urlscan.io logo urlscan.io
SecurityTrails logo

buhgalter.com.ua Open in urlscan Pro
136.144.183.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buhgalter.com.ua/
Effective URL: https://buhgalter.com.ua/
Submission: On December 10 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 15 countries across 99 domains to perform 468 HTTP transactions. The main IP is 136.144.183.196, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is buhgalter.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 31st 2022. Valid for: a year.
This is the only time buhgalter.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41 136.144.183.196 20857 (TRANSIP-A...)
7 45.133.44.3 39572 (ADVANCEDH...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.217.16.194 15169 (GOOGLE)
4 45.133.44.4 7018 (ATT-INTER...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
18 2a03:2880:f02... 32934 (FACEBOOK)
1 95.170.82.90 20857 (TRANSIP-A...)
2 185.187.81.41 43332 (IDSTRATEG...)
11 2a00:1450:400... 15169 (GOOGLE)
1 45.79.77.20 63949 (LINODE-AP...)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a0c:5c81:514... 55081 (24SHELLS)
11 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f12... 32934 (FACEBOOK)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 185.187.81.40 43332 (IDSTRATEG...)
1 80.77.87.163 46636 (NATCOWEB)
1 80.77.87.114 46636 (NATCOWEB)
2 4 72.251.249.9 32475 (SINGLEHOP...)
2 2 137.74.6.209 16276 (OVH)
2 62.149.1.122 15497 (COLOCALL ...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
36 35.157.246.167 16509 (AMAZON-02)
1 172.64.154.237 13335 (CLOUDFLAR...)
10 34.149.50.64 15169 (GOOGLE)
10 2602:803:c003... 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 3.69.94.253 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2 185.172.90.252 49981 (WORLDSTREAM)
47 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f01... 32934 (FACEBOOK)
1 37.97.131.40 20857 (TRANSIP-A...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
3 2602:803:c003... 26667 (RUBICONPR...)
18 25 142.250.185.130 15169 (GOOGLE)
3 6 35.186.194.101 15169 (GOOGLE)
3 184.24.4.64 16625 (AKAMAI-AS)
26 2a00:1450:400... 15169 (GOOGLE)
8 142.250.185.226 15169 (GOOGLE)
3 8 185.80.39.216 27381 (CASALE-MEDIA)
3 5 185.89.210.244 29990 (ASN-APPNEX)
10 104.125.24.254 16625 (AKAMAI-AS)
4 5 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.46.151.131 16509 (AMAZON-02)
3 5 69.173.144.138 26667 (RUBICONPR...)
3 6 52.94.223.167 16509 (AMAZON-02)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
9 15.197.193.217 16509 (AMAZON-02)
2 3 2001:678:cb4:... 56396 (AMOBEE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 213.155.156.183 1299 (TWELVE99 ...)
1 2 23.3.109.122 16625 (AKAMAI-AS)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 141.95.98.64 16276 (OVH)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
3 23.35.236.201 16625 (AKAMAI-AS)
1 172.64.151.162 13335 (CLOUDFLAR...)
1 104.18.134.145 13335 (CLOUDFLAR...)
1 2.18.235.93 16625 (AKAMAI-AS)
7 7 54.93.177.113 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
3 4 35.227.248.159 15169 (GOOGLE)
3 6 37.157.6.233 198622 (ADFORM)
1 2a04:4e42:200... 54113 (FASTLY)
1 2607:ae80:5::148 26558 (FREEWHEEL)
2 3 198.47.127.19 3257 (GTT-BACKB...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 3.248.100.224 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
4 5 185.86.137.132 201081 (SMARTADSE...)
2 52.19.187.82 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
3 3 3.126.56.137 16509 (AMAZON-02)
1 1 54.74.181.165 16509 (AMAZON-02)
1 34.98.67.61 396982 (GOOGLE-CL...)
2 54.246.4.228 16509 (AMAZON-02)
1 4 162.55.236.225 24940 (HETZNER-AS)
4 4 151.101.130.49 54113 (FASTLY)
1 13.32.99.36 16509 (AMAZON-02)
1 1 52.206.63.211 14618 (AMAZON-AES)
1 69.192.160.219 16625 (AKAMAI-AS)
1 1 54.228.118.174 16509 (AMAZON-02)
1 3 104.18.33.19 13335 (CLOUDFLAR...)
1 1 96.16.141.156 16625 (AKAMAI-AS)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 67.202.105.22 32748 (STEADFAST)
1 185.255.84.153 200271 (IGUANE-)
1 51.89.9.253 16276 (OVH)
1 18.159.155.47 16509 (AMAZON-02)
2 2 185.83.142.19 29990 (ASN-APPNEX)
2 2 70.42.32.159 13789 (INTERNAP-...)
1 1 35.210.239.72 19527 (GOOGLE-2)
5 5 185.94.180.125 35220 (SPOTX-AMS)
2 2 54.76.134.229 16509 (AMAZON-02)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
2 98.98.134.242 21859 (ZEN-ECN)
2 2 135.125.160.77 16276 (OVH)
1 104.18.36.94 13335 (CLOUDFLAR...)
2 2 185.29.132.241 30419 (MEDIAMATH...)
12 185.64.189.110 62713 (AS-PUBMATIC)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 54.85.128.169 14618 (AMAZON-AES)
5 5 54.76.69.248 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 35.214.223.115 15169 (GOOGLE)
2 2 213.19.147.44 3356 (LEVEL3)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.54.172 213230 (HETZNER-C...)
1 173.231.178.83 32475 (SINGLEHOP...)
1 1 141.94.240.143 16276 (OVH)
1 1 141.94.171.212 16276 (OVH)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 1 51.222.80.231 16276 (OVH)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
468 105
41    136.144.183.196 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 136-144-183-196.colo.transip.net
buhgalter.com.ua
7    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.gravitec.net
3    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
www.googleadservices.com
4    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
18    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    95.170.82.90 (Amsterdam, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 95-170-82-90.colo.transip.net
analytics.factor.ua
2    185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
11    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    45.79.77.20 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1176-20.members.linode.com
jsonip.com
4    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
id.gravitec.net
6    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
11    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
4    2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    80.77.87.114 (Clifton, United States)

