:20 GMT
server
nginx
etag
W/"5c4b051c-1762a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
client.js
cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 31 Oct 2022 19:59:07 GMT
date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 19:57:34 GMT
server
nginx
etag
W/"636028ae-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
REVALIDATED
main.js
buhgalter.com.ua/assets/templates/base/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/main.js?1665486999
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 11:16:39 GMT
server
nginx
etag
W/"63455097-7b37"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
advert.js
buhgalter.com.ua/assets/templates/base/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/advert.js?1482134876
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2016 08:07:56 GMT
server
nginx
etag
W/"5857955c-947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
custom_branding.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
797 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/custom_branding.css?1645010085
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:14:45 GMT
server
nginx
etag
W/"620cdca5-90d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-35985798-1
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a022827281d8cf772a686fab1be025e8305bedb80a626fe28ad25c5b5c1a4d6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43607
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Dec 2022 01:00:20 GMT
config_accounts.js
buhgalter.com.ua/assets/templates/base/js/ 		676 B
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/config_accounts.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Thu, 11 Nov 2021 09:07:41 GMT
server
nginx
etag
"618cdd5d-2a4"
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
676
expires
Wed, 21 Dec 2022 01:00:20 GMT
all-sites.js
buhgalter.com.ua/assets/templates/base/js/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/all-sites.js?v=20072022
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 07:26:46 GMT
server
nginx
etag
W/"62d7ae36-7c31"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
buy-access.css
buhgalter.com.ua/assets/templates/base/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 15:42:50 GMT
server
nginx
etag
W/"635803fa-39e0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
sockjs.min.js
cdn.jsdelivr.net/sockjs/0.3.4/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22520220
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19169-FRA, cache-lcy19248-LCY
server
cloudflare
etag
W/"845f-2xqGtL6IkSLNx0THukpBdUC8xho"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwXRyOfuFeNl0HU1chvv42CngeQNzJcfMLcvZ3TVEfi10A08cN55SQCnlNkcdCpoE4DiqDcaXqvRhUo7micChZKRsi9SpDi4LJVZUdfVJJb5OdeetsayWKcwjuQgIVhVjGsEYaEAhHc84Ml9kBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
775952e46f70756a-LHR
subscribe_form_newsone.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/subscribe_form_newsone.css?1665485092
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 10:44:52 GMT
server
nginx
etag
W/"63454924-72c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
bcom_logo_footer.png
buhgalter.com.ua/assets/templates/base/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/bcom_logo_footer.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Tue, 25 Oct 2022 07:24:51 GMT
server
nginx
etag
"63578f43-25e7"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
9703
expires
Wed, 21 Dec 2022 01:00:20 GMT
payment_types.svg
buhgalter.com.ua/assets/templates/base/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/payment_types.svg
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 07:26:26 GMT
server
nginx
etag
W/"63578fa2-c9b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
footer_logo_forum.svg
buhgalter.com.ua/assets/templates/base/images/ 		5 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/footer_logo_forum.svg
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 07:26:44 GMT
server
nginx
etag
W/"63578fb4-1554"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
js.cookie.min.js
buhgalter.com.ua/assets/templates/base/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/js.cookie.min.js?1651056762
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:52:42 GMT
server
nginx
etag
W/"6269207a-690"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 01:00:20 GMT
chat2.js
buhgalter.com.ua/assets/templates/base/chat/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/js/chat2.js?1575636222
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 12:43:42 GMT
server
nginx
etag
W/"5dea4cfe-375c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
favorites.js
buhgalter.com.ua/assets/templates/base/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/favorites.js?1549530983
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Thu, 07 Feb 2019 09:16:23 GMT
server
nginx
etag
W/"5c5bf767-140a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
ads_remove_popup.js
buhgalter.com.ua/assets/templates/base/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/ads_remove_popup.js?1551773669
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 08:14:29 GMT
server
nginx
etag
W/"5c7e2fe5-c04"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
analytics.js
buhgalter.com.ua/assets/templates/base/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 13:17:17 GMT
server
nginx
etag
W/"60f186dd-22ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
content_breaker.js
buhgalter.com.ua/assets/templates/base/js/ 		785 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/content_breaker.js?1638465638
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Thu, 02 Dec 2021 17:20:38 GMT
server
nginx
etag
"61a90066-311"
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
785
expires
Wed, 21 Dec 2022 01:00:20 GMT
check_access.js
buhgalter.com.ua/assets/templates/base/js/ 		302 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/check_access.js?1638465374
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Thu, 02 Dec 2021 17:16:14 GMT
server
nginx
etag
"61a8ff5e-12e"
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
302
expires
Wed, 21 Dec 2022 01:00:20 GMT
ads_turn_off.css
buhgalter.com.ua/assets/templates/base/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/ads_turn_off.css?v=20200507
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 11:00:26 GMT
server
nginx
etag
W/"630c9c4a-12ce"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
accounts_manager.js
buhgalter.com.ua/assets/templates/base/js/ 		2 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/accounts_manager.js?v=02022021
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 07:56:35 GMT
server
nginx
etag
W/"600e79b3-609"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
ads_turn_off.js
buhgalter.com.ua/assets/templates/base/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/ads_turn_off.js?1661763183
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 08:53:03 GMT
server
nginx
etag
W/"630c7e6f-b0a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
lw.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/lw.css?1642000502
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Wed, 12 Jan 2022 15:15:02 GMT
server
nginx
etag
W/"61def076-73c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
wrapper_hb_299506_4371.js
player.adtelligent.com/prebid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19333
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Fri, 09 Dec 2022 01:00:20 GMT
date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 14:06:08 GMT
server
nginx
etag
W/"638ca950-6c4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gtm.js
www.googletagmanager.com/ 		205 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9132cdac3ada12f52aec32ca9ca81a344ddfc5edd90152dd24fe800d0f71a049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73290
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Dec 2022 01:00:20 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 23:20:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Dec 2022 01:00:20 GMT
resource_icons_v7.png
buhgalter.com.ua/assets/templates/base/images/accounts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/accounts/resource_icons_v7.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Thu, 17 Jun 2021 10:19:17 GMT
server
nginx
etag
"60cb21a5-f41"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
3905
expires
Wed, 21 Dec 2022 01:00:20 GMT
configs
cdn.gravitec.net/sdk/web/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/sdk/web/configs?appKey=c77ccd81f8480b85adc1e41419254e96
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
x-correlation-id
8da20856fe7a1a9af6c433d25c810802
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-proxy-cache
MISS
hbw_master_299506_4371.js
player.adtelligent.com/prebidlink/19333/ 		128 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19333/hbw_master_299506_4371.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
998eff56c2c74b10481fbf17812d2b47eacb434648846fe0ea08ce4446a74133

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Fri, 09 Dec 2022 01:00:20 GMT
date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 13:03:56 GMT
server
nginx
etag
W/"638f3dbc-1ff58"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hb_299506_4371.js
player.adtelligent.com/prebidlink/19333/ 		348 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
348f440d78c955d6261162ea272a22c2d4ee88a765fdd9e623ace70cad9b8a3b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Fri, 09 Dec 2022 01:00:20 GMT
date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 18:45:39 GMT
server
nginx
etag
W/"6388f653-56f82"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16176fa96e63b9ac53606ebbdfed5cb104c00b6a2df62b6396c5ca6f85967f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
server
sffe
etag
"1414 / 986 of 1000 / last-modified: 1670367953"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Dec 2022 01:00:20 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e59e54512aaee7728062ce39be7f965c605be473d7ffec17e0051e5f5132b7fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 01:00:20 GMT
content-md5
56rZmo861U7LC6/k8efGVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2167
x-fb-rlafr
0
x-fb-debug
4gxRhvTtvbykKa8yuEN/fZwUWynEhfUCXu3SbQgBkuSdmQlGhdAYOhbljfp4ewyQlkBWj77DB+t4dG6liDMzYw==
x-fb-trip-id
1679558926
x-fb-content-md5
e6326e29a5491368cb5ce078f94edab3
cross-origin-opener-policy
same-origin-allow-popups
etag
"bfa410566b8b5d010576491d9b0a7fa4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Wed, 07 Dec 2022 01:00:25 GMT
add
analytics.factor.ua/analytics/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.factor.ua/analytics/add
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.170.82.90 Amsterdam, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
95-170-82-90.colo.transip.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://buhgalter.com.ua
Date
Wed, 07 Dec 2022 01:00:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
Content-Type
text/html; charset=UTF-8
logo_event_n.png
buhgalter.com.ua/assets/templates/base/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/logo_event_n.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Thu, 17 Nov 2022 11:31:17 GMT
server
nginx
etag
"63761b85-25c4"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
9668
expires
Wed, 21 Dec 2022 01:00:20 GMT
z
s.zmctrack.net/ Frame 04F6 		50 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
5b3b8e3e3a0c088dd038373c7b5f534be366352fe9b78e5f22b712206889166a

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23449
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
jsonip.com/ 		148 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsonip.com/?callback=jQuery111107201793768469316_1670374820450&_=1670374820451
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.77.20 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1176-20.members.linode.com
Software
nginx/1.20.2 /
Resource Hash
ac8a889172f4e9af426e4b9801ce55d83303b1db8b2e2e10dcc7a1cdb7bf1800
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:21 GMT
Strict-Transport-Security
max-age=31536000;
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
acceptcookies.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/acceptcookies.css
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 14:51:17 GMT
server
nginx
etag
W/"636283e5-662"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
acceptcookies.js
buhgalter.com.ua/assets/templates/base/js/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/acceptcookies.js?_=1670374820452
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://buhgalter.com.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 14:51:31 GMT
server
nginx
etag
W/"636283f3-ba8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
main.css
buhgalter.com.ua/assets/templates/base/chat/css/ 		849 KB
458 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 10:45:44 GMT
server
nginx
etag
W/"60e585d8-d4267"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
favourites.css
buhgalter.com.ua/assets/templates/base/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/favourites.css?1665487532
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 11:25:32 GMT
server
nginx
etag
W/"634552ac-15ec"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
notyfy_popups.css
buhgalter.com.ua/assets/templates/base/css/ 		3 KB
972 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/notyfy_popups.css?1551775774
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 08:49:34 GMT
server
nginx
etag
W/"5c7e381e-a18"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0H05A4KNJ0VBANDR
age
150970
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YHXWLaHDfC+R6aCI1T7xL4SIkB5b3o8DuiDs/lwMZn4uhnH49bkLZEljyPXABwj96Fy6k8ON+os=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFCFZuZO1lpfhzfVXL2M6xpBqs4iYIv18AoU3BN8cZv5LsHFUmzY2GQ12I7xfJ5hNdKpq6G5smScKXKuvq3w4%2ByngOdIdNQ7QEYD3XGZy9oAUrguwBM51j5K9%2BLlhIwg9VJ9hUb0mvBi9%2F3dE5dO%2FSnT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
775952e5fef823bf-LHR
media.css
buhgalter.com.ua/assets/templates/base/css/ 		121 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 01 Nov 2022 09:07:04 GMT
server
nginx
etag
W/"6360e1b8-1e459"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
subscribe_form.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/subscribe_form.css?1562068831
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 02 Jul 2019 12:00:31 GMT
server
nginx
etag
W/"5d1b475f-656"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
newsinfocus.css
buhgalter.com.ua/assets/templates/base/css/ 		12 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/newsinfocus.css?1629355568
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 06:46:08 GMT
server
nginx
etag
W/"611dfe30-2fc1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/?random=1670374820706&cv=9&fst=1670374820706&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7b66071d9ece404eaba8a4c1cce5c72f364fd55a69edfeee91e9a92d8309e9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
979
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
id.gravitec.net/ Frame ABDE 		621 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://id.gravitec.net/
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=315360000 public
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 01:00:20 GMT
etag
W/"5e9485b6-26d"
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Mon, 13 Apr 2020 15:31:02 GMT
pragma
public
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AZySIRDHuqT/OwfmAA
x-77-nzt-ray
f6587a1d0986e4f9a4e58f63d3efbc32
x-77-pop
frankfurtDE
x-accel-expires
@1970659689
x-age
15075131
x-cache
HIT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35985798-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 23:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5740
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 07 Dec 2022 01:24:40 GMT
/
ghb.adtelligent.com/geo/ 		152 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5fbcc4ff94d56fb37b33e838466308a145e902acc9640acbfc529e7fe88f3d34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:19 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://buhgalter.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
152
tracking
ghb.adtelligent.com/adunit/ 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=299506&site_id=4371&full_page_url=https%3A%2F%2Fbuhgalter.com.ua%2F&adid=cy1gfv.r6&features=147488&vpbv=N104&tte=155&lifecycle_tte=674
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:19 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://buhgalter.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/?random=1670374820753&cv=11&fst=1670374820753&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
180b3da8ed4d31c2240dff16486dc86e92cd6e6f1882f7d77d3958bb3d79c44d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
917
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.google-analytics.com/gtm/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-WMZFGRB
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f37cd2b2de89d388e2f1cc0c9fe2a4934d0001c8eecc873d170889ebb088850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45277
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 07 Dec 2022 01:00:20 GMT
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cd1a87c507363a05a756681ed7d4b4be87b28f34e0fcb08a10f37c4cd151853e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 01:00:20 GMT
content-md5
y8G2MyeWooUnmHGKNe7mNQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
UkGDY/aQxmVOQrlpDvkkc/rs1Z+dft+n3pjwaVv/TgqWeqiJ2L2BDbd1mealXGf0/hjW7AO95oU1cbthOwwkAA==
x-fb-trip-id
1679558926
x-fb-content-md5
41406e026c2e79c37b461c740ec56e34
cross-origin-opener-policy
same-origin-allow-popups
etag
"015b3d0a9b1597e67a44f7f2eef95964"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 01:05:29 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Dec 2022 01:00:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
xg/DDtndtR4xYQJmYQRcnL1SpeluC3pCUfIAjsROShRXEiNqQn5iFJjLACWUkqxHyX5TxzFEXezUyNmQ+2gVQA==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1d7d13b0c59a2d213f302535dc421ba645bc7bda46b5e1cd42e3c1b10806337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76932
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 07 Dec 2022 01:00:20 GMT
truncated
/ 		383 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
ic_video.png
buhgalter.com.ua/assets/templates/base/images/ico-social/ 		424 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/ico-social/ic_video.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Thu, 28 May 2020 12:05:04 GMT
server
nginx
etag
"5ecfa8f0-1a8"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
424
expires
Wed, 21 Dec 2022 01:00:20 GMT
fit_logo_site.svg
buhgalter.com.ua/assets/templates/base/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/fit_logo_site.svg
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 10:17:26 GMT
server
nginx
etag
W/"62dfbf36-12ba"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:20 GMT
truncated
/ 		425 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		468 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		106 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ed8bdd90963f7ea344f9ba4797400b312447b092830bda8d64c3ba59630fc7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		408 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		285 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e54a4e1093719499f227854e31568e062cbb3eb158697d3a4ab56df81450ce6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		312 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33469539b582e93d9b98eecbae3c3cc48965f030aeaad68cc56cbbf20f774923

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		553 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36cdbf0fbe2881ae338731bb348f6f23d5ecea8e5c9a343ca923792268a92afc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Dec 2023 20:32:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		287 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=buhgalter.com.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Wed, 07 Dec 2022 01:00:20 GMT
user.png
buhgalter.com.ua/assets/templates/base/chat/img/ 		631 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/img/user.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Fri, 25 Jan 2019 12:16:54 GMT
server
nginx
etag
"5c4afe36-277"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
631
expires
Wed, 21 Dec 2022 01:00:20 GMT
smyle.png
buhgalter.com.ua/assets/templates/base/chat/img/ 		816 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/img/smyle.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
last-modified
Fri, 25 Jan 2019 12:16:54 GMT
server
nginx
etag
"5c4afe36-330"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
816
expires
Wed, 21 Dec 2022 01:00:20 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0AKTX9ATG5GA2EBS
age
521574
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74288
x-amz-id-2
hEXNe0bcBYD3gMiGX8I2AqxtGi+UYgFp5l1tcI2VAG9LFZPmcz5fQ+5kIuP3hQ14F6VhUbgpSz0=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYBElFMCwEJ%2BQiUasynqHr%2FpqafOw2V1ara3CV1HphfEqoqTylL0tRddeaiWCG%2FwbBXEkLJ45xmFaz4WfTq7MP4yNBK1qqcr7QhDT9N6%2FTMpLp3xMtN2LpRE8fosfYJQCpy2qCiqKjddFrjfsqrPmi4i"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
775952e6bced76f9-LHR
fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8DAPYC5EGH50JZGJ
age
400938
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14872
x-amz-id-2
AbwebDX8VhvtWw7kx3wRppgZ3FZV/SjJwIbsOAL/oT7lyVOokBiZgjWobu75DehiTxnR19cEV8I=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"4b218302f9057d02864d4909661831e9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDJxFSI4MLZDKcQSBzdE1hU3zPYIz60bgg38ededR5s4i9u%2BQvd0dmuu%2BNeFpGhgqtCeJAzaZ7eCfGnQF8u%2Bakm3XKBHsXKnTwl2dGw3GbQiuLs3LLS8SZ5bjkVbkh0%2Fo1J%2BQI73nBdtALlsfF8Bgf7B"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
775952e6bcee76f9-LHR
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1495025544106981&ev=PixelInitialized&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1670374820883
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Dec 2022 01:00:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sdk.js
connect.facebook.net/uk_UA/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=7420b8c237fd7a6d249249053d2a6b5b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba7b79851af42c5659f9092517b84dd8d4619afc89472e66ed171efcf1476a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 01:00:20 GMT
content-md5
Ff13XVLiIiON53RuMimiQw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88534
x-fb-rlafr
0
x-fb-debug
JVMmMm5fuLsgIQ4o4mGxBisiPxRx874JkJToi/IcJIOPY9PAboGAS5WSWxBpzZzGTDS2MNLj62NT5DtY0Jk5iQ==
x-fb-content-md5
de466c05aede0d88871dd22fa889c40b
cross-origin-opener-policy
same-origin-allow-popups
etag
"738d0e69aeb8ec6d2f1ce4175579d753"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 07 Dec 2023 00:11:34 GMT
1495025544106981
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1495025544106981?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb4fafe3d9db67e1d848a6a313fa0148962e92762ec44488667e3c67559e8373
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Dec 2022 01:00:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85976
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
hj2vTT2uFRiYtPTbeUm54xXctFsXE6FMehU4EMkAuIDLJdEK3PU1SuXZAdvTsH/HBz54FSngdNjO7VumVAz75g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6VVQ37Y1T2&gtm=2oebu0&_p=1532101818&_gaz=1&cid=438883282.1670374821&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670374820&sct=1&seg=0&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
338 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6VVQ37Y1T2&cid=438883282.1670374821&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VVQ37Y1T2&cid=438883282.1670374821&gtm=2oebu0&aip=1&z=766106329
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/975200280/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/975200280/?random=1670374820706&cv=9&fst=1670374800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=1963936798&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/975200280/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/975200280/?random=1670374820706&cv=9&fst=1670374800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=1963936798&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/977649145/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/977649145/?random=1670374820753&cv=11&fst=1670374800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=745275288&rmt_tld=0&ipr=y
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/977649145/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/977649145/?random=1670374820753&cv=11&fst=1670374800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=745275288&rmt_tld=1&ipr=y
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1532101818&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDACUABRAAAACAAI~&jid=1065654945&gjid=518140871&cid=438883282.1670374821&tid=UA-35985798-1&_gid=1221761269.1670374821&_r=1&gtm=2oubu0&z=1528540665
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1532101818&t=event&_s=2&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=event2&_u=4CDACUABRAAAACAAI~&jid=&gjid=&cid=438883282.1670374821&tid=UA-35985798-1&_gid=1221761269.1670374821&cd2=%D0%BD%D0%B5%D1%82&gtm=2oubu0&cd1=%D0%BD%D0%B5%D1%82&z=409020686
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80270
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
csyncs
ghb.adtelligent.com/ 		649 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=443991
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2a791587a2bc3c80abc737d0c2def89d8286a444f95b58c9fa96100d6b687c27

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:20 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://buhgalter.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
351
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1532101818&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAACAAI~&jid=1797812468&gjid=1478476360&cid=438883282.1670374821&tid=UA-53572572-5&_gid=1221761269.1670374821&_r=1&gtm=2wgbu0WVLD3W&z=1322543129
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1532101818&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDACUABRAAAACAAI~&jid=735092867&gjid=344875528&cid=438883282.1670374821&tid=UA-35985798-1&_gid=1221761269.1670374821&_r=1&gtm=2wgbu0WVLD3W&z=1818672409
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame 4E58 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 07 Dec 2022 01:00:21 GMT
Server
nginx
Transfer-Encoding
chunked
getuid
eb2.3lift.com/ Frame 2ED0 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hbw_master_299506_4371.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 07 Dec 2022 01:00:21 GMT
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 07 Dec 2022 01:00:21 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c679ac17-aa91-4cd3-b5f9-66c420c339ba
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c679ac17-aa91-4cd3-b5f9-66c420c339ba
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:21 GMT
Server
Adtelligent
Etag
73aa1812c33bf65f
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c679ac17-aa91-4cd3-b5f9-66c420c339ba
date
Wed, 07 Dec 2022 01:00:21 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=ae0679da3c445ee0&d=buhgalter.com.ua
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Dec 2022 01:00:21 GMT
server
openresty
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1264355410382750&ev=fb_page_view&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1670374821106&sw=1600&sh=1200&at=
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Dec 2022 01:00:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53572572-5&cid=438883282.1670374821&jid=1797812468&gjid=1478476360&_gid=1221761269.1670374821&_u=6CDACUABRAAAACAAI~&z=1370573252
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=438883282.1670374821&jid=1065654945&gjid=518140871&_gid=1221761269.1670374821&_u=4CDACUAARAAAACAAI~&z=835300129
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=438883282.1670374821&jid=735092867&gjid=344875528&_gid=1221761269.1670374821&_u=6CDACUABRAAAACAAI~&z=1964208020
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1495025544106981&ev=PageView&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1670374821123&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1670374821122.688115610&it=1670374820910&coo=false&rqm=GET
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Dec 2022 01:00:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
0.bundle.js
cdn.gravitec.net/modules/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/0.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:28 GMT
date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-2550"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
HIT
1.bundle.js
cdn.gravitec.net/modules/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/1.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:29 GMT
date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-8092"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
HIT
config.json
player.adtelligent.com/exchange_rates/299481/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/299481/config.json?cb=https%3A%2F%2Fbuhgalter.com.ua%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bab467f8e8b7ad19c3bd5dfb2f0def7b860609e5c3d978c7aeb1e737071f0a7e

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 09 Dec 2022 01:00:21 GMT
date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 12:01:15 GMT
server
nginx
etag
W/"638ddd8b-8a8"
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
cache-control
max-age=172800
x-proxy-cache
HIT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		690 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171071946666511&correlator=409074258260081&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter-brand-custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=2347397124&didk=1293715577&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1670374821181&lmt=1590667965&dlt=1670374820361&idt=774&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2868&msz=1920x-1&fws=640&ohw=0&ga_vid=438883282.1670374821&ga_sid=1670374821&ga_hid=1532101818&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c21c5ad9d5824d479b87b6012b3bbe894e024a432b5949f334eba9456274468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
355
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		550 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171071946666511&correlator=478276175628301&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=430837318%2CTOTAL_TAS%2CAdtelligent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1413638297&didk=607409652&sfv=1-0-40&prev_scp=tmPtS%3DINSERT_UTM_SOURCE_HERE%26tmPtM%3DINSERT_UTM_MEDIUM_HERE%26tmDmn%3DINSERT_DOMAIN_HERE%26tmClnt%3DAdtelligent%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1670374821190&lmt=1590667965&dlt=1670374820361&idt=774&adxs=0&adys=2869&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2868&msz=1600x0&fws=0&ohw=0&ga_vid=438883282.1670374821&ga_sid=1670374821&ga_hid=1532101818&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b86ba582d3ddecaaa4117fbe19a9a802ed1a34840840f802482da4e038fc225d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
49b0b297964990c651f24ede970312f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1BA8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://49b0b297964990c651f24ede970312f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 01:00:21 GMT
expires
Thu, 07 Dec 2023 01:00:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cdb
bidder.criteo.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.3&cb=50136048830
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ 		343 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55%2C221&gdpr=0&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.3&x_source.tid=98ec8998-3abd-4848-ba65-cef930760d86&l_pb_bid_id=8db3d18d60ba44&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.13131606706067145
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
284ac1118eb00892b11505c1def66c9a7efaca82ab4061138fbc7986898f8acf

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		311 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=1&gdpr=0&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.3&x_source.tid=cb0c0d85-47d7-49e8-9163-b344154878b2&l_pb_bid_id=9b2e42550e55e4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.8295173000654557
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
524326f81e7f81f02155242317ded42944fd8de7cb8d18f90f4a00443f76d7c4

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
311
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		323 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.3&x_source.tid=cc4341ea-f7ba-4f64-84aa-eec3f3479d1b&l_pb_bid_id=10c7e9e15c61d03&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.7638688340271238
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8ef4581d93dce24fe47f764f75653549ab7671e2755f2d9fc65f2765eacc16d6

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
323
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		321 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.3&x_source.tid=3e3894c8-e480-4b4f-a347-caf0798a6413&l_pb_bid_id=11d0ef6b4bc52be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.10007072160420627
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4c2c9ed99fe0af056240fc8210df8a0e901975ee744c26af61c339d3de9d7e09

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
321
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		331 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&gdpr=0&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.3&x_source.tid=d8c4e0c3-7b49-4766-b0a4-e7ad769e4754&l_pb_bid_id=129d503914ad716&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.7875672669847187
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8be6accdf8a8f1814ca00abab6f3df116bd45b4a7977ba8aa6f2e0a6c3a6abd5

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
331
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
ghb.adtelligent.com/v2/auction/ 		3 KB
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c22126e930c2f1594e3342bad7ed45f028e19db638cc663784257cfbb3208ac

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Dec 2022 01:00:20 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://buhgalter.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
368
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f37e28efc62ec92064c5682261592903e2eb14d41fbf7ccfcc22bcd2cba3363d

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0db55c5279ec272d537f907d99d38738a2c277eb6c521b70cd243576c99aed62

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8173e00067&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6c90143dca7a52d4dcaa0dd334ecd1941983be61fe2d728dc36c80a75fcf8815

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
46610c1ebb9865b0d3b9120d7d152a76b89cdc2448fac72398bf9b3b9c288ea7

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d1782f01504b2ce39583de37e27a4c2b9f93d68b7c6502bf34361de93fd83767

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7b8b4d39f4a83830bfb963370ea0c486d06a3e5377cb943d6dad286669cc31ec

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1fcd85a28087afa74555abc6f05e26e7fb9c9b88935f33733dece8210c8cd386

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad8103460074&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ed57ed21ba5b6ac6b6404c6cad8b78e90aefb24a4c983e53f533fb8b378a0067

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad829262007e&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
da6352873b63ae8cef4c71092fe111ed6a2cae8828c4ebc2a0e1c82c50f07af3

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0705aa0398d4e9e1af85e9f6917e1c94c7c5cae34bace6b68b8e4dcfb78cbe79

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
16f969c406d3906de2be944f9ec43ed6a2ef875719e680504ce6e508a2f7cd4a

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
28ddb7a1ad28c26e8975da887f142065c366a14a6fb53f8f8b5258bf4e196296

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4bdb2a68751900783c66cd5e4c76092744face697d522b95bf339aff863c388f

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84e4b00081&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f8789bc808c5435fba66ffdd49c891b95384fd90b13902916bbddd35246f4b47

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2fbbb3b2a181d6bcf119aee8d23493711ed8134b7090eb50748341ffec29c401

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3061f7ba6d1e6ebc3a1811b0d3f0079549f8b5530298a3bd372f89ec8ba9c426

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
42678fcc3eeedad7c2f01e4e553c62a401ebd55d9b97c7a547f0fb2b0104527d

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
12d3a4b8318785587e763b45fbd355f2e3258cbdf6078d14973b3af5bd2ac9f2

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6d3e90dc7e71b77df23993bd88ab23d973a009f9302664ec4b75b28034c8bfe4

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5bc96f972a364508d443ec14fa75a0638840d1bb033b857a9a8e770780b68316

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9911bdc97b551850f0088da3012f5aefb6034133b39250f063b1e3e9d67ca7ff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5cb512c8f371252eb9eb9066fdf7f76769653d8eb9f1ca08f0a4207f6980f0b9

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c729e8c31ecece1e9722abecd5fb296d28fe699274207d3a646912a68ce6bc11

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
60891274115bcc7600471e936222a65da9fd133a7e5a1e2c6bfb70d807b9db4d

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b99b266c06f12dfad6ce326e6f15b80ecc80ae83c8af1c9e0b7d466c55ca262d

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
51e6138c0afa2476bed65cd73ebd386af195837e7667be092385337cd746630d

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3c6716df35523ced98070581a478269afaa1acd929c825c7505aa7b32dcfb1f1

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
881d462cdf45fccb38510b2b7a9a46bbcd3a85431ee8dd8f15b5c6411e164c68