ASN46636 (NATCOWEB, US)
sync.kiviads.com
4    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
2    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
adservice.google.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
36    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
10    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
10    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    3.69.94.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-94-253.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
47    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
web.facebook.com
1    37.97.131.40 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 37-97-131-40.colo.transip.net
reactive.factor.ua
15    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-2.xx.fbcdn.net
3    2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
25    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
6    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
3    184.24.4.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-4-64.deploy.static.akamaitechnologies.com
ad.yieldlab.net
26    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
5    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
10    104.125.24.254 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-125-24-254.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
6    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
9    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
2    23.3.109.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-109-122.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
15    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    104.18.134.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cs.seedtag.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
7    54.93.177.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-177-113.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
6    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
cm.adform.net
c1.adform.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2607:ae80:5::148 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
3    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    2a05:d018:24:b002:d133:9dc2:a783:2cd2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    3.248.100.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-100-224.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
2    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
5    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
2    52.19.187.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.74.181.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-181-165.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    54.246.4.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-4-228.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.32.99.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-36.fra60.r.cloudfront.net
engine.widespace.com
1    52.206.63.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-63-211.compute-1.amazonaws.com
usermatch.krxd.net
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.228.118.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-118-174.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
3    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
1    67.202.105.22 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    18.159.155.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-155-47.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
5    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    54.76.134.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-134-229.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
12    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    54.85.128.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-128-169.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    54.76.69.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    173.231.178.83 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    2a02:26f0:1700:c::1737:6e2c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
Apex Domain
Subdomains		 Transfer
64 googlesyndication.com
3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
384 KB
58 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 298
288 KB
43 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1121
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 424
cms.analytics.yahoo.com — Cisco Umbrella Rank: 829
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
7 KB
41 buhgalter.com.ua
buhgalter.com.ua
732 KB
34 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 461
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10206
eus.rubiconproject.com — Cisco Umbrella Rank: 545
token.rubiconproject.com — Cisco Umbrella Rank: 554
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 851
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 1962
86 KB
27 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 460
ads.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 677
simage2.pubmatic.com — Cisco Umbrella Rank: 643
image2.pubmatic.com — Cisco Umbrella Rank: 862
image4.pubmatic.com — Cisco Umbrella Rank: 824
simage4.pubmatic.com
38 KB
26 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 269
1 MB
15 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2732
mwzeom.zeotap.com — Cisco Umbrella Rank: 2466
4 KB
14 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 823
scontent-frt3-2.xx.fbcdn.net — Cisco Umbrella Rank: 18097
164 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 493
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 415
9 KB
11 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 5941
cs.seedtag.com — Cisco Umbrella Rank: 13664
17 KB
11 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6057
ghb.adtelligent.com — Cisco Umbrella Rank: 5797
sync.adtelligent.com — Cisco Umbrella Rank: 4034
148 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 274
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 907
7 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4693
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 316
2 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 709
gum.criteo.com — Cisco Umbrella Rank: 392
mug.criteo.com — Cisco Umbrella Rank: 2753
dis.criteo.com — Cisco Umbrella Rank: 665
9 KB
8 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1396
csync.smartadserver.com — Cisco Umbrella Rank: 3079
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 552
21 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 894
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
8 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3293
adservice.google.co.uk — Cisco Umbrella Rank: 5208
2 KB
8 gravitec.net
cdn.gravitec.net — Cisco Umbrella Rank: 22358
id.gravitec.net — Cisco Umbrella Rank: 148011
63 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 208
secure.adnxs.com — Cisco Umbrella Rank: 426
6 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
307 KB
6 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4076
cm.adform.net — Cisco Umbrella Rank: 1400
c1.adform.net — Cisco Umbrella Rank: 620
2 KB
6 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 3626
926 B
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
web.facebook.com — Cisco Umbrella Rank: 237
15 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 26
65 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
2 KB
5 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 573
4 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
202 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 565
1 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1719
976 B
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
1 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 583
2 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 880
179 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 540
usermatch.krxd.net — Cisco Umbrella Rank: 1304
942 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4529
871 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 788
s.tribalfusion.com — Cisco Umbrella Rank: 1932
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 714
r.turn.com — Cisco Umbrella Rank: 3406
1 KB
3 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4002
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
190 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12902
pixel.onaudience.com — Cisco Umbrella Rank: 3019
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 498
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1004
843 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 591
382 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 776
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 663
647 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 553