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
868cd24b88e901d5cefcf278766b778b51244abcdda02fd116781b231e0c98f0

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a4ef4c23996faf21eadac4dd8e20acf8050805159686453a2d1deba1f75eba09

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
69a7bd7c1a220df05d294d3594d91d462a1ceff2019fa76dc8709e3c12fe040f

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cb44bbce8d91ec281143180404eda1b5e6539d5cbbde61655ed72153ba60d979

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3fe4a94453b5243a34989ac537e2b23ed646c89801ac2c618df873d5d0c2b5ad

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e54f68d0b118ba2902941c756705336c14c9b9f1aa42868fd079af93f00b53ac

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad851b23006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a82c0e0e6549a49fc0250c43951d4d76248fadab72262f139aed34c42d203874

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f1239959e3eb125d70c2239d27d5ef25210fa6f77a702ebc42f9a2985d07fae0

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Wed, 07 Dec 2022 01:00:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=2&alt_size_ids=55%2C221&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.3&x_source.tid=98ec8998-3abd-4848-ba65-cef930760d86&l_pb_bid_id=67a2c388660365c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.7592247810040942
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f74207976bf384f4bf7e4528b635c9112145d607f0df8f185c2df386f8f13693

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		310 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=1&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.3&x_source.tid=cb0c0d85-47d7-49e8-9163-b344154878b2&l_pb_bid_id=680073b6a024408&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.9550218580966867
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c2132e178b2e359d93dc52fed82e07d29c42d005b508eb0cde29b76b56089959

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
310
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		342 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.3&x_source.tid=cc4341ea-f7ba-4f64-84aa-eec3f3479d1b&l_pb_bid_id=699799ac6a5387e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.3925505068016997
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4d8c4b6476a1b96222dab4d07d598327fa29fadd4b0beb89c1eed5fdc0119821

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
342
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		340 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.3&x_source.tid=3e3894c8-e480-4b4f-a347-caf0798a6413&l_pb_bid_id=70502f418f8a212&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.4869354873189493
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0bdca1917ff937ea7ded434e526e6aa3310df898475ae64f6f8554cd1e02d53c

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
340
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		330 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=858925cf-e801-4d3b-b016-145cf68b74db%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.3&x_source.tid=d8c4e0c3-7b49-4766-b0a4-e7ad769e4754&l_pb_bid_id=71281ebfdf5063e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.8865716430294339
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2efbe539d96b9a15fe95a4ebb62347a087d638a8cb6c65ee5f3c33bbd3cead8d

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
330
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
s.seedtag.com/c/hb/ 		88 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b8fd7dd4105ce1ed396f303763969895138f914f8a96914107f5f0423881eba

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"58-/hSBaI8EP6Zq6lRnBN3lI05bllY"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ROS
pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.4885872677289891&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.4885872677289891&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250...
581 B
996 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.4885872677289891&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.3&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=858925cf-e801-4d3b-b016-145cf68b74db
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
52e5aa30fbcd4f762fd828571b6d91b0ac214112c4c7cea30d137f4aef3c521a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 07 Dec 2022 01:00:21 GMT
date
Wed, 07 Dec 2022 01:00:21 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://buhgalter.com.ua
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
581
x-sid
AMS-936

Redirect headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.4885872677289891&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.3&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=858925cf-e801-4d3b-b016-145cf68b74db
access-control-allow-origin
https://buhgalter.com.ua
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-936
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Wed, 07 Dec 2022 01:00:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.114.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-114-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b93d96455a57ca6056fd282fb8a4da363a892afe392fe22df308451eb9958e30

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Wed, 07 Dec 2022 01:00:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
prebid
prebid.media.net/rtb/ 		1 KB
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7091bec1968137ca263cbdb528018b083c157597b40cf211f1014fc37e567f78

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://buhgalter.com.ua
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 07 Dec 2022 01:00:21 GMT
cygnus
htlb.casalemedia.com/ 		37 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2297ccdd671545967%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.3%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2299aba175eb7cd0f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner%22%7D%7D%2C%7B%22id%22%3A%22102a9cc2fb17f1da%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A620%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22620x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom%22%7D%7D%2C%7B%22id%22%3A%22108988b111a2f197%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner%22%7D%7D%2C%7B%22id%22%3A%221139f1de982609db%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner%22%7D%7D%2C%7B%22id%22%3A%221144f4048d72b5a2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22858925cf-e801-4d3b-b016-145cf68b74db%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25e78b7c1e28e4040abb2c4a64e6cfbe915ea6e1c5415fecf0c18023f8f906e

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw7smtAY1hElPx7EH4y302%2F64L%2FclE7G2DXA1e6nM1Rw9nrqCCxhboOIotYd04YZyJYSO2lQZ8J4YNS5k%2F3MCKy34Y5Q%2BPkmdlUYxZOWdrBc2dFCOd%2F6vSeLrpZC%2B0h7157T1Cki"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
775952e97e2735bf-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=438883282.1670374821&jid=1797812468&_u=6CDACUABRAAAACAAI~&z=990670181
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=438883282.1670374821&jid=1797812468&_u=6CDACUABRAAAACAAI~&z=990670181
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=438883282.1670374821&jid=1065654945&_u=4CDACUAARAAAACAAI~&z=2114563233
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=438883282.1670374821&jid=1065654945&_u=4CDACUAARAAAACAAI~&z=2114563233
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=438883282.1670374821&jid=735092867&_u=6CDACUABRAAAACAAI~&z=1368364071
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=438883282.1670374821&jid=735092867&_u=6CDACUABRAAAACAAI~&z=1368364071
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
z
s.zmctrack.net/ Frame A353 		102 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
fd4a7d9e79f6de06f8a424472e6e78094797c9e1431364547686b593648dd7d2