613 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 879
sync.crwdcntrl.net — Cisco Umbrella Rank: 717
529 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24683
682 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1409
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 198
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1372
751 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 618
cdn.indexww.com — Cisco Umbrella Rank: 1465
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 439
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 640
57 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1207
454 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2630
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2681
206 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 630
949 B
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6897
2 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1158
contextual.media.net — Cisco Umbrella Rank: 541
9 KB
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 9655
512 B
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 151177
24 KB
2 factor.ua
analytics.factor.ua
reactive.factor.ua
688 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2425
3 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3515
461 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2004
555 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 716
761 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 15988
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1293
283 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5643
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
277 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 764
245 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
511 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 682
617 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4140
221 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 510
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 733
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 787
178 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 869
1 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 43135
214 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 519
145 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 58863
209 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 904
356 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 436
529 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7300
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10691
361 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 659
161 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122
403 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
707 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6137
179 B
1 kiviads.com
sync.kiviads.com — Cisco Umbrella Rank: 502034
197 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1135
189 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 504446
168 B
1 jsonip.com
jsonip.com — Cisco Umbrella Rank: 22324
449 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 159
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 385
12 KB
468 99
Domain Requested by
47 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
buhgalter.com.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
41 buhgalter.com.ua 1 redirects buhgalter.com.ua
36 c2shb.ssp.yahoo.com player.adtelligent.com
26 s0.2mdn.net googleads.g.doubleclick.net
buhgalter.com.ua
s0.2mdn.net
25 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
spl.zeotap.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
buhgalter.com.ua
googleads.g.doubleclick.net
s0.2mdn.net
14 mwzeom.zeotap.com spl.zeotap.com
13 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
12 simage2.pubmatic.com ads.pubmatic.com
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
buhgalter.com.ua
10 eus.rubiconproject.com buhgalter.com.ua
eus.rubiconproject.com
player.adtelligent.com
cs.seedtag.com
10 fastlane.rubiconproject.com player.adtelligent.com
10 s.seedtag.com player.adtelligent.com
cs.seedtag.com
ads.pubmatic.com
10 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
buhgalter.com.ua
pagead2.googlesyndication.com
9 match.adsrvr.org spl.zeotap.com
cs.seedtag.com
ssum-sec.casalemedia.com
ads.pubmatic.com
8 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
buhgalter.com.ua
7 x.bidswitch.net 7 redirects
7 www.google.com buhgalter.com.ua
tpc.googlesyndication.com
7 www.googletagservices.com buhgalter.com.ua
securepubads.g.doubleclick.net
7 cdn.gravitec.net buhgalter.com.ua
cdn.gravitec.net
6 aax-eu.amazon-adsystem.com 3 redirects spl.zeotap.com
ads.pubmatic.com
6 ad.sxp.smartclip.net 3 redirects googleads.g.doubleclick.net
6 www.google.co.uk buhgalter.com.ua
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
buhgalter.com.ua
5 match.prod.bidr.io 5 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 sync.search.spotxchange.com 5 redirects
5 pixel.rubiconproject.com 3 redirects
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
spl.zeotap.com
5 www.facebook.com buhgalter.com.ua
connect.facebook.net
5 ghb.adtelligent.com player.adtelligent.com
5 connect.facebook.net buhgalter.com.ua
www.googletagmanager.com
connect.facebook.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync-tm.everesttech.net 4 redirects
4 sync.richaudience.com 1 redirects spl.zeotap.com
cs.seedtag.com
4 sync.smartadserver.com 3 redirects cs.seedtag.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 gum.criteo.com 2 redirects static.criteo.net
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 ap.lijit.com 2 redirects buhgalter.com.ua
cs.seedtag.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 use.fontawesome.com buhgalter.com.ua
use.fontawesome.com
4 player.adtelligent.com buhgalter.com.ua
player.adtelligent.com
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 ups.analytics.yahoo.com 3 redirects
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 ads.pubmatic.com player.adtelligent.com
cs.seedtag.com
ads.pubmatic.com
3 mug.criteo.com
3 d5p.de17a.com 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
3 ad.yieldlab.net googleads.g.doubleclick.net
3 beacon-ams3.rubiconproject.com buhgalter.com.ua
3 www.googletagmanager.com buhgalter.com.ua
www.googletagmanager.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync.mathtag.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pixel-sync.sitescout.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 secure.adnxs.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 id5-sync.com player.adtelligent.com
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 sync.teads.tv 1 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 cms.quantserve.com 1 redirects 3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 pbjs.e-planning.net 1 redirects buhgalter.com.ua
2 3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.co.uk securepubads.g.doubleclick.net
2 sync.adtelligent.com buhgalter.com.ua
2 a4p.adpartner.pro 2 redirects
2 s.zmctrack.net buhgalter.com.ua
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ced-ns.sascdn.com csync.smartadserver.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 sync.crwdcntrl.net ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.adform.net cs.seedtag.com
1 u.ipw.metadsp.co.uk 1 redirects
1 match.sharethrough.com cs.seedtag.com
1 onetag-sys.com cs.seedtag.com
1 visitor.omnitagjs.com cs.seedtag.com
1 ssc-cms.33across.com cs.seedtag.com
1 secure-assets.rubiconproject.com 1 redirects
1 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net spl.zeotap.com
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 lb.eu-1-id5-sync.com player.adtelligent.com
1 contextual.media.net player.adtelligent.com
1 cs.seedtag.com player.adtelligent.com
1 js-sec.indexww.com player.adtelligent.com
1 spl.zeotap.com player.adtelligent.com
1 s.tribalfusion.com
1 dclk-match.dotomi.com 3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
1 r.turn.com
1 px.ads.linkedin.com
1 scontent-frt3-2.xx.fbcdn.net www.facebook.com
1 reactive.factor.ua cdn.jsdelivr.net
1 web.facebook.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 hbopenbid.pubmatic.com player.adtelligent.com
1 grid.bidswitch.net player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 prebid.media.net player.adtelligent.com
1 htlb.casalemedia.com player.adtelligent.com
1 sync.kiviads.com player.adtelligent.com
1 cs.admanmedia.com player.adtelligent.com
1 loadercdn.net buhgalter.com.ua
1 region1.analytics.google.com www.googletagmanager.com
1 id.gravitec.net cdn.gravitec.net
1 jsonip.com buhgalter.com.ua
1 analytics.factor.ua buhgalter.com.ua
1 fonts.googleapis.com buhgalter.com.ua
1 www.googleadservices.com buhgalter.com.ua
1 cdn.jsdelivr.net buhgalter.com.ua
468 151

This site contains links to these domains. Also see Links.

Domain
i.factor.ua
factor.academy
buhgalter911.com
reklama.factor.ua
bit.ly
fit.com.ua
www.youtube.com
Subject Issuer Validity Valid
buhgalter.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-10-31 -
2023-10-31		 a year crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2022-03-22 -
2023-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
player.adtelligent.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-18 -
2022-12-17		 3 months crt.sh
*.factor.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-12-28 -
2022-12-28		 a year crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-25		 a year crt.sh
jsonip.com
R3		 2022-11-12 -
2023-02-10		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
loadercdn.net
R3		 2022-10-12 -
2023-01-10		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.kiviads.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-25 -
2023-07-25		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
widespace.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-08 -
2023-08-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh

This page contains 65 frames:

Primary Page: https://buhgalter.com.ua/
Frame ID: 66F89C80CA724F7C1FAF0BEAB2211891
Requests: 264 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 7F9794FDFD7BA6F607D94C398930C2C3
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 72911502A8842478834320DD022680B9
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: 98CDE763D08CF7D991625AEE1A2A6867
Requests: 1 HTTP requests in this frame

Frame: https://sync.kiviads.com/8d39819b61aa03f45b0ece15913fb28c.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739302%26extuid%3D%5BUID%5D
Frame ID: 3D2A981368813C2C2D71D92807BAEEC4
Requests: 1 HTTP requests in this frame

Frame: https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 88713404666B49E9D443829F90B3B3B3
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 0D9C8E49EE6DE66B2F34EBA8E7DED754
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AF11DA689D633EF67BC8EC634C85264C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Frame ID: 3349B0DB9BA9420A73BE48134DF0DD17
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0AFBB915099AF237181A31A8643C612
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F26E168C76A5EB2B0C482E9B50B22EC5
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLS7DkUFRVFsjmoR470gW6_3cYB6IF_8eRXTiGmDv6eTC-7BcRIvVWU_z-sFNM44Nk4Edn5LkRD9Ct9KzzyJvrQZHzx8gk0xcKfBu0iL5m06bGC0ioLbGlW-TfZfuF6wA6Ur2bYu2fX-lQHMXuATRJD9dknMpDgNqw0fAPPEjQvolYJ8LZ5vpCTOpoUy_2eKKPoWfmCNA1jQFyMS-Wz0u8zTiwRV7hUhCxEmZ7cb7FjF1VSHSuWWHB0d4pI2oG3wRgNr-kV6UIe-O5UXWOvnRlzYYTqGzUp2Atl80Z48HHyN_XrAeIEQkfBG_bEKeo7QjVA7l4xFDj413I-JzDvrr1gyYU&sai=AMfl-YRNAlm0sTW7rLpMCthdNaeflW3JWrokBIoKrJgC33gWu-yhy3ZMHlaVkMC18MYeYm2mcBj9HbPYYBrvLm6O6bE4ectqXapfML7Go2ry1OW72n_OmNp_bp6_JsbzZg8t&sig=Cg0ArKJSzN5Cy5Def3AFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4640989C5444371D7FCA7A5B8351D72E
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQwtvy-QMY1Zv90wEwAQ&v=APEucNVVgqA76noG15ks5IovAB44v3l5yJA7i11PHCSrGCflZC18eDY4pIpsufZLZ7Q_M1aAgC4-oB5Z4b30orCm8M3XrMKa4AMZcMjnL8OxjxgkS__JdRI
Frame ID: 43D8A9BCBEC656885D728B3D6046823A
Requests: 3 HTTP requests in this frame