Request headers

Content-language
eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7Q2XG9CDDDSBG21W
age
580186
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79100
x-amz-id-2
JNmD2+8ef3cwuShohViKLP8eRjhXxXkmc874Y4kn7D43KIzyKLmvy76DvG63XI+G+Q0wX3Qgj+s=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICzBXNi43JwqM5m3wsMNJey1Er2289vQTUz6UUo4ge9UGHVfLFxx%2Fo17hze6wKdJPh3YRfBKMjYDfXAIOsJ1SYf2JZN3VKPZnSBDOUm2T7fGbzpv4QuQSXt02QPG5R3pMjZyP9%2BzeSJ1O%2Bbb4HF9Aa0C"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
775952ea191176f9-LHR
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		36 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		489 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1000 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
arr.png
buhgalter.com.ua/assets/templates/base/chat/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/img/arr.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
last-modified
Tue, 13 Dec 2016 08:59:45 GMT
server
nginx
etag
"584fb881-490"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
1168
expires
Wed, 21 Dec 2022 01:00:21 GMT
truncated
/ 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 20:10:25 GMT
x-content-type-options
nosniff
age
535796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 20:10:25 GMT
/
www.facebook.com/tr/ Frame 24CD 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://buhgalter.com.ua
Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://buhgalter.com.ua
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 01:00:21 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171071946666511&correlator=1437204824192482&eid=44714449&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter.com.ua_top_banner%2Cbuhgalter.com.ua_bottom%2Cbuhgalter.com.ua_right_banner%2Cbuhgalter.com.ua_left_banner%2Cbuhgalter_catfish_banner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C728x90%7C1x1%2C468x60%7C610x90%7C620x90%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C970x90%7C1420x90%7C1420x180&ifi=3&adks=1472868681%2C377900176%2C2541184592%2C2347727364%2C3757304322&didk=2486344417~4277630285~2963346524~3126075531~1899677630&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Db31859e66a242a71%3AT%3D1670374821%3AS%3DALNI_MZtfBla4AGDGX9sGhhhBdQpFIGuZQ&gpic=UID%3D00000b8eb2fe1976%3AT%3D1670374821%3ART%3D1670374821%3AS%3DALNI_MY5FJwusAiJjrKoowVQrH8Wt9WNOQ&abxe=1&dt=1670374821766&lmt=1590667965&dlt=1670374820361&idt=774&adxs=315%2C500%2C1160%2C210%2C0&adys=40%2C2573%2C898%2C1393%2C1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C0%7C3%7C4&ucis=3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&msz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=438883282.1670374821&ga_sid=1670374821&ga_hid=1532101818&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caee5884e1032920765f7c0f56a9695ed2a69db24ca2f08db4d50c62055971c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cup_coffee.svg
buhgalter.com.ua/assets/templates/base/images/paywall/ 		113 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/paywall/cup_coffee.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
a4991d87ebaea362f7b779eb0e62f6664d2b0bfb83aada173b6dbdc6ed587a7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 07:46:47 GMT
server
nginx
etag
W/"60487967-1c399"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, public, no-transform
expires
Wed, 21 Dec 2022 01:00:21 GMT
ic-pay-access.png
buhgalter.com.ua/assets/templates/base/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/ic-pay-access.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
b6802ed3c9a13e4e0c4be93749ab1ffdfbf488638b05ed7e18ad3896b1a1748e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:21 GMT
last-modified
Fri, 29 Jan 2021 11:15:23 GMT
server
nginx
etag
"6013ee4b-841"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
2113
expires
Wed, 21 Dec 2022 01:00:21 GMT
group.php
www.facebook.com/v3.2/plugins/ Frame AE18 		44 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=7420b8c237fd7a6d249249053d2a6b5b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a1d0f1d83693148437d51c2ea2a6355b35c821ec5448a1ebc266b4fec3575ed
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Wed, 07 Dec 2022 01:00:21 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v15.0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
N8qyZ7ebMZfHU1uCggRXYS3Ks5kNje+L8pMt3yh6dEQYe3t6HSCNbAVWyxqlEh2vEcHv6yfrqe+i6+B00vx7kw==
x-fb-rlafr
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8a8ddb5f34056b73765e34c52df2f4073e1a535a83955714f34a5a809556ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11207
x-xss-protection
0
info
reactive.factor.ua/buhgalter911_chat/ 		78 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reactive.factor.ua/buhgalter911_chat/info
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.131.40 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-131-40.colo.transip.net
Software
nginx /
Resource Hash
56cdf9b2dbd724cfa878c8ce703ab7be7d13bc909b5907bdf5a88bdfa495ce96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:21 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://buhgalter.com.ua
Cache-Control
no-store, no-cache, no-transform, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
g6FXtKkzhsS.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame AE18 		826 B
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/g6FXtKkzhsS.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2625f168921e25e175a1eb02f6c077b322efd6379d492ebad72f0622613b8eb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b8ZN+EQ8B3eAWJT5BPATbg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
356
x-fb-rlafr
0
x-fb-debug
ISOvoK57m22zxpX5iw0ue4uVf3/7BIaRbvsZQH9qmmdP7j3WwVUQiKqNj8QsyFYuQcGBFvNDcJYhMjOjaYeZ6Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 02 Dec 2023 10:22:04 GMT
I1xmiRc1DrH.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame AE18 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/I1xmiRc1DrH.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a38f5df8d7773d1cd78df5952835ce698d0f651d47f6cf1f760966ea509335e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rJNPIXIZ5phJIf0aK4v3ug==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5039
x-fb-rlafr
0
x-fb-debug
9Wvm8+epu190CU2fPuw33FUmbNGFgr1h10HEDvCM4wS0xljK3+YGb3JPF02FPQ43ruvPsZ7YKIZ/u/EyL77AEw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 06 Dec 2023 23:29:11 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame AE18 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
w/02jxzRLxhsVwz3rto+H+VTO086ObNcUpTlI/O+z8XAQzXseWaMO/RINwkuwJA3EKX/fKDnRHPiYEXsFbKG1g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 02 Dec 2023 04:46:13 GMT
jbqpmJeUC4p.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ Frame AE18 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/jbqpmJeUC4p.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b1bbf85c567d0bf5454333c88937668ee6fa2382e3453873a071b82a036e98e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L/QM+fsTE1sPePN/AJxhzg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3268
x-fb-rlafr
0
x-fb-debug
pKGCTtrnlhIZBQ6KfKRhLxtCxIjWZgImATNKx9PQB3HALyCslQBxRcIWMs1m65vc2ya7YNNZc7BDU3+km4hTAw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 02 Dec 2023 22:05:15 GMT
Q2MAjnh55uk.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame AE18 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/Q2MAjnh55uk.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e86f7b25b83ece6379a4dd715545583806705d952755e7636667c850de9db460
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nkjBlrDToti5uTxOYFQ0ag==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2615
x-fb-rlafr
0
x-fb-debug
wYQjBDw4lOKxQ41KvDnqUWBqcht4WeA39OKvfGfhlCD31b+oZ8v/Rv+UuAjAeWVfQoxPL1ZaVykj+YqzgaWUtg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 02 Dec 2023 09:15:44 GMT
03JpHyHdzHe.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame AE18 		304 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/03JpHyHdzHe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f1438d6eb0653cb8ca10a2d32ff0a25c8715fd0cd66f5ad04b8ccca71bac847d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4ATJBh2CwluT788zidiesg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82178
x-fb-rlafr
0
x-fb-debug
3iXRaRNNkD591DwLUH7do5WqDz+Ikjw5i/Maoc7qLsovdPHfblrSLjwfBeDviY4hDL+xZwcPoVkMhjjuMlwOzw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 06 Dec 2023 23:29:11 GMT
att8vh4fKZW.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame AE18 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb3c7dcaabfe03ac2d7d3c41bb630dd73587b3f119962c536377e502e47f5df4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PuxemhG6faOg+M0K+LS9yw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1847
x-fb-rlafr
0
x-fb-debug
MJbq71acPQoqOxT4A40XVPn10yZWo4KOKcVXDIhrLkmH/EZpVshXe4chfPjosYRXVc1wocy37uNVhNVioNqZdQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 02 Dec 2023 05:29:30 GMT
8LoDHCcRMmF.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame AE18 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GtFa/ANPMQQnyBsHWWA6Kw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12334
x-fb-rlafr
0
x-fb-debug
9SCd2Pk+E/edV1Y85onZZ/bSn2vWqmV4KjBdbL1wXffpFUKb3LoYfyYFsY/cxnd0ew6iQOme3hZodDn7KJkpUw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 02 Dec 2023 04:23:33 GMT
bPhRbIw5d4Y.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame AE18 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yS75TjCi3ZRz/Z/lM0crcw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16232
x-fb-rlafr
0
x-fb-debug
sRzQRaTIbM1wOlQKuA5Kfx+oszmz++xyNAaB7Pi4Z3uXP8N9irAHzdI8VLHD1DTMw4EzNhuySTn7Y1ycf8+dpA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 02 Dec 2023 07:34:35 GMT
F8LQ5-eKZbo.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame AE18 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/F8LQ5-eKZbo.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
375869b0de81c6e3af30325ee0289b01e70554d5139eca722f1bff4fdff83c45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mEyEC6v+iKx/kGPV1WZKKQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1091
x-fb-rlafr
0
x-fb-debug
S36p7gKrJwAxUHlX/ZEFrTmndRhpubfJ6Ie5003F6k3dG9nBAEkpUhlaCh+tqnfu7n7lAAo8NIrL4LUGWUykNw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 02 Dec 2023 10:22:04 GMT
201217635_5654539184618609_2513873357703081699_n.jpg
scontent-fra5-2.xx.fbcdn.net/v/t1.6435-9/ Frame AE18 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra5-2.xx.fbcdn.net/v/t1.6435-9/201217635_5654539184618609_2513873357703081699_n.jpg?stp=dst-jpg_p130x130&_nc_cat=107&ccb=1-7&_nc_sid=ac9ee4&_nc_ohc=YSOWPfjmWLcAX-QksbW&_nc_ht=scontent-fra5-2.xx&edm=AJ9j6YYEAAAA&oh=00_AfBfIKnFaRDs1JtE_b7uO1Q7ycSuUZQ_WrmiPcOvYYMsEg&oe=63B744FF
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd25cc1b2f9d94%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff3b06ee0bc7ad%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dadc342d66fe74c55e27087590362734cad1eb09b0b788032e47a8211252f99c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum
3724070233
date
Wed, 07 Dec 2022 01:00:22 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 16 Jun 2021 06:42:07 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2148807180
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1476050430
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
7797
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Dec 2022 01:00:22 GMT
LJGwBQWnf37.png
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame AE18 		430 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/LJGwBQWnf37.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/g6FXtKkzhsS.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ecee9fa46611c97add225970dbb6dd2ea6e56f0a8e38ace8a027a9f11f8c13c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/g6FXtKkzhsS.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
x-content-type-options
nosniff
content-md5
p1DhaYJ4UVT/34CnSlhy2A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
430
x-fb-rlafr
0
x-fb-debug
J7ovYTuGpxx3wE/NzZivwkhYoNCf3VL4FBJo9Lk5H7zrfb0vbIRv8KFo0aLPV/24CH9+Ka87f4BT1XN0L7lmzQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 02 Dec 2023 10:22:09 GMT
sdLyto6-v_-.js
static.xx.fbcdn.net/rsrc.php/v3il1s4/y5/l/uk_UA/ Frame AE18 		84 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3il1s4/y5/l/uk_UA/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/03JpHyHdzHe.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bfca2b7e4dde2a06a420b0c767bc8a003e2400efe8df6cf7e05748944f2d86a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9J9ii1Hw2I0+bCTH8grB1Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23539
x-fb-rlafr
0
x-fb-debug
8ssFoU0VDrtNXPWiLsWLAudonKiUeuE3UHwnBbu4Wp0KfWmT8UilkuhDtpYYWlVSwl+66q5MGu0sUMi3WoNhGg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 05 Dec 2023 20:40:17 GMT
JYOpIVwZVr3.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame AE18 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/03JpHyHdzHe.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2ca33864034e9249b711caf35f10c615d64a1a7b1fae36c96e150c502d5df2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cs6E+MUBORUaIL9UceJpVQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7183
x-fb-rlafr
0
x-fb-debug
7mmZ8fPRAjwBL8f785an2F8HDhPUsEquL4PrIGC9uehMj9J8cYbEl+WDNEoG73Hu8j4nRe3CKpVNn0PNZoOZQg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 02 Dec 2023 07:34:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BA3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
11561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 21:47:41 GMT
expires
Wed, 06 Dec 2023 21:47:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 69A0 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
27641e871c60fe286033c24ad42b0a70fb96c5ae59c06f776b9ea6d982cf17af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IrXVw0zVc_79Q9Tch-EqlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-IrXVw0zVc_79Q9Tch-EqlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 01:00:22 GMT
expires
Wed, 07 Dec 2022 01:00:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 69A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=1171071946666511&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
pagead2.googlesyndication.com/bg/ Frame 9BA3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 13:18:11 GMT
generate_204
tpc.googlesyndication.com/ Frame 9BA3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hjU8ug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
multitracking
ghb.adtelligent.com/adunit/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://buhgalter.com.ua
Date
Wed, 07 Dec 2022 01:00:21 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Dec 2022 01:00:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=1171071946666511&bg=!ZGelZyPNAAa7eOFIm3g7ACkAdvg8Wn4CDRL023387v5dtafdukPUHJeNH_5of9j0u7DVCYsV0VMP_wIAAABPUgAAAARoAQeZAqiZv6TZCgtLy6mQblgzlMKoOW-MeFPEmsxVHIS0e2gv6kYxi9SjeShu8SSlgZ4cQ_dMdyZ6UQJc1klwtcEX2gFmoGc01fF3812cjUD3mygU-NCIrfDedqE1Pr7XD8ZhuozILXaReKjtu7dYhdxFEDJru3wfA459oN15zFsTW8UoWlh11SmXpFODQ6zYysoRqb9VTWDWvIHX5todwbtBi2McA8AstvRQBgN6cnYgih71obl2Ia4c7XWqKI1QVtpOITL8YfM3nNMeSW0GVVnJ9icLLYG3eC3jVzUPaVXF_wpFCsLDoYKh-pRz4tWbsiZ0RGZOBP24hR0jgwLpobbCNOl8UnCYTzM-L-uw4JCSnPd36ZgY5pgL2Syyf_zvr6kvZCKuPyUAjHHgyUUhlKpdFx0w6xSebGfO56FliaiuKWNFn9K75ru8eTTx9BfS2a_X63wtxC1BP_dui-HxiKLnxtbiI1DFdkcmdDFjz5nT8ZAG1f47kMOIs5R4Z8rNzH4DDCfI_TtHQLN_eLiRc5kvVWh-Qyy8LtRmEiEzyf3qExljgt2OCgWDqT9YG_G9sKorjFgp8qVaN4IBSNvT0Hs6Ic1I2MFhBPS0IGr-5m0WeD-gtdgEExG6uUkLKj-Alcjn7JRzZAllUn13VZtpPfsSzAYlPXtCVJdp9Z0uTeVf37C1rCGIC10wyHNm_8csWAzqM2itKCQN26ijGY-nvaq_ivAW4wPUZl8_W-hu-J01BmYiEZes_xFVQyqcgG_mdtBdHwWrk-hPzXP8h3kR29Xjhg2nOeK-KC9eTdw7QxsgfR1G31M8z7y3OWa5e_B-eunCdW40kjmJkqDYJhE-h8xiJPL8aO-3gPckjGEobTvw2OpdHGV7JCCQWj0AvMphp9RnJCYH6kR-p1ZTNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame A8C7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=buhgalter.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 01:00:23 GMT
server
Kestrel
server-processing-duration-in-ticks
706802
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Dec 2022 01:00:23 GMT
sid
mug.criteo.com/ Frame A8C7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=buhgalter.com.ua&sn=ChromeSyncframe&so=0&topUrl=buhgalter.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=qzaR4Hw1NGNXbFRadUEwc3RoRnEydnRXUVJvUUptYXpIWEVGNFBVSlBndE0wUWtuRlNnS0VuU1FjWEIvbnM1VENnMXV4eTF3YjVZeTI2RlBZZUZCTFQ1UGd2SEVuZGtEVTFkVmpTQlJOTkRVYkZUdmdBcXlvSkZzdzk5Uk...
455 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qzaR4Hw1NGNXbFRadUEwc3RoRnEydnRXUVJvUUptYXpIWEVGNFBVSlBndE0wUWtuRlNnS0VuU1FjWEIvbnM1VENnMXV4eTF3YjVZeTI2RlBZZUZCTFQ1UGd2SEVuZGtEVTFkVmpTQlJOTkRVYkZUdmdBcXlvSkZzdzk5UkVFbTJMM1hTdHhzSEJ3MVVPOHQ5Qmw2WjhibWJpN2ZDb05UZzQ0Rk1xSkVPSW5DUWlRbjg4QmpDOWR6UXhFdUg4cjdnZG5GeEJCMW5DYmdGamlZMEk0VW9CUytHMTZ0U3dmZS9YWW1kUVZ0OGJZSlZhZzM4Sy9CalNBaFc0YjFEU0tpakxoQnJJQ2Fod1FoemFxbkRxWUR1b1NpTWdIZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e395abd09152184bedbd2e51489b74abcd09a6dfc87c478c76f999ecc29b3cf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2159448
expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qzaR4Hw1NGNXbFRadUEwc3RoRnEydnRXUVJvUUptYXpIWEVGNFBVSlBndE0wUWtuRlNnS0VuU1FjWEIvbnM1VENnMXV4eTF3YjVZeTI2RlBZZUZCTFQ1UGd2SEVuZGtEVTFkVmpTQlJOTkRVYkZUdmdBcXlvSkZzdzk5UkVFbTJMM1hTdHhzSEJ3MVVPOHQ5Qmw2WjhibWJpN2ZDb05UZzQ0Rk1xSkVPSW5DUWlRbjg4QmpDOWR6UXhFdUg4cjdnZG5GeEJCMW5DYmdGamlZMEk0VW9CUytHMTZ0U3dmZS9YWW1kUVZ0OGJZSlZhZzM4Sy9CalNBaFc0YjFEU0tpakxoQnJJQ2Fod1FoemFxbkRxWUR1b1NpTWdIZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
509937
content-length
0
expires
0
lato.woff2
cdn.gravitec.net/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/lato.woff2
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:30 GMT
date
Wed, 07 Dec 2022 01:00:24 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-36dc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
content-length
14044
x-proxy-cache
HIT
sourcesanspro.woff2
cdn.gravitec.net/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:30 GMT
date
Wed, 07 Dec 2022 01:00:24 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-1e44"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
content-length
7748
x-proxy-cache
REVALIDATED
266733644.jpeg
cdn.gravitec.net/images/users/1641839148018958336/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gravitec.net/images/users/1641839148018958336/266733644.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cd27dc3c0cc40b5e5691a2317a7a03e4189fa6d32becac6f390a0dceccb80205

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 07 Dec 2022 01:00:24 GMT
last-modified
Tue, 15 Jun 2021 13:39:31 GMT
server
nginx
etag
"60c8ad93-2343"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
9027
x-proxy-cache
HIT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://buhgalter.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 07 Dec 2022 01:00:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
452176
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=TjBNBXxNZ2htS3hhTGVYa1NRRi85YlZFYjJwZkJIWFQ2N3hEaUcxRVlla2VsZEdvY0s1Qm1zMDJqck1GRERrTnZwSlJtemhHWHE2dGhWV3VaWnhROEREYnZVYk5YUjhlYy85dEFVZGdzUVI5TkFIaUU2RG5uUSttTm84Mk...
455 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TjBNBXxNZ2htS3hhTGVYa1NRRi85YlZFYjJwZkJIWFQ2N3hEaUcxRVlla2VsZEdvY0s1Qm1zMDJqck1GRERrTnZwSlJtemhHWHE2dGhWV3VaWnhROEREYnZVYk5YUjhlYy85dEFVZGdzUVI5TkFIaUU2RG5uUSttTm84MkVmSWFwNkR0VXlUMjZwZDA0M0lCNkE5SWl2TEl6T1VySGI3SkdtMHVOb0xtWWRJU2Rud2E4YU9MMUJFc1NwTVR4SE9BSklWOWdrUjBRRU4rdGNDYm9JWVg3a2ovcVJXb3Q3bU5KdXhUM3hDdnNwdTFCUkJWbXA2ZkdZSUVKSHNkSnNaaXptaFVRRHBGbkF1NlVnZzIzWlRzWDhvQTY3UT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a92626168eef3cf1c67f45b5d03c9c1389cb50f1999c1c0193fbdd606f6a663d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1517823
expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=TjBNBXxNZ2htS3hhTGVYa1NRRi85YlZFYjJwZkJIWFQ2N3hEaUcxRVlla2VsZEdvY0s1Qm1zMDJqck1GRERrTnZwSlJtemhHWHE2dGhWV3VaWnhROEREYnZVYk5YUjhlYy85dEFVZGdzUVI5TkFIaUU2RG5uUSttTm84MkVmSWFwNkR0VXlUMjZwZDA0M0lCNkE5SWl2TEl6T1VySGI3SkdtMHVOb0xtWWRJU2Rud2E4YU9MMUJFc1NwTVR4SE9BSklWOWdrUjBRRU4rdGNDYm9JWVg3a2ovcVJXb3Q3bU5KdXhUM3hDdnNwdTFCUkJWbXA2ZkdZSUVKSHNkSnNaaXptaFVRRHBGbkF1NlVnZzIzWlRzWDhvQTY3UT09fA&cppv=2
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
597699
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Wed, 07 Dec 2022 01:00:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 29C9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=134718
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 01:00:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 08 Dec 2022 14:25:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7E7A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Dec 2022 01:00:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cs.html
cs.seedtag.com/ Frame FD88 		50 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.132.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62533bce9accb17502e412cdef6558ac7375e50e1b6fc089f56606c0b6484a0d

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
271
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
775952ff5cb3d214-MAN
content-encoding
br
content-type
text/html
date
Wed, 07 Dec 2022 01:00:24 GMT
etag
W/"070f12ccb828f0086664e3a8a79da837"
expires
Thu, 08 Dec 2022 01:00:24 GMT
last-modified
Tue, 29 Nov 2022 10:41:06 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1669718466035149
x-goog-hash
crc32c=ot0TbQ== md5=Bw8SzLgo8AhmZOOop52oNw==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15213
x-guploader-uploadid
ADPycdt_SQ8FjVgg4hhWFyIVdf_qOcR_hHyEWsDV8i29SzAFrv5PM_qCM6oIEd2K2S1wTacgK9FmfAZ3FOlWNGphdVYmWg
/
spl.zeotap.com/ Frame F2D9 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9533053b63907f1ba16c298c209b5098b0d620219429f9567302c6d1bc53b2b9