Frame: https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8198E70084ABC4FBCA3804900E320736
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7mHFa6toaT3yPLiszJQsuo4epcZyVFldNwV7xJJp7xDQZvNGcbmpjOWTwruFiqd5lRm7niW4g1sLq1LqJ3cSxlhq6Kulqj1vE7oyNk2wczYgmhn03rV5Iij7ojHw-ZsUneu8TZCG3aAuWrnrYwjneTQx-EbglsUFAN4S5LXxkfxy4hJ-AHSGGhNsmGey8BfyqB1q0H3QcqtDrLZPJ79xNZxszrBvw9OUExzezytJNXSM5ye1iTSQQFcEg48NzQQgaXZpDllu3VHR9JpT3o0-PyJ1v9ugwZ5WSSSE3AKlc30E1xer4P5f_lLOX2tJusWSXq4rWgBJqgy8ReP9tn6PUDKaPOt0&sai=AMfl-YQBiV9tiZLjJYDg3uuvItNSjcNAWpmMbDLmWl9G32ny_W_0RatAftcyVPgYsvLHIDR2mjUCTY4azgFlTwKNNIUuFDr5J6Y0wwMBF7eesooQdLVQHsrO3bOuWdKgQPTr&sig=Cg0ArKJSzO1gyQie_jrXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C63C29BB80C610CFD44DBF45635AADA0
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjshtzbATAB&v=APEucNU4bBy0kZcZQ0IOJLCbSumhdQQKkhm7-ZJpxBteYUgxbt52YaVCFcdwAcuq8OXLesq4ELUYUU6JyU7b-TKRKki-D1KBlxuxST4YGDwpFO6m1_55VO0
Frame ID: C813DBA2399F2068122CF7C5D87F5789
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkKLh7qCNZTaCQwqmW9I3hVBTHGrHbb8LPRQ6fQ2QXnRkfxXZYshEgX5N_5sGlylGuCK7ygW_OwFYFG6jgq-nwsalRfbMx150j6G4HocVnb0klrhPXBnlKnChYSuk2bTAqHRYn0RkL6Ia9VmQVsAFYEFO6DtUjt-yvHPeAYxeFXEG3n53coIul4g6TKivlUDpyC30gINzbyRAunLfhBLmK7rWionQWHmL706zHrfOC7uu2REKHGVuUoimVhKb8sIvb0ijnXXH0qOFSED9GtqvUyDYiBGpLfIVW8_gYqjjrT4Bk7_9lQi9vqAasRvYjA0_O6QcnXMuyear9mw0wRAtBjA&sai=AMfl-YQOM2rCd2GWlZrIhK-NlFYNI79qC65qBKSdhKI48ecI1codC8qss3F5RryG1USx99__DgMyFnAEE9XqmNJnLClcZGM-XxG36Dr5oT0_Hzq7D5EwAqQSigrsBHlnS4v-&sig=Cg0ArKJSzMrtg2go9ce-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3BE112ED9E4097D7B25F214ED2B4BA29
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiP--vQIYsdSeywEwAQ&v=APEucNWRZdIpZ3gC3EC_Ei0byRfphdFfCHegY4O0B0lxAltpLd2NdVV9xaY1Ce_vfcKcB45z8k5HbsEMDE89y4Wml61yPRQKS89D10Ljc5-OKMvV_JS1QMg
Frame ID: 977320AC21BDAB460A53662858BE4986
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGL3gzdsBMAE&v=APEucNXytruq_vPeBT2kH6D8oC-Umf9CBmnDaqgiEcKx5CUbzGWQGg38guaRhVB7GOL6zdbZ1EMXVI4dwPZ3DA3HfH3FKVypGN1pw2Fglq6LLRZMHzLJtNI5IoQBu02VWc2l2hPZKlB-6hZbI6OjxWAnFwBB5nruSTpleW41-mE25R0RTi3cA7U
Frame ID: A10B8BC5A2BC6D5F0FE73944D0FDF220
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4E15CDC55E9CD575DA67BB1070DCD3CA
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Frame ID: FC61F2EDBC1215102B48A0FF17DA8E9C
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Frame ID: 0520BFA91CDBAADE8283BDDC95D7EC40
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB6547BB57F3E202023FBBADC38A3366
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE3C3A81BEF95EC46C10C9CBEE180F8A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Frame ID: CBB5FA65C24E1200063734B82E4D01E1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5C55F23429C558E1416C735D9433D157
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B73F1DDFCE79A47F6819A27FBDD7F1A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9EA4F106F9519A10A8C8E1D9B86ECD4E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Frame ID: 83E585578BDC440B4D883989441272FF
Requests: 24 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=buhgalter.com.ua
Frame ID: FC77F0E094550DC5C99617DDAD1A3C77
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 6654F30C0B7A5555CB627A8358741287
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: D5F1983317E490B4CF74393F855151B2
Requests: 31 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: A75768147C24F6441D733A9BD05FD715
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 188839D3530271A224A0FE2F9CFE1044
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 26F02654693B2F62818B36F2B99E57B7
Requests: 1 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Frame ID: 749FAB3BB98A2B6BD4FC40828C2C6AE0
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 741215979A974DBAB0C9CC00B221E21F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B6CBF15AB65AC6A8789923A3F0105095
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 52976CF3DD18CB0FBEE68C10CDEAF317
Requests: 3 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 1CFB0C2AF5A33FFCA3D10C68BC7C95CE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: 62CBE9EEC7F8DE82DD85F948FE3EB989
Requests: 19 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1670634254234&pubconsent=&euconsent=&hasConsent=1
Frame ID: 6CEF1DB0F4CFD076A2F7986CF361B42D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Frame ID: A131AB4AE6CC7C28DF188B8D485F66C2
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Frame ID: E71F99A6C3A1CBBCA7E062FD36A1CA10
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: 102352CA379E1BEBCB6326E6394CE991
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: E91EA3B5ECB93CC660D89CF2C08A3CE6
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent=
Frame ID: D145D8D585E4D8B5AE1B43E7132EA046
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9d56393-db0f-4600-9e1a-751385bc52e1&gdpr=0&gdpr_consent=
Frame ID: 017CF489CE221AA8646BE2F2B30CDA37
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1116023227903885191
Frame ID: EB7A35A876A31FCF9D634478F352C95F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: D0B5F73B59FF085346A8A911217778D8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF2C0561-AF87-4F40-BD86-9AD38468566B&redir=true&gdpr=0&gdpr_consent=
Frame ID: BEA2AA06C11374FD02BF6F85E822F153
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7879528663438692187&gdpr=0&gdpr_consent=
Frame ID: 2F8B1D2A231D6D6E9BB73E726207A6DD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP
Frame ID: 22836C7333FE49D14BE01083C40E6CC5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7175319484515088528&gdpr=0&gdpr_consent=
Frame ID: 33D22B1863A4A7758E1F6E95815B4331
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DtGgHntqSzphZzaM56-wRdmKxGU
Frame ID: 3161FB445C14CEAD4C4FA4E94400E240
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADd-U7HJ7YAAB8gq9Bdkg&gdpr=0&gdpr_consent=
Frame ID: 05A91804DF2E3718DF422E6B63464B05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5PbDgAADuq_cQAe&gdpr=0&gdpr_consent=&_test=Y5PbDgAADuq_cQAe
Frame ID: 0C0EB0B86C2BCC80B74BC11B16BE764B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 5F180CC180F54120C376F9CD68D67DA3
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2AA64F9E5D7859F878524AA8610A2AA9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6882786710
Frame ID: E42B1BE8A86407BC85D3882216BF90CF
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: EFDF9937086E31C37180AE8836B2BA0B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 369E67F1BC348762576615F144BD5D3B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 962D7180C24189B24216097D5E2D7F0E
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhUXnjaTjjMWnMQST
Frame ID: D14E9FF1676679FF545367E433023082
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=BF2C0561-AF87-4F40-BD86-9AD38468566B
Frame ID: 16B67BE8C44795D12A80829B72F181C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Сайт для бухгалтерів бюджетних установ

Page URL History Show full URLs

  1. http://buhgalter.com.ua/ HTTP 301
    https://buhgalter.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

468
Requests

85 %
HTTPS

29 %
IPv6

99
Domains

151
Subdomains

105
IPs

15
Countries

4345 kB
Transfer

10150 kB
Size

124
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buhgalter.com.ua/ HTTP 301
    https://buhgalter.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=922da23c-eac1-4899-a75c-f8fac669c957
Request Chain 164
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.5491325151401307&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.4&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=b4ed2348-a92c-4033-8185-cc1fbc9719ef HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.5491325151401307&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.4&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=b4ed2348-a92c-4033-8185-cc1fbc9719ef
Request Chain 249
  • https://web.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250 HTTP 302
  • https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1&C=1
Request Chain 330
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5PbC9RdFZhuTg-R4CxyqQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAa8BvyklDlN4pqU-EX9i5g&google_cver=1
Request Chain 332
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3OTUyODY2MzQzODY5MjE4Nw%3D%3D
Request Chain 380
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBH8HXUM-1P-M3AB&gdpr=0
Request Chain 381
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4kDbcsEhRzGBSjbzQk2jlw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4kDbcsEhRzGBSjbzQk2jlw&gdpr=0
Request Chain 382
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_LEHOJ94TwSiIYTVQhfcIA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_LEHOJ94TwSiIYTVQhfcIA&gdpr=0
Request Chain 383
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bWb0KtYl3qqhF29---44Xcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wAlmIQRE2oLXtC7aVOhkRkwVmD_cp0rvEh2YNA--~A
Request Chain 384
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGFiZmQzOTI3ZWNiNDcwNDBmNGExOTRlNzg4Mjc1NGVjNGY4OWNkZg&gdpr=0
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEH7kyHaNisHvNZfJyGSGtGg&google_cver=1
Request Chain 386
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJIOEhYVU0tMVAtTTNBQg==&gdpr=0
Request Chain 388
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOYtsJ5X_Fu5_EZoC067LDI&google_cver=1&google_push=ASkJ3FZ7ryMLJ5pb3wZhhNG-HKZGX0KzndLjNSkE1DPosmxGF51btgz2vW5dA0XjTFkKpj68EhoWxZQdS_CuT5EiRwAiR5Ifh0Rvvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyNjkwNjIxMTA2MDg3NzA1NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOYtsJ5X_Fu5_EZoC067LDI&google_cver=1
Request Chain 391
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOY84v3ReJ48L2Jtq07Ih-4&google_cver=1&google_push=ASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOY84v3ReJ48L2Jtq07Ih-4&google_cver=1&google_push=ASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 392
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPVl1hoaZRRSoZByXxOZ768&google_cver=1&google_push=ASkJ3FZeRHrDg40Sf--Ki0plmOa-PSZjVc-rvUPAqbSbE1S6x2Bhzy_0OEnDcDFNQIVQ2510cvB_8hex-BQYctp7XWKi8aRsV3fR2w HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPVl1hoaZRRSoZByXxOZ768&google_cver=1&google_push=ASkJ3FZeRHrDg40Sf--Ki0plmOa-PSZjVc-rvUPAqbSbE1S6x2Bhzy_0OEnDcDFNQIVQ2510cvB_8hex-BQYctp7XWKi8aRsV3fR2w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZeRHrDg40Sf--Ki0plmOa-PSZjVc-rvUPAqbSbE1S6x2Bhzy_0OEnDcDFNQIVQ2510cvB_8hex-BQYctp7XWKi8aRsV3fR2w
Request Chain 393
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH6JZB-ZbtHD1kyt8s2eeuM&google_cver=1&google_push=ASkJ3FbWk_RUEcM3QP82-sQ88J6Ooq4f-9rOvZhPrHJISx4AOTduHq-eH573uEulx-2xbehsfsoLPtZX43elCBGbVUopym-qhckWcA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH6JZB-ZbtHD1kyt8s2eeuM&google_cver=1&google_push=ASkJ3FbWk_RUEcM3QP82-sQ88J6Ooq4f-9rOvZhPrHJISx4AOTduHq-eH573uEulx-2xbehsfsoLPtZX43elCBGbVUopym-qhckWcA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbWk_RUEcM3QP82-sQ88J6Ooq4f-9rOvZhPrHJISx4AOTduHq-eH573uEulx-2xbehsfsoLPtZX43elCBGbVUopym-qhckWcA&google_hm=FykArGZH0vqaiJQuTv6efENY
Request Chain 394
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECwlzGx_VqkJGvhR99ZSf4I&google_cver=1&google_push=ASkJ3FZJo5kk4dd-8Xx6-fuV9Re2UiEbtu6boW2AGaGqqcrpQneUG17Ee0RPBnsQXxeqHnKE2vBVsBCz3ot4lS4mSTtzwh8M5rTL69s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZJo5kk4dd-8Xx6-fuV9Re2UiEbtu6boW2AGaGqqcrpQneUG17Ee0RPBnsQXxeqHnKE2vBVsBCz3ot4lS4mSTtzwh8M5rTL69s HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 419
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=buhgalter.com.ua&sn=ChromeSyncframe&so=0&topUrl=buhgalter.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LjK8JHxvb3ViVi8wS1FIZHJTOE1lY1ltTXU5R1k5K01peDNNV0EyOUlFTWtUbTlVQ0YwL2htbENGRnhLck1FODlSRlN2ZU1RbmdYc3FkdVZkdXNIR1dJcldVemVBbTVFZFpxNEdpZWJKOERrbS93bnRCM2d5bDQvYWh0SFhGUDlwOEZFNE5acGJONFZWY1BXYlVveDh1Q3A2bStTRmR4dFJPei9HTnVMRFRacFI1clFRUks5RlBJV3R5eWx3VVl0RTJ3WHlGV0FvWWJHSHBnTTJ6OC9SdDhiVWwrM3ZrNnVYTmNyMUxnUE5hMlp4ZktiNk9VZW04YWtPQWtaaDhycEQzRnJQVk5WQUc5aTBkN1F3QWdtK2ZQTzJjU2grcXZ4MzFQMDFKQ0RkcGpZQUdpaz18&cppv=2
Request Chain 436
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=bIOnB3xNSVFLaVFCRDduZUwyMDZTbXkzYzdnK0pGMGhQaUUzMnpkNTBiZlRHUGc3WTMvV2RCTDU5cHM0RTBveGFrekdpUTl5bHoxa3pQRDJsTFQ0RVExRHhBQ1lQaHZkY2p5VWpIQjlpaFQ0RWpZbTRObG1Nc2hJWUMvSlNWYTZZZUVVTjhsSFExSGdTQ0s3SlVmMHpMeGYvVGl6ckVNU2VtbzczbUR6TFNESHViMEdwNVV3d01iSWZZeThwNTM3M1FsYWczcE9NZjBoYU1aNVdOWEY0ekJFSERxSTRsTVNROFpROEc2TGpmMURvTTRScnNmS1FaamovQUs0dnJ4VzlFK01DaVlCR0xLWXJ1M1JQK3JHSlZCaUUvbTZsaGx1V1l3Z3lUaTVXQnR1YUZZST18&cppv=2
Request Chain 444
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=
Request Chain 445
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=922da23c-eac1-4899-a75c-f8fac669c957
Request Chain 450
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5c7b0e2b-35f2-441c-aaa6-685650eec00f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Request Chain 455
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361&rdf=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=06A04779-43F3-4475-A739-FC7237D2B8B2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Request Chain 456
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=56eaf0bc-7bef-4f3c-b854-3c6acc3a6505&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 457
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=19585317114617064883151097815292063724&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Request Chain 459