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://buhgalter.com.ua
cf-cache-status
DYNAMIC
cf-ray
775952ff7c0b23d2-LHR
content-encoding
br
content-type
text/html
date
Wed, 07 Dec 2022 01:00:24 GMT
server
cloudflare
vary
Origin
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 91F4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
909
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
775952ff6cc9d214-MAN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 01:00:24 GMT
expires
Wed, 07 Dec 2022 05:00:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 2650 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ad9ca7a448f744531777d57cf4565a5ffc47603bfa635125ef9f7e08ab3fc64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8184
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 01:00:24 GMT
expires
Fri, 09 Dec 2022 01:00:24 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=104318fa-8f73-4d1d-bf62-04e2c2d939dd
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=104318fa-8f73-4d1d-bf62-04e2c2d939dd
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=abd0edc0-eabd-4d26-8383-354fafecdfda&ssp=themediagrid&expires=30&user_group=5&bsw_param=104318fa-8f73-4d1d-bf62-04e2c2d939dd
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=4&user_id=abd0edc0-eabd-4d26-8383-354fafecdfda&ssp=themediagrid&expires=30&user_group=5&bsw_param=104318fa-8f73-4d1d-bf62-04e2c2d939dd
Protocol
H2
Server
35.157.180.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-180-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=4&user_id=abd0edc0-eabd-4d26-8383-354fafecdfda&ssp=themediagrid&expires=30&user_group=5&bsw_param=104318fa-8f73-4d1d-bf62-04e2c2d939dd
Date
Wed, 07 Dec 2022 01:00:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c679ac17-aa91-4cd3-b5f9-66c420c339ba
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c679ac17-aa91-4cd3-b5f9-66c420c339ba
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:24 GMT
Server
Adtelligent
Etag
73aa1812c33bf65f
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c679ac17-aa91-4cd3-b5f9-66c420c339ba
date
Wed, 07 Dec 2022 01:00:24 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
5721c66368d87f9d019bb754b185e084eee9b1c4c10d9a209be599da7051adcc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Wed, 07 Dec 2022 01:00:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
getuid
ib.adnxs.com/ Frame F2D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame F2D9 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=744282d9-2fa5-4e68-8caf-87cfa330b8be&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=744282d9-2fa5-4e68-8caf-87cfa330b8be&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77595301ae1223d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=744282d9-2fa5-4e68-8caf-87cfa330b8be&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame F2D9 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame F2D9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad49c-e251-4789-46a6-3ee7cfc00f11%26reqId%3Dca0cf672-743d-4c19-62bf-bd833f176204%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame F2D9 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1670374825.105085,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4260-LON
u
dmp.v.fwmrm.net/ad/ Frame F2D9 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:82a0:df8e:67ea:6e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf6...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953016dd723d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
date
Wed, 07 Dec 2022 01:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=65999cd0-7a38-482c-a630-a03e4ba1e4b2&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=65999cd0-7a38-482c-a630-a03e4ba1e4b2&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953026e9b23d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=65999cd0-7a38-482c-a630-a03e4ba1e4b2&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=19507286425610026150227966955575629655&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=19507286425610026150227966955575629655&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953022e5e23d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
tfq1x7YvSqQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=19507286425610026150227966955575629655&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame F2D9 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7174205245442095257&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7174205245442095257&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953021e5c23d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7174205245442095257&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame F2D9 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=mPStCyrgmZOPr1eU2CbEO.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=mPStCyrgmZOPr1eU2CbEO.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77595302cf0423d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
last-modified
Wed, 07 Dec 2022 01:00:25 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=mPStCyrgmZOPr1eU2CbEO.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953024e8523d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:24 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tpid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame F2D9 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.92.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-92-250.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.130
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-pSChlvdE2oqOBPcHGBJ3CJL3B3wx1VaVqA--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-pSChlvdE2oqOBPcHGBJ3CJL3B3wx1VaVqA--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953037fa923d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-pSChlvdE2oqOBPcHGBJ3CJL3B3wx1VaVqA--~A&zpartnerid=570&env=mWeb
date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=tZwRcsfmRDsC8xjc597RFNfC042Rz5io%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=tZwRcsfmRDsC8xjc597RFNfC042Rz5io%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953037fa723d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=tZwRcsfmRDsC8xjc597RFNfC042Rz5io%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame F2D9 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame F2D9 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.96.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-96-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n015-dub-prod.krxd.net
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=69 t=1670374825
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame F2D9 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Wed, 07 Dec 2022 01:00:25 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4-lqQACForG0AAp&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd8...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4-lqQACForG0AAp&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361&_test=Y4-lqQACForG0AAp
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953039fc123d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-lcy-eglc8600033-LCY
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670374826.501968,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4-lqQACForG0AAp&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361&_test=Y4-lqQACForG0AAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-74...
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.6ef5b87e-22f9-4ea8-a48d-912da4ddbc25&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.6ef5b87e-22f9-4ea8-a48d-912da4ddbc25&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953038fbc23d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.6ef5b87e-22f9-4ea8-a48d-912da4ddbc25&zdid=1361
cache-control
must-revalidate, no-store, no-cache
content-length
0
x-amz-cf-id
UyOMWFRSb-sJCvFFQAMO8xhREDIHmhI5MvY1O4XGhuWj9zjyLsH4tw==
expires
-1
usermatch.gif
beacon.krxd.net/ Frame F2D9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f17...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.72.96.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-96-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n003-dub-prod.krxd.net
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1670374825
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
date
Wed, 07 Dec 2022 01:00:25 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a017-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame F2D9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GNQW4Y040F3AGKESK15Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3X9A9HSZ3QD8DNTYAGQ6
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame F2D9 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.79 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1d3ad...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77595303cfee23d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
date
Wed, 07 Dec 2022 01:00:25 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc0...
  • https://mwzeom.zeotap.com/mw?cid=LBCY1H06-28-M04H&env=mWeb&zpartnerid=1770&gdpr=0
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LBCY1H06-28-M04H&env=mWeb&zpartnerid=1770&gdpr=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77595304082723d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LBCY1H06-28-M04H&env=mWeb&zpartnerid=1770&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame F2D9
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=104318fa-8f73-4d1d-bf62-04e2c2d939dd&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e25...
95 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=104318fa-8f73-4d1d-bf62-04e2c2d939dd&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77595300cd6023d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=104318fa-8f73-4d1d-bf62-04e2c2d939dd&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame F2D9 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
775953036f9923d2-LHR
access-control-allow-headers
*
content-length
95
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TjBNBXxNZ2htS3hhTGVYa1NRRi85YlZFYjJwZkJIWFQ2N3hEaUcxRVlla2VsZEdvY0s1Qm1zMDJqck1GRERrTnZwSlJtemhHWHE2dGhWV3VaWnhROEREYnZVYk5YUjhlYy85dEFVZGdzUVI5TkFIaUU2RG5uUSttTm84MkVmSWFwNkR0VXlUMjZwZDA0M0lCNkE5SWl2TEl6T1VySGI3SkdtMHVOb0xtWWRJU2Rud2E4YU9MMUJFc1NwTVR4SE9BSklWOWdrUjBRRU4rdGNDYm9JWVg3a2ovcVJXb3Q3bU5KdXhUM3hDdnNwdTFCUkJWbXA2ZkdZSUVKSHNkSnNaaXptaFVRRHBGbkF1NlVnZzIzWlRzWDhvQTY3UT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 07 Dec 2022 01:00:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
498365
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame B274
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc9e466f4e206d76c04edfae5cb587c0b1d419461832a6622a35ea1bddf8c8d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7759530159f80765-MAN
content-encoding
br
content-type
text/html
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqXokD3xqToDcyujAgHShsstKrTLRNd%2BuWqBkC7V0yk3YGjhNimuBsILmNEmX7TIfKljHzw3ePFh2kIAEqiv1OevepPA5ZmP0XQKLLz4ph%2BIE7fuA85UiS31tSsdnXAWViXWK01ukWlLUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77595300bd9fe5a7-MAN
content-length
0
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lu%2BO66s0ZssMHilUyg3oJXioLKOiCbwkW5fgGSzjayeFzF50pZyb3p9v1e%2BfPHLBWfhD8DJeiSk9meQ2BxWgbmgI5zSBrZJM51HGkaf%2BLzozFqdBHHQVZdNNwW3U5pEs1daP4r1FYBtwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7E7A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
17280e1af0793a5d11cbcc7193aebadcc77393a3b093a3937253a11623b6c216

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 09:34:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30794
Connection
keep-alive
Content-Length
10067
Expires
Wed, 07 Dec 2022 09:33:39 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 29C9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89128930&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4885f94efb7a2e6410352724d2b5cf4112750a260fa52f628c692d364fab94bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 01:00:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame 99C6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Dec 2022 01:00:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 07 Dec 2022 01:00:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame C0B8 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Wed, 07 Dec 2022 01:00:25 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F3E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=134717
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 01:00:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 08 Dec 2022 14:25:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 6B0B 		61 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1670374825038&pubconsent=&euconsent=&hasConsent=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 01:00:25 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 35A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP012 /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
server
33XP012
x-33x-status
2000208
isync
visitor.omnitagjs.com/visitor/ Frame 798F 		0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 01:00:24 GMT
expires
0
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame DED5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
v1
match.sharethrough.com/universal/ Frame 4C1F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.133.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-133-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
s
s.seedtag.com/cs/st/ Frame FD88 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame FD88
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.seedtag.com%252Fcs%252Fcookiesync%252Fappnexus%253Fchanneluid%253D%2524UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=1395078466316344542
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=1395078466316344542
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
AN-X-Request-Uuid
7aaa7bb2-0aea-402d-b35f-9274af646c32
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=1395078466316344542
Connection
keep-alive
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/ Frame FD88
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
HTTP/1.1
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:24 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:24 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
outbrain
s.seedtag.com/cs/cookiesync/ Frame FD88
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
90
Content-Type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame FD88 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame FD88
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=seedtag&bsw_param=104318fa-8f73-4d1d-bf62-04e2c2d939dd&google_hm=MTA0MzE4ZmEtOGY3My00ZDFkLWJmNjItMDRlMmMyZDkzOWRk
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHFmg_7j2W1_mDHrncCsJsY&google_cver=1&ssp=seedtag&bsw_param=104318fa-8f73-4d1d-bf62-04e2c2d939dd
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=104318fa-8f73-4d1d-bf62-04e2c2d939dd
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=104318fa-8f73-4d1d-bf62-04e2c2d939dd
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=104318fa-8f73-4d1d-bf62-04e2c2d939dd
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
spotx
s.seedtag.com/cs/cookiesync/ Frame FD88
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=88885732-75ca-11ed-80d6-...
  • https://s.seedtag.com/cs/cookiesync/spotx?channeluid=888856c4-75ca-11ed-80d6-141484330306
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=888856c4-75ca-11ed-80d6-141484330306
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=888856c4-75ca-11ed-80d6-141484330306
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
130
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame FD88
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Wed, 07 Dec 2022 01:00:25 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
date
Wed, 07 Dec 2022 01:00:25 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame FD88
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=249286
  • https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=8888a966-75ca-11ed-a74f-174deb1e0206
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&us_privacy=
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESECOueE8ql8DJdOTqoBs3MLE&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
//match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
110
Connection
keep-alive
Content-Length
0
improvedigital
s.seedtag.com/cs/cookiesync/ Frame FD88
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=265ea304-ff96-47e5-a779-8041ed39ad10
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=265ea304-ff96-47e5-a779-8041ed39ad10
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=265ea304-ff96-47e5-a779-8041ed39ad10
access-control-allow-origin
*
date
Wed, 07 Dec 2022 01:00:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame FD88
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D&s=191730&C=1
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y4-lqUGfx1L42fTczLqeyAAA%261852
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y4-lqUGfx1L42fTczLqeyAAA%261852
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ym0lC2uK%2BA2i3Tf%2FW3nSolm1htKsztUcav2H2H9Xz2nBps2Z6q82BkV8xaLEYDkDyG5hXqek9Kuq9RWit5SqpfZbBYatRAmySEL4jTu9212FMMF93ByxvaszU7MDGCRc9cSvm%2BiZuQObPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y4-lqUGfx1L42fTczLqeyAAA%261852
cache-control
no-cache
cf-ray
7759530159f60765-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame FD88
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://ups.analytics.yahoo.com/ups/58427/occ?verify=true
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-Dcd0r21E2uE98JsVmeKGZ3ntGboht3qKgQOs9_I-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-Dcd0r21E2uE98JsVmeKGZ3ntGboht3qKgQOs9_I-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-Dcd0r21E2uE98JsVmeKGZ3ntGboht3qKgQOs9_I-~A
date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame FD88 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
server
nginx
content-length
43
content-type
image/gif
pixel
ap.lijit.com/ Frame FD88 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.60 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 07 Dec 2022 01:00:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
692.json
id5-sync.com/g/v2/ 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19333/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
c3ec5de292306560781c47b946b0464fc0ee3cfc24b20d1639266ca1f2c3b32f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Wed, 07 Dec 2022 01:00:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame D09E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E932
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b7b8638f-e5a9-4b00-b446-e849c67287f6&gdpr=0&gdpr_consent=
42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b7b8638f-e5a9-4b00-b446-e849c67287f6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 07 Dec 2022 01:00:25 GMT
Expires
Wed, 07 Dec 2022 01:00:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b7b8638f-e5a9-4b00-b446-e849c67287f6&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 5C29
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=826291927493921925
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=826291927493921925
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=826291927493921925
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame B0E5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
Wed, 07 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1711422
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame E711
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Dec 2022 01:00:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MXMT9ZRT5FPE5PBKC1EV

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 07 Dec 2022 01:00:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8EQRY46D8PRY4K67VMEW
Pug
simage2.pubmatic.com/AdServer/ Frame 266D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4042716502955769651&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4042716502955769651&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
9fb2b953-26e7-4418-994a-22e1fb2f4fe6
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Dec 2022 01:00:25 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4042716502955769651&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 6DD6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM
42 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 7406
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174205245442226322&gdpr=0&gdpr_consent=
42 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174205245442226322&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 07 Dec 2022 01:00:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174205245442226322&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 5240
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Zt4U-DIVRElFbl4BcsHRf9mKxGs
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Zt4U-DIVRElFbl4BcsHRf9mKxGs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Dec 2022 01:00:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Zt4U-DIVRElFbl4BcsHRf9mKxGs
Pug
image2.pubmatic.com/AdServer/ Frame 2246
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWlFrN0hIOHNBQUNBUG84RklKQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEZQk7HH8sAACAPo8FIJA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2659778366685093041&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEZQk7HH8sAACAPo8FIJA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2659778366685093041%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2659778366685093041&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEZQk7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZQk7HH8sAACAPo8FIJA&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZQk7HH8sAACAPo8FIJA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 07 Dec 2022 01:00:26 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEZQk7HH8sAACAPo8FIJA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4732
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4-lqQAAAgwH6AAo&gdpr=0&gdpr_consent=&_test=Y4-lqQAAAgwH6AAo
1 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4-lqQAAAgwH6AAo&gdpr=0&gdpr_consent=&_test=Y4-lqQAAAgwH6AAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 01:00:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 07 Dec 2022 01:00:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4-lqQAAAgwH6AAo&gdpr=0&gdpr_consent=&_test=Y4-lqQAAAgwH6AAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lcy-eglc8600033-LCY
x-timer
S1670374825.359767,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 3EB6
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 01:00:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 07 Dec 2022 01:00:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
_
i.match
s.tribalfusion.com/z/ Frame E556
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
775953031e5923b8-LHR
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77595301cce523b8-LHR
content-type
text/html
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
479
generic
match.adsrvr.org/track/cmf/ Frame DEB3
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670374825257
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2148933789
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2148933789
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 07 Dec 2022 01:00:25 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 07 Dec 2022 01:00:25 GMT
etag
RXedd360fdb78e444f92bd0985ef8a0abf003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2148933789
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 4BCE 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Dec 2022 01:00:25 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-16d2479409ff@version_1.531
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame FAD8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=927d11725dba782a/gdpr=0/ Frame 66B3
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=927d11725dba782a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=927d11725dba782a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRXTQbbTXVQhgTSXg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.92.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-92-250.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.16.13