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7175319484515088528&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Request Chain 460
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8
Request Chain 461
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361&bounce=1&random=3239603363 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=apQCafiyIu9lF/KUqExnJe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Request Chain 462
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 464
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-ttshpelE2orBsQ8YHpG9jm4TaoVtLb0PsQ--~A&zpartnerid=570&env=mWeb
Request Chain 465
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=2Sp3QfXblD%2FgPKeGv7Qxp6zABtT14JBh%2BS41iYitP1U%3D
Request Chain 469
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361&_test=Y5PbDgAC0ltmmQAF HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5PbDgAC0ltmmQAF&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361&_test=Y5PbDgAC0ltmmQAF
Request Chain 471
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Request Chain 472
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361&dcc=t
Request Chain 474
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Request Chain 475
  • https://pixel.rubiconproject.com/token?pid=41544&puid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LBH8HXUM-1P-M3AB&env=mWeb&zpartnerid=1770&gdpr=0
Request Chain 476
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Request Chain 480
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 489
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7879528663438692187
Request Chain 490
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
Request Chain 491
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Request Chain 493
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_user_id=${BSW_USER_UD}&bsw_param=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=seedtag&bsw_param=cf2ce370-54e1-4ed0-8314-7296e5e3ca80 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=cf2ce370-54e1-4ed0-8314-7296e5e3ca80
Request Chain 494
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=905fb18b-7826-11ed-a823-1e1d47870306 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/spotx?channeluid=905fb12a-7826-11ed-a823-1e1d47870306
Request Chain 495
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
Request Chain 496
  • https://sync.search.spotxchange.com/partner?source=249286 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=90600017-7826-11ed-97f3-10a0cca80306 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&us_privacy= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESELfvQCttagTA04LSu0a9NjU&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 497
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=d39a4126-c329-47b9-bbd1-80f99b7ae25b
Request Chain 498
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y5PbDNRdFZhuTg-R4CxyqgAA%265214
Request Chain 499
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-k6ZOdqFE2uEEqLxUw.iAmsg58homBCMg36O2MfU-~A
Request Chain 504
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5PbDNRdFZhuTg_R4CxyqgAAFF4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAK4p2fR1BaxmR0eaVVBnJE&google_cver=1
Request Chain 508
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19BB082665E744BABD109FC0D9A8023F
Request Chain 510
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 511
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 513
  • https://c1.adform.net/serving/cookie/match?party=14&cid=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent=
Request Chain 514
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9d56393-db0f-4600-9e1a-751385bc52e1&gdpr=0&gdpr_consent=
Request Chain 515
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1116023227903885191
Request Chain 516
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 518
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7879528663438692187&gdpr=0&gdpr_consent=
Request Chain 519
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP
Request Chain 520
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7175319484515088528&gdpr=0&gdpr_consent=
Request Chain 521
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DtGgHntqSzphZzaM56-wRdmKxGU
Request Chain 522
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZC1VN0hKN1lBQUI4Z3E5QmRrZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADd-U7HJ7YAAB8gq9Bdkg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADd-U7HJ7YAAB8gq9Bdkg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADd-U7HJ7YAAB8gq9Bdkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4296682362736574570&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADd-U7HJ7YAAB8gq9Bdkg&gdpr=0&gdpr_consent=
Request Chain 523
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y5PbDgAADuq_cQAe HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5PbDgAADuq_cQAe&gdpr=0&gdpr_consent=&_test=Y5PbDgAADuq_cQAe
Request Chain 524
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 526
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670634254544 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6882786710
Request Chain 530
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhUXnjaTjjMWnMQST
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vywFYa-HT0C9hprThGhWaw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 533
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8d146393-db0f-4400-ba8e-cee3effab749
Request Chain 534
  • https://pixel.onaudience.com/?partner=214&mapped=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 535
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkYyQzA1NjEtQUY4Ny00RjQwLUJEODYtOUFEMzg0Njg1NjZC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEBDRudu1KyajM925TmWHWM&google_cver=1
Request Chain 538
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4543388391959651126
Request Chain 540
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322324126358985&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 542
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BF2C0561-AF87-4F40-BD86-9AD38468566B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HdquntxE2uWy.6ykWCyyCs4NEl47BB0-~A&gdpr=0&gdpr_consent=
Request Chain 545
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7026906211060877054&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 546
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:eb895fdf-6bf3-4bed-9b49-7d55119a96e0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 547
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7879528663438692187