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=927d11725dba782a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRXTQbbTXVQhgTSXg
bridge
cm.adgrx.com/ Frame 5DD2 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 07 Dec 2022 01:00:25 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 29C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d4XtBvvmRJyaJA29EmfS5w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=134717
accept-ranges
bytes
content-length
5549
expires
Thu, 08 Dec 2022 14:25:42 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 29C9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f693638f-e5a9-4300-a4a4-58fa6cb21f5f
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f693638f-e5a9-4300-a4a4-58fa6cb21f5f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x33 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f693638f-e5a9-4300-a4a4-58fa6cb21f5f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Dec 2022 01:00:24 GMT
generic
match.adsrvr.org/track/cmf/ Frame 29C9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 29C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzc4NUVEMDYtRkJFNi00NDlDLTlBMjQtMERCRDEyNjdEMkU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 29C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGW-kzc1vDtXhS-ZLjEZBH4&google_cver=1
42 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGW-kzc1vDtXhS-ZLjEZBH4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGW-kzc1vDtXhS-ZLjEZBH4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 29C9 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 06 Dec 2022 01:00:25 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 29C9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1875249585118522708
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1875249585118522708
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1875249585118522708
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 29C9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
odr.mookie1.com/t/v2/ Frame 29C9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=104318fa-8f73-4d1d-bf62-04e2c2d939dd&ssp=pubmatic&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=104318fa-8f73-4d1d-bf62-04e2c2d939dd&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=104318fa-8f73-4d1d-bf62-04e2c2d939dd&ssp=pubmatic&gdpr=0&gdpr_consent=
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
7785ED06-FBE6-449C-9A24-0DBD1267D2E7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 29C9 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7785ED06-FBE6-449C-9A24-0DBD1267D2E7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:f9a9:36e4:6c12:d8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 29C9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-axqcT25E2uXV65iOsPNMza02YOF.n4s-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-axqcT25E2uXV65iOsPNMza02YOF.n4s-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-axqcT25E2uXV65iOsPNMza02YOF.n4s-~A&gdpr=0&gdpr_consent=
date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 29C9 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7785ED06-FBE6-449C-9A24-0DBD1267D2E7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 29C9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:24 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 29C9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3285593131473095809&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3285593131473095809&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3285593131473095809&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 29C9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bd269736-02eb-43c7-905d-6b66696da5b2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bd269736-02eb-43c7-905d-6b66696da5b2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bd269736-02eb-43c7-905d-6b66696da5b2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 29C9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4042716502955769651
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4042716502955769651
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Dec 2022 01:00:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
AN-X-Request-Uuid
13b2b7de-43c0-4f15-b735-4fab2cc537e5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4042716502955769651
Connection
keep-alive
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7E7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAKiQ-3UV2vRi8fb-pObwXg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAKiQ-3UV2vRi8fb-pObwXg&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAKiQ-3UV2vRi8fb-pObwXg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E7A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzM4NTk3ODc4NGU5ZGJjMjlkZDkwNDkxNGFhOWFhM2U1YjU4YmVkZQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzM4NTk3ODc4NGU5ZGJjMjlkZDkwNDkxNGFhOWFhM2U1YjU4YmVkZQ&gdpr=0
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzM4NTk3ODc4NGU5ZGJjMjlkZDkwNDkxNGFhOWFhM2U1YjU4YmVkZQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 7E7A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 7E7A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W5j4vLf9ROqpuDMcctrs0A&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W5j4vLf9ROqpuDMcctrs0A&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W5j4vLf9ROqpuDMcctrs0A&gdpr=0
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZDHBDV76B0M3Q4C5W49T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W5j4vLf9ROqpuDMcctrs0A&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7E7A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDWTFIMDYtMjgtTTA0SA==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDWTFIMDYtMjgtTTA0SA==&gdpr=0
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDWTFIMDYtMjgtTTA0SA==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7E7A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lC2rnqDcQqqoOOcqi5hOgQ&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lC2rnqDcQqqoOOcqi5hOgQ&gdpr=0
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lC2rnqDcQqqoOOcqi5hOgQ&gdpr=0
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DEHEQV3VQS747BNE1J7M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lC2rnqDcQqqoOOcqi5hOgQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7E7A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bwn0aC1ypS1vlQ_bJjR4f8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tLcm6cdE2oIqAoAACMTZoXYZT8__fhq1IfPjkA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tLcm6cdE2oIqAoAACMTZoXYZT8__fhq1IfPjkA--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tLcm6cdE2oIqAoAACMTZoXYZT8__fhq1IfPjkA--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 7E7A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCY1H06-28-M04H&gdpr=0
0
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCY1H06-28-M04H&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2F13217598B84D0B90BE3CD54ADCD011 Ref B: LTSEDGE1821 Ref C: 2022-12-07T01:00:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvMnIe0bqpPMVF947esQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCY1H06-28-M04H&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame C0B8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Unused62
8096267
Date
Wed, 07 Dec 2022 01:00:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 11:31:40 GMT
Server
AkamaiNetStorage
ETag
"49623d3e5c04865dd012dafa25c82381:1645098702.977678"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2929
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame C0B8 		61 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
598686e7213f278bb341e3194022b4355d1cd95818eeb224ea48ca10e96144cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Oct 2022 08:45:26 GMT
Server
AkamaiNetStorage
ETag
"e887ffeb10fe1e5e78f4cd0280a52ce6:1666255728.542245"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13713
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame C0B8 		152 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5af3136530a33e7ac536f9e52da58b6d4419b30baf4eb6fe14462fc516643ce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Oct 2022 08:45:26 GMT
Server
AkamaiNetStorage
ETag
"89c36d3d06737a5284fa51f4d50162e5:1666255729.181322"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4196
crum
dsum-sec.casalemedia.com/ Frame B274
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4-lqUaMEHtn.41eWKcz3QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPj5j6STt4R7vq0LPoebLUc&google_cver=1&google_hm=2
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPj5j6STt4R7vq0LPoebLUc&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPj5j6STt4R7vq0LPoebLUc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B274 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame B274
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4_lqUaMEHtn-41eWKcz3QAAApsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHlMsIFiHo94nMhqJCu3y_s&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHlMsIFiHo94nMhqJCu3y_s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=073xv2kk6T1f7vcFepNld%2BKBs3hKHydk8PFik2F%2BBblh8cBd0xG4bBL084LbzpPO%2FwAp63OUjabAx1NjjWPfw43h%2F5Lgz7NzJ3uHE%2B50%2FvA%2FwCHq00W0yMXfY7agc%2Bq%2B0QLxRY1SlB2Gmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
775953025b830765-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHlMsIFiHo94nMhqJCu3y_s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B274
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4_lqUaMEHtn-41eWKcz3QAAApsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4_lqUaMEHtn-41eWKcz3QAAApsAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4_lqUaMEHtn-41eWKcz3QAAApsAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XJZ6QZGEMEFA09GW9VD4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HYGCKJSQ2M5QYC6M557Z
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4_lqUaMEHtn-41eWKcz3QAAApsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B274
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1395078466316344542
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1395078466316344542
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
AN-X-Request-Uuid
cdd7e396-9f44-48e2-b934-37171f08bba7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1395078466316344542
Connection
keep-alive
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame B274 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Y4-lqUaMEHtn.41eWKcz3QAA%26667&gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.50.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-50-34.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1670374825446027-592
Expires
Wed, 07 Dec 2022 01:00:25 GMT
crum
dsum-sec.casalemedia.com/ Frame B274
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F146EA15AC2A4D398A7CBE2D2123DB28
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F146EA15AC2A4D398A7CBE2D2123DB28
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Wed, 07 Dec 2022 01:00:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F146EA15AC2A4D398A7CBE2D2123DB28
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 06 Dec 2022 01:00:25 GMT
crum
dsum.casalemedia.com/ Frame B274
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1395078466316344542
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1395078466316344542
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 01:00:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5pJYBkbGTUZxCMyQGSXnYTlYWZQsK%2BbgPVxrROQpa5kt%2BXfIfZVFuYaUmRYvr%2FL59%2FS%2FrFSfaSqo6XB0UYPB%2BWygEsqtSNF%2B8ejPo%2B2DwwIc1xpS905TkI3yjK2A8IWEh%2FqBxoy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77595302d8650762-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 07 Dec 2022 01:00:25 GMT
AN-X-Request-Uuid
9f934680-19ea-421e-aa81-9a1658fd7c45
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1395078466316344542
Connection
keep-alive
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame B274 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4-lqUaMEHtn.41eWKcz3QAA%26667
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 01:00:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
8976
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
775953027f363628-MAN
content-length
43
expires
Thu, 08 Dec 2022 01:00:25 GMT
usync.js
eus.rubiconproject.com/ Frame 99C6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
17280e1af0793a5d11cbcc7193aebadcc77393a3b093a3937253a11623b6c216

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 01:00:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 09:34:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30794
Connection
keep-alive
Content-Length
10067
Expires
Wed, 07 Dec 2022 09:33:39 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 99C6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LBCY1H06-28-M04H
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontentvisibilityautostatechange object| __o function| $ function| jQuery number| dayMs number| cb string| vpbSrc string| gptSrc object| c function| loadScript object| gptadslots object| googletag function| catfish function| gtag object| dataLayer object| gravitecWebpackJsonp number| _subscriptionStrategy object| vpb number| docDate number| cntDocs number| _docDate number| y object| Cookies object| _fbq object| google_conversion_id object| google_custom_params object| google_remarketing_only function| b64EncodeUnicode function| b64DecodeUnicode object| _fpFactor object| name165now object| AccountsManager number| getInterval object| recInterval number| recTime number| _recTime object| sock boolean| reconnectCheck number| reconnectCount object| available_smile_codes function| getNode object| textarea object| messages number| nowUsers function| calculateMessageRest function| sendClickFunction string| client_ip function| reconnect number| scrollflag number| mmsgcount function| readMessages function| appendMessage function| prepareMessage function| sendMessage function| getRandomInt object| validation function| getCookie function| trim undefined| jQuery111107201793768469316_1670374820450 object| jQuery111107201793768469316 object| google_tag_manager function| getUrlParam function| checkEmail function| getPageScroll number| mDesign function| create_popup boolean| ab object| config_accounts function| SockJS object| paramsArr object| paramCurrent boolean| searchText number| unf number| uef number| utv number| wsf number| ctrl number| ctrlCheck function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| GravitecConfig object| Gravitec object| WLPush string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq object| vmpbjsChunk object| vmpbjs object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue object| FB function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| google_optimize object| __buffer undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| Criteo object| litHtmlVersions object| GoogleGcLKhOms object| send object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

119 Cookies

Domain/Path Name / Value
buhgalter.com.ua/ Name: leads
Value: a%3A1%3A%7Bs%3A13%3A%22subscr_source%22%3Ba%3A3%3A%7Bs%3A11%3A%22create_date%22%3Bs%3A10%3A%222022-12-07%22%3Bs%3A6%3A%22source%22%3Ba%3A4%3A%7Bs%3A10%3A%22utm_source%22%3Bs%3A6%3A%22direct%22%3Bs%3A10%3A%22utm_medium%22%3Bs%3A4%3A%22none%22%3Bs%3A3%3A%22url%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A11%3A%22refererData%22%3Ba%3A2%3A%7Bs%3A11%3A%22refererPath%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A7%3A%22referer%22%3Bs%3A16%3A%22buhgalter.com.ua%22%3B%7D%7Ds%3A2%3A%22ga%22%3Ba%3A1%3A%7Bs%3A3%3A%22cid%22%3Bs%3A36%3A%2275528489-aa01-4c7f-a564-9eeaa007c69c%22%3B%7D%7D%7D
.buhgalter.com.ua/ Name: jj9uUvj
Value: 1
.buhgalter.com.ua/ Name: __fp2_f2
Value: n6lBY9RMM9tI0HnNu7wOgGqe3V6CzpC0
.buhgalter.com.ua/ Name: kLS2Iz8
Value: 1
.buhgalter.com.ua/ Name: _faguid
Value: n6lBY9RMM9tI0HnNu7wOgGqe3V6CzpC0
buhgalter.com.ua/ Name: __factor_utm
Value: %7B%22utm_medium%22%3A%22none%22%2C%22utm_source%22%3A%22direct%22%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%2C%22url_path%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%2C%22refer%22%3A%22%22%2C%22site%22%3A%22buhgalter.com.ua%22%7D
buhgalter.com.ua/ Name: pageCount
Value: 2
.buhgalter.com.ua/ Name: _ga_6VVQ37Y1T2
Value: GS1.1.1670374820.1.0.1670374820.60.0.0
.buhgalter.com.ua/ Name: _ga
Value: GA1.3.438883282.1670374821
.buhgalter.com.ua/ Name: _gid
Value: GA1.3.1221761269.1670374821
.buhgalter.com.ua/ Name: _gat_gtag_UA_35985798_1
Value: 1
.buhgalter.com.ua/ Name: _gat_UA-53572572-5
Value: 1
.buhgalter.com.ua/ Name: _gat_UA-35985798-1
Value: 1
buhgalter.com.ua/ Name: cbtYmTName
Value: /oXcl5rcxNyfm87Iycean82dysrLm5vO3IMV
.buhgalter.com.ua/ Name: _fbp
Value: fb.2.1670374821122.688115610
buhgalter.com.ua/ Name: _pbjs_userid_consent_data
Value: 2024371239917068
.buhgalter.com.ua/ Name: _pubcid
Value: 858925cf-e801-4d3b-b016-145cf68b74db
a4p.adpartner.pro/ Name: apuid
Value: c679ac17-aa91-4cd3-b5f9-66c420c339ba
loadercdn.net/ Name: vui
Value: 79c9a8698a3e45d4aaf8430fff988498
.doubleclick.net/ Name: IDE
Value: AHWqTUk29rdnfFvljhB_bmCvBx9z49Z5vuvgIvnLOUkBJMFhHmHR8SCkn01jGXIo39U
.buhgalter.com.ua/ Name: __gads
Value: ID=b31859e66a242a71:T=1670374821:S=ALNI_MZtfBla4AGDGX9sGhhhBdQpFIGuZQ
.buhgalter.com.ua/ Name: __gpi
Value: UID=00000b8eb2fe1976:T=1670374821:RT=1670374821:S=ALNI_MY5FJwusAiJjrKoowVQrH8Wt9WNOQ
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AHLO4SunPl0N409d
.rubiconproject.com/ Name: khaos
Value: LBCY1H06-28-M04H
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EidOublhXxke1qbBgMWySGKoH1GQZR6kuhWaHhWVROLZ+G495NhJdjse8x9FX/SGzLD4PlHyE3qACYbB5SW5XQ3DwdQPoJZYLSma+WVcS1g3g==
.seedtag.com/ Name: st_uid
Value: 616cdc25-b16c-41f8-8e18-3af6d8e632ec
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBLaW5nZG9tJmNvdW50cnlfaXNvMj1HQiZjb3VudHJ5X2lzbzM9R0JSJnJlZ2lvbl9uYW1lPU1hbmNoZXN0ZXImcmVnaW9uX2lzbzI9TUFOJmNpdHlfbmFtZT1NYW5jaGVzdGVyJmxvbmdpdHVkZT0tMi4zMTg2JmxhdGl0dWRlPTUzLjQ1MDcmemlwPU0zMg==
.adtelligent.com/ Name: vmuid
Value: 73aa1812c33bf65f
.adtelligent.com/ Name: a307558
Value: c679ac17-aa91-4cd3-b5f9-66c420c339ba
.criteo.com/ Name: uid
Value: 55623396-704d-4f7e-9676-bf26fe15193b
.zeotap.com/ Name: zc
Value: 1d3ad49c-e251-4789-46a6-3ee7cfc00f11
.zeotap.com/ Name: zsc
Value: k%0Aqg%19%1F%A9%DE%E3%AAX%8A%E0r%9E%D2%A2%98%85%19%1C7%7B%EC%DF%40%C74%B6%08%EE%19%C7%1E%A5%C3i%A5j%C5%8Aw%C3%E2%EE%9Doyf%A9TN%1E%88%C5%BC%C1%CC%84%3DM6%5C%EA%B34%DB%EE%16tP%C9%1E%ABp%26%90%97%16d%C8%B2kC%C3yRf%D0Vv%D8%96c%0EVo%AA%0C%EB%BDP%E5q%CF%2A%DFDl%E8%06i%8F%F9pm%A6%FA%FA%8EYD-%1D4%BA7%40%3C%F1%8Fj%B3%93%5D%28%CB%A6%C3i3bw%10%A0%8C%E3_L%F29%25%E5%26%13p%0AH%EE%5C%D7%EB%A0%60%8F-r%F6
.bidswitch.net/ Name: tuuid
Value: 104318fa-8f73-4d1d-bf62-04e2c2d939dd
.bidswitch.net/ Name: c
Value: 1670374824
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidswitch.net/ Name: tuuid_lu
Value: 1670374825
.casalemedia.com/ Name: CMPS
Value: 1852
.tapad.com/ Name: TapAd_TS
Value: 1670374825110
.tapad.com/ Name: TapAd_DID
Value: 744282d9-2fa5-4e68-8caf-87cfa330b8be
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7785ED06-FBE6-449C-9A24-0DBD1267D2E7
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156813:2
.pubmatic.com/ Name: DPSync3
Value: 1671580800%3A201_197_219%7C1670457600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1671580800%3A234_55_238_88_22_204_3_56_165_13_8_233_166_220_81_21_54_176_243_161_251_71_99_7%7C1671667200%3A35%7C1671235200%3A63%7C1672963200%3A203%7C1670976000%3A223_15_2
.buhgalter.com.ua/ Name: cto_bundle
Value: 2FCyD19XNHZqeTBiWGFJbyUyRklLeEx6YVQxNFJwU3NkZXNjdDhMZ0RQZk9jaXNBNzhKMVZFM0ZXa1I1TFpGM01pZ0lpalQ1d04zcDRzVzFVaXJVUk9nQ0NBYlhhbVhFS2ZoVmhKTTFZYmloYUFqRmtoNXNZSSUyRlU3aGJMbWNxTDNZSWdNNU9nQTBZJTJCNThuSUVvQndoMWtocTdZd2clM0QlM0Q
.buhgalter.com.ua/ Name: cto_bidid
Value: OwynP18lMkJNaHQ5Y0NROER2a25lenlkNUFQZzVhTGdtbFA1SEc5dU9acHMlMkIlMkZhS01ZMDJKTkVMUUU0ZlNKemglMkYyY00lMkZBbHN5eiUyQjZ3OFU3RnlESmVWa09ZRDZscUprY3lVdEwwZVdnYUlTYkpTbnMxbjU3QTdSbkV3UiUyQkY3aG1tOFhjdThn
.360yield.com/ Name: tuuid
Value: 265ea304-ff96-47e5-a779-8041ed39ad10
.360yield.com/ Name: tuuid_lu
Value: 1670374825
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.yahoo.com/ Name: A3
Value: d=AQABBKnlj2MCEOkYz9G_Hh4AXouPh8FG27UFEgEBAQE3kWOZYwAAAAAA_eMAAA&S=AQAAAqDW30KxZfj4YPf0cxJNDQk
.demdex.net/ Name: demdex
Value: 19507286425610026150227966955575629655
.casalemedia.com/ Name: CMID
Value: Y4-lqUaMEHtn.41eWKcz3QAA
.casalemedia.com/ Name: CMPRO
Value: 667
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.tidaltv.com/ Name: tidal_ttid
Value: 65999cd0-7a38-482c-a630-a03e4ba1e4b2
.adfarm1.adition.com/ Name: UserID1
Value: 7174205245442095257
.weborama.fr/ Name: AFFICHE_W
Value: 80jZSzEzZWXz29
.dpm.demdex.net/ Name: dpm
Value: 19507286425610026150227966955575629655
.quantserve.com/ Name: d
Value: EIcBCwHgJ_ijAA
.quantserve.com/ Name: mc
Value: 638fe5a9-402d8-0fc1b-0f441
.adsby.bidtheatre.com/ Name: __kuid
Value: bd269736-02eb-43c7-905d-6b66696da5b2.439588825
.onaudience.com/ Name: cookie
Value: 927d11725dba782a
.onaudience.com/ Name: done_redirects147
Value: 1
.mathtag.com/ Name: uuid
Value: b7b8638f-e5a9-4b00-b446-e849c67287f6
.csync.loopme.me/ Name: viewer_token
Value: 615b167c-f197-43dd-ae52-3fe4b0dc43d0
.simpli.fi/ Name: suid
Value: F146EA15AC2A4D398A7CBE2D2123DB28
.spotxchange.com/ Name: audience
Value: 888856c4-75ca-11ed-80d6-141484330306
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-edd360fd-b78e-444f-92bd-0985ef8a0abf-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 3285593131473095809
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjYysTK0MAIAl+nuNQkAAAA="
.de17a.com/ Name: guid
Value: 1.826291927493921925
.creative-serving.com/ Name: tuuid
Value: abd0edc0-eabd-4d26-8383-354fafecdfda
.creative-serving.com/ Name: c
Value: 1670374825
.creative-serving.com/ Name: tuuid_lu
Value: 1670374825
.adnxs.com/ Name: uuid2
Value: 4042716502955769651
.richaudience.com/ Name: avcid-zeo-uid
Value: 1d3ad49c-e251-4789-46a6-3ee7cfc00f11
.adform.net/ Name: uid
Value: 223033384369469178
.bidr.io/ Name: bito
Value: AAEZQk7HH8sAACAPo8FIJA
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: SPugT
Value: 1670374824
ads.playground.xyz/ Name: connect.sid
Value: s%3AtrCQfHFmT-8QzJwneju2yqINe5bFwo0o.dpYwfbfOBce7xaSHqFCNvwksIWHEvTRXRVwsGhDo1JE
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4042716502955769651&KRTB&23339-4042716502955769651
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7174205245442226322&KRTB&23278-7174205245442226322&KRTB&23369-7174205245442226322
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3285593131473095809&KRTB&23150-3285593131473095809
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y4-lqQAAAgwH6AAo&KRTB&22978-Y4-lqQAAAgwH6AAo&KRTB&23194-Y4-lqQAAAgwH6AAo&KRTB&23209-Y4-lqQAAAgwH6AAo
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b7b8638f-e5a9-4b00-b446-e849c67287f6&KRTB&16736-uid:b7b8638f-e5a9-4b00-b446-e849c67287f6&KRTB&23019-uid:b7b8638f-e5a9-4b00-b446-e849c67287f6&KRTB&23208-uid:b7b8638f-e5a9-4b00-b446-e849c67287f6
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGW-kzc1vDtXhS-ZLjEZBH4&KRTB&16514-CAESEGW-kzc1vDtXhS-ZLjEZBH4&KRTB&23025-CAESEGW-kzc1vDtXhS-ZLjEZBH4&KRTB&23386-CAESEGW-kzc1vDtXhS-ZLjEZBH4
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM&KRTB&19420-l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM&KRTB&22979-l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM&KRTB&23403-l4YxVMSAaAuMgTkAxY0kAsfWOFCMhW8GlYSCgysM
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4-lqQACForG0AAp
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-826291927493921925
.agkn.com/ Name: ab
Value: 0001%3Asu6NZoyj4%2BG%2FVzl30v0kYeCouLN7%2FP5k
.analytics.yahoo.com/ Name: IDSYNC
Value: "192z~28pc:19ah~28pc"
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1875249585118522708&KRTB&23263-1875249585118522708
.pubmatic.com/ Name: PugT
Value: 1670374825
.onaudience.com/ Name: done_redirects104
Value: 1
.krxd.net/ Name: _kuid_
Value: PPhhVXML
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6IjI0OTI4NiIsInNwIjoyLCJpIjp0cnVlLCJscCI6NzAyOCwidXBzIjoiIiwiZ2NzIjoiIiwicGwiOls2NjUzLDg0NTksNzU3Nyw2NDA5LDY0NjVdLCJzaWQiOiI4ODg4YTk2Ni03NWNhLTExZWQtYTc0Zi0xNzRkZWIxZTAyMDYiLCJzb2wiOjcsInNsIjo1fQ==
.fwmrm.net/ Name: _uid
Value: "e5f65_7174205245437220151"
.casalemedia.com/ Name: CMTS
Value: 3215
.ads.stickyadstv.com/ Name: UID
Value: 84f1de7649a70ca30dad5f2a52abd44
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Y4-lqUaMEHtn.41eWKcz3QAA&667
.seedtag.com/ Name: st_cs
Value: l+EQxuppf4rbMmxYXoBW5w5ZOQt5lSyzYXpNc02XTIvdMgi3gMzLk5Br8OoknMXHs0Ed9qQMKWiXOXtpSxtwGDQ8niQE0HJVoqSUQ0FD5rWYeaHMU9GaWz7FXcuiqFDzELT8Md0IBZqurvBcCH8NC8W4Ntlv/vTWh0G2TBuyYF4U0N5sre+DIzeIGHwGSexTuyokkmOluANMbDjlnn7xetpDVgb0vIlMisKQW8rtyctnjrvbCngvazXBHNJqqV8Ry3NnoSoyBUpnFfJj/SQBh7Jq1WiLlCdxrPSA9opimjRU97Oy1z6VbWrbLSIqHXAgsgw/JwX6up1nxEUjq9LoIpNEd1zpKu3Op367Z7ISYsOBGHaQo+Kl+evDjpnLtqKh
.seedtag.com/ Name: st_csd
Value: 1670374825578:1670374825578
.smartadserver.com/ Name: pid
Value: 2659778366685093041
.smartadserver.com/ Name: csync
Value: 127:AAEZQk7HH8sAACAPo8FIJA
.tribalfusion.com/ Name: ANON_ID
Value: aYnseFyKalGobWm8ZbRiZdP0h5JnC5h5GpZdSpsqagEGelTFZa4rfpHtwcrZaSmhZcZaYUAZcxqpF3YvAJNSUwtxtyOd
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-66de14f8-3215-4449-456e-5e0172c1d17f.sJn7o2pXJnrbXumRK7HYtl10wf6%2FKLTcRrkNsnUgMlg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZt4U-DIVRElFbl4BcsHRf9mKxGs.d5Fc4nxn6lpVPUVMvg0Nn2pwIc%2FhE56qQLPvzXTD5wk
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&46f60903-d37f-455c-84a0-5bfa3733db9a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzAzNzQ4MjU7MjswMjHhsgEarxVOoYxnTdT+uOGhh2bibi9M83ZYtImrQEPjWw==
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2553:u=1:x=1:i=1670374825:t=1670461225:v=2:sig=AQHb9-qFAqLSeGghHo50lytd_W8jTTxV"
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Zt4U-DIVRElFbl4BcsHRf9mKxGs&KRTB&23334-Zt4U-DIVRElFbl4BcsHRf9mKxGs&KRTB&23417-Zt4U-DIVRElFbl4BcsHRf9mKxGs&KRTB&23426-Zt4U-DIVRElFbl4BcsHRf9mKxGs
.amazon-adsystem.com/ Name: ad-id
Value: A5KMltG12EJhq_jwzoLEJ7Y

7 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googleadservices.com/pagead/conversion.js(Line 28)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1d3ad49c-e251-4789-46a6-3ee7cfc00f11?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=927d11725dba782a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRXTQbbTXVQhgTSXg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1d3ad49c-e251-4789-46a6-3ee7cfc00f11&reqId=ca0cf672-743d-4c19-62bf-bd833f176204&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49b0b297964990c651f24ede970312f2.safeframe.googlesyndication.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.co.uk
adservice.google.com
analytics.factor.ua
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
buhgalter.com.ua
c1.adform.net
c2shb.ssp.yahoo.com
cdn.gravitec.net
cdn.indexww.com
cdn.jsdelivr.net
ced-ns.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
cs.admanmedia.com
cs.seedtag.com
csync.loopme.me
csync.smartadserver.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
engine.widespace.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jsonip.com
lb.eu-1-id5-sync.com
loadercdn.net
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
reactive.factor.ua
region1.analytics.google.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s.zmctrack.net
scontent-fra5-2.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.18.132.145
104.18.33.19
104.18.36.94
13.248.245.213
13.32.99.109
136.144.183.196
141.94.170.64
141.94.170.77
141.94.240.141
141.95.98.64
142.250.181.226
142.250.186.66
151.101.194.49
162.19.138.120
168.119.79.223
172.64.151.162
172.64.154.237
178.250.0.157
178.250.0.163
178.62.202.251
18.194.114.29
184.25.50.34
184.30.16.79
184.30.20.22
185.172.90.251
185.184.8.90
185.187.81.40
185.187.81.41
185.255.84.152
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.80.39.216
185.86.139.89
185.94.180.126
195.5.165.20
198.148.27.139
198.47.127.20
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
212.82.100.182
213.155.156.165
213.19.147.44
23.1.110.85
23.35.236.201
23.79.143.124
2600:1f18:6593:f602:82a0:df8e:67ea:6e72
2602:803:c003:200::21
2606:4700:10::6816:1957
2606:4700::6810:5714
2606:4700::6812:18ad
2606:4700:e2::ac40:840f
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9b
2a02:2638:1::1a
2a02:2638::1c
2a02:2638::3
2a02:26f0:1700:d::1737:6e88
2a02:26f0:1700:d::1737:6e99
2a02:6ea0:c700::17
2a02:fa8:8806:13::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::300
2a05:d018:24:b001:f5c1:a58:c5c6:d8ee
2a05:d018:d29:3605:f9a9:36e4:6c12:d8
2a0c:5c81:5142::2
3.121.53.43
3.126.56.137
34.102.253.54
34.107.148.139
34.111.131.239
34.149.50.64
34.207.40.113
34.247.60.250
34.98.67.61
35.157.180.193
35.157.246.167
35.204.74.118
35.214.223.115
35.227.248.159
37.157.2.239
37.157.4.29
37.252.171.21
37.252.171.85
37.97.131.40
45.133.44.4
45.79.77.20
5.161.54.172
50.31.142.255
51.89.9.252
52.213.69.170
52.223.40.198
52.28.133.172
52.30.148.32
52.46.143.56
52.49.92.250
52.58.215.26
54.228.118.174
54.38.197.123
54.72.96.20
54.78.254.47
54.85.128.169
62.149.1.122
63.251.14.60
66.155.71.149
67.202.105.22
67.220.228.200
69.173.144.138
69.173.144.139
69.173.144.165
72.251.241.206
80.77.87.163
85.114.159.118
95.170.82.90
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d
061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e
0705aa0398d4e9e1af85e9f6917e1c94c7c5cae34bace6b68b8e4dcfb78cbe79
07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0
07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891
08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066
0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad
09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0
09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdca1917ff937ea7ded434e526e6aa3310df898475ae64f6f8554cd1e02d53c
0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e
0db55c5279ec272d537f907d99d38738a2c277eb6c521b70cd243576c99aed62
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f
12d3a4b8318785587e763b45fbd355f2e3258cbdf6078d14973b3af5bd2ac9f2
159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e
16176fa96e63b9ac53606ebbdfed5cb104c00b6a2df62b6396c5ca6f85967f3c
16f969c406d3906de2be944f9ec43ed6a2ef875719e680504ce6e508a2f7cd4a
17280e1af0793a5d11cbcc7193aebadcc77393a3b093a3937253a11623b6c216
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
180b3da8ed4d31c2240dff16486dc86e92cd6e6f1882f7d77d3958bb3d79c44d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01
1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb
1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e
1fcd85a28087afa74555abc6f05e26e7fb9c9b88935f33733dece8210c8cd386
22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d
259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458
2625f168921e25e175a1eb02f6c077b322efd6379d492ebad72f0622613b8eb8
27641e871c60fe286033c24ad42b0a70fb96c5ae59c06f776b9ea6d982cf17af
2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9
27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b
284ac1118eb00892b11505c1def66c9a7efaca82ab4061138fbc7986898f8acf
28ddb7a1ad28c26e8975da887f142065c366a14a6fb53f8f8b5258bf4e196296
28e5d10398d7626da007fad02d23b5a13dfe561f3dbe7a699967d75dec771792
296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c
2a791587a2bc3c80abc737d0c2def89d8286a444f95b58c9fa96100d6b687c27
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138
2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d
2efbe539d96b9a15fe95a4ebb62347a087d638a8cb6c65ee5f3c33bbd3cead8d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbbb3b2a181d6bcf119aee8d23493711ed8134b7090eb50748341ffec29c401
3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e
3061f7ba6d1e6ebc3a1811b0d3f0079549f8b5530298a3bd372f89ec8ba9c426
33469539b582e93d9b98eecbae3c3cc48965f030aeaad68cc56cbbf20f774923
348f440d78c955d6261162ea272a22c2d4ee88a765fdd9e623ace70cad9b8a3b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55
36cdbf0fbe2881ae338731bb348f6f23d5ecea8e5c9a343ca923792268a92afc
375869b0de81c6e3af30325ee0289b01e70554d5139eca722f1bff4fdff83c45
3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a
3a1d0f1d83693148437d51c2ea2a6355b35c821ec5448a1ebc266b4fec3575ed
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c6716df35523ced98070581a478269afaa1acd929c825c7505aa7b32dcfb1f1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe4a94453b5243a34989ac537e2b23ed646c89801ac2c618df873d5d0c2b5ad
40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59
42678fcc3eeedad7c2f01e4e553c62a401ebd55d9b97c7a547f0fb2b0104527d
46610c1ebb9865b0d3b9120d7d152a76b89cdc2448fac72398bf9b3b9c288ea7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4885f94efb7a2e6410352724d2b5cf4112750a260fa52f628c692d364fab94bd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4bdb2a68751900783c66cd5e4c76092744face697d522b95bf339aff863c388f
4bfca2b7e4dde2a06a420b0c767bc8a003e2400efe8df6cf7e05748944f2d86a
4c2c9ed99fe0af056240fc8210df8a0e901975ee744c26af61c339d3de9d7e09
4d8c4b6476a1b96222dab4d07d598327fa29fadd4b0beb89c1eed5fdc0119821
4e54a4e1093719499f227854e31568e062cbb3eb158697d3a4ab56df81450ce6
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc
4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5
51e6138c0afa2476bed65cd73ebd386af195837e7667be092385337cd746630d
524326f81e7f81f02155242317ded42944fd8de7cb8d18f90f4a00443f76d7c4
52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c
52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2
52e5aa30fbcd4f762fd828571b6d91b0ac214112c4c7cea30d137f4aef3c521a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cdf9b2dbd724cfa878c8ce703ab7be7d13bc909b5907bdf5a88bdfa495ce96
5721c66368d87f9d019bb754b185e084eee9b1c4c10d9a209be599da7051adcc
57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c
5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737
598686e7213f278bb341e3194022b4355d1cd95818eeb224ea48ca10e96144cf
5af3136530a33e7ac536f9e52da58b6d4419b30baf4eb6fe14462fc516643ce0
5b3b8e3e3a0c088dd038373c7b5f534be366352fe9b78e5f22b712206889166a
5bc96f972a364508d443ec14fa75a0638840d1bb033b857a9a8e770780b68316
5cb512c8f371252eb9eb9066fdf7f76769653d8eb9f1ca08f0a4207f6980f0b9
5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d
5fbcc4ff94d56fb37b33e838466308a145e902acc9640acbfc529e7fe88f3d34
60891274115bcc7600471e936222a65da9fd133a7e5a1e2c6bfb70d807b9db4d
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62533bce9accb17502e412cdef6558ac7375e50e1b6fc089f56606c0b6484a0d
625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd
6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5
6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac
679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb
67ed8bdd90963f7ea344f9ba4797400b312447b092830bda8d64c3ba59630fc7
69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2
69a7bd7c1a220df05d294d3594d91d462a1ceff2019fa76dc8709e3c12fe040f
6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8
6b1bbf85c567d0bf5454333c88937668ee6fa2382e3453873a071b82a036e98e
6b8fd7dd4105ce1ed396f303763969895138f914f8a96914107f5f0423881eba
6c90143dca7a52d4dcaa0dd334ecd1941983be61fe2d728dc36c80a75fcf8815
6d3e90dc7e71b77df23993bd88ab23d973a009f9302664ec4b75b28034c8bfe4
6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c
7091bec1968137ca263cbdb528018b083c157597b40cf211f1014fc37e567f78
741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033
74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745
7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60
75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799
7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5
7ad9ca7a448f744531777d57cf4565a5ffc47603bfa635125ef9f7e08ab3fc64
7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80
7b8b4d39f4a83830bfb963370ea0c486d06a3e5377cb943d6dad286669cc31ec
7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0
7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5
82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a
84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba
868cd24b88e901d5cefcf278766b778b51244abcdda02fd116781b231e0c98f0
87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a
881d462cdf45fccb38510b2b7a9a46bbcd3a85431ee8dd8f15b5c6411e164c68
8be6accdf8a8f1814ca00abab6f3df116bd45b4a7977ba8aa6f2e0a6c3a6abd5
8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef4581d93dce24fe47f764f75653549ab7671e2755f2d9fc65f2765eacc16d6
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9132cdac3ada12f52aec32ca9ca81a344ddfc5edd90152dd24fe800d0f71a049
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
9533053b63907f1ba16c298c209b5098b0d620219429f9567302c6d1bc53b2b9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9911bdc97b551850f0088da3012f5aefb6034133b39250f063b1e3e9d67ca7ff
998eff56c2c74b10481fbf17812d2b47eacb434648846fe0ea08ce4446a74133
9c21c5ad9d5824d479b87b6012b3bbe894e024a432b5949f334eba9456274468
9c22126e930c2f1594e3342bad7ed45f028e19db638cc663784257cfbb3208ac
9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9f37cd2b2de89d388e2f1cc0c9fe2a4934d0001c8eecc873d170889ebb088850
a022827281d8cf772a686fab1be025e8305bedb80a626fe28ad25c5b5c1a4d6f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350
a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b
a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77
a38f5df8d7773d1cd78df5952835ce698d0f651d47f6cf1f760966ea509335e8
a4991d87ebaea362f7b779eb0e62f6664d2b0bfb83aada173b6dbdc6ed587a7b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ef4c23996faf21eadac4dd8e20acf8050805159686453a2d1deba1f75eba09
a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea
a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f
a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8
a82c0e0e6549a49fc0250c43951d4d76248fadab72262f139aed34c42d203874
a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898
a92626168eef3cf1c67f45b5d03c9c1389cb50f1999c1c0193fbdd606f6a663d
aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13
aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d
abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8
ac8a889172f4e9af426e4b9801ce55d83303b1db8b2e2e10dcc7a1cdb7bf1800
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2
b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1
b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1
b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f
b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348
b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07
b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea
b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb
b6802ed3c9a13e4e0c4be93749ab1ffdfbf488638b05ed7e18ad3896b1a1748e
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7
b86ba582d3ddecaaa4117fbe19a9a802ed1a34840840f802482da4e038fc225d
b93d96455a57ca6056fd282fb8a4da363a892afe392fe22df308451eb9958e30
b99b266c06f12dfad6ce326e6f15b80ecc80ae83c8af1c9e0b7d466c55ca262d
ba7b79851af42c5659f9092517b84dd8d4619afc89472e66ed171efcf1476a3c
bab467f8e8b7ad19c3bd5dfb2f0def7b860609e5c3d978c7aeb1e737071f0a7e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4fafe3d9db67e1d848a6a313fa0148962e92762ec44488667e3c67559e8373
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8
c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374
c1d7d13b0c59a2d213f302535dc421ba645bc7bda46b5e1cd42e3c1b10806337
c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c2132e178b2e359d93dc52fed82e07d29c42d005b508eb0cde29b76b56089959
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e
c3ec5de292306560781c47b946b0464fc0ee3cfc24b20d1639266ca1f2c3b32f
c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720
c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21
c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d
c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43
c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df
c729e8c31ecece1e9722abecd5fb296d28fe699274207d3a646912a68ce6bc11
ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef
caee5884e1032920765f7c0f56a9695ed2a69db24ca2f08db4d50c62055971c4
cb44bbce8d91ec281143180404eda1b5e6539d5cbbde61655ed72153ba60d979
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63
cd1a87c507363a05a756681ed7d4b4be87b28f34e0fcb08a10f37c4cd151853e
cd27dc3c0cc40b5e5691a2317a7a03e4189fa6d32becac6f390a0dceccb80205
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb
d1782f01504b2ce39583de37e27a4c2b9f93d68b7c6502bf34361de93fd83767
d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5
d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e
d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0
d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82
d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364
d8a8ddb5f34056b73765e34c52df2f4073e1a535a83955714f34a5a809556ba4
da6352873b63ae8cef4c71092fe111ed6a2cae8828c4ebc2a0e1c82c50f07af3
dadc342d66fe74c55e27087590362734cad1eb09b0b788032e47a8211252f99c
dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c
dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57
dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8
df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29
e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e
e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c
e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7
e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280
e25e78b7c1e28e4040abb2c4a64e6cfbe915ea6e1c5415fecf0c18023f8f906e
e395abd09152184bedbd2e51489b74abcd09a6dfc87c478c76f999ecc29b3cf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54f68d0b118ba2902941c756705336c14c9b9f1aa42868fd079af93f00b53ac
e59e54512aaee7728062ce39be7f965c605be473d7ffec17e0051e5f5132b7fd
e7b66071d9ece404eaba8a4c1cce5c72f364fd55a69edfeee91e9a92d8309e9a
e86f7b25b83ece6379a4dd715545583806705d952755e7636667c850de9db460
e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5
e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf
ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f
eb3c7dcaabfe03ac2d7d3c41bb630dd73587b3f119962c536377e502e47f5df4
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6
ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664
ecee9fa46611c97add225970dbb6dd2ea6e56f0a8e38ace8a027a9f11f8c13c0
ed57ed21ba5b6ac6b6404c6cad8b78e90aefb24a4c983e53f533fb8b378a0067
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330
f1239959e3eb125d70c2239d27d5ef25210fa6f77a702ebc42f9a2985d07fae0
f1438d6eb0653cb8ca10a2d32ff0a25c8715fd0cd66f5ad04b8ccca71bac847d
f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7
f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c
f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2ca33864034e9249b711caf35f10c615d64a1a7b1fae36c96e150c502d5df2f
f37e28efc62ec92064c5682261592903e2eb14d41fbf7ccfcc22bcd2cba3363d
f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f74207976bf384f4bf7e4528b635c9112145d607f0df8f185c2df386f8f13693
f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758
f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79
f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600
f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026
f8789bc808c5435fba66ffdd49c891b95384fd90b13902916bbddd35246f4b47
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6
fbc9e466f4e206d76c04edfae5cb587c0b1d419461832a6622a35ea1bddf8c8d
fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266
fd4a7d9e79f6de06f8a424472e6e78094797c9e1431364547686b593648dd7d2
ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d