468 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buhgalter.com.ua/
Redirect Chain
  • http://buhgalter.com.ua/
  • https://buhgalter.com.ua/
105 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
087dbe10c41f9e7dac1560fe02cb969b1c50ba098cf8355ffe9f71b18654037a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 no-transform
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 01:04:09 GMT
expires
Sat, 10 Dec 2022 02:04:09 GMT
last-modified
Thu, 28 May 2020 12:12:45 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
233
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 10 Dec 2022 01:04:09 GMT
Keep-Alive
timeout=5, max=100
Location
https://buhgalter.com.ua/
Server
Apache
Strict-Transport-Security
max-age=15768000; includeSubdomains;
x-xss-protection
1; mode=block
jquery.min.js
buhgalter.com.ua/assets/templates/base/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Fri, 25 Jan 2019 12:46:20 GMT
server
nginx
etag
W/"5c4b051c-1762a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
client.js
cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 31 Oct 2022 20:13:10 GMT
date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 19:57:34 GMT
server
nginx
etag
W/"636028ae-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
REVALIDATED
main.js
buhgalter.com.ua/assets/templates/base/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/main.js?1665486999
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 11:16:39 GMT
server
nginx
etag
W/"63455097-7b37"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
advert.js
buhgalter.com.ua/assets/templates/base/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/advert.js?1482134876
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2016 08:07:56 GMT
server
nginx
etag
W/"5857955c-947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
custom_branding.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
798 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/custom_branding.css?1645010085
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:14:45 GMT
server
nginx
etag
W/"620cdca5-90d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-35985798-1
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55809c03d4d0109d1247e7f4e6fbeb3a801b5349f689f7191490fcb429882ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43607
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Dec 2022 01:04:09 GMT
config_accounts.js
buhgalter.com.ua/assets/templates/base/js/ 		676 B
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/config_accounts.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
last-modified
Thu, 11 Nov 2021 09:07:41 GMT
server
nginx
etag
"618cdd5d-2a4"
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
676
expires
Sat, 24 Dec 2022 01:04:09 GMT
all-sites.js
buhgalter.com.ua/assets/templates/base/js/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/all-sites.js?v=20072022
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 07:26:46 GMT
server
nginx
etag
W/"62d7ae36-7c31"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
buy-access.css
buhgalter.com.ua/assets/templates/base/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 15:42:50 GMT
server
nginx
etag
W/"635803fa-39e0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
sockjs.min.js
cdn.jsdelivr.net/sockjs/0.3.4/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
410644
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19170-FRA, cache-yyz4536-YYZ
server
cloudflare
etag
W/"845f-2xqGtL6IkSLNx0THukpBdUC8xho"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DmXpd5oD9TJ5oNH%2F5Fby8Xou1iXtk5T3%2FMuYqR2FoL0XQW3keC7lrZLhpYCWh%2FDw8GSqTJq0EvupNjjyii%2BDUYtDPlgMmg3a6KlbF5t3wGyItxd4e9IaOB39A5c2wnGCwZh2VxkYsbxY%2F1PJEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7772109c3fde24ae-LHR
subscribe_form_newsone.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/subscribe_form_newsone.css?1665485092
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 10:44:52 GMT
server
nginx
etag
W/"63454924-72c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
bcom_logo_footer.png
buhgalter.com.ua/assets/templates/base/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/bcom_logo_footer.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
last-modified
Tue, 25 Oct 2022 07:24:51 GMT
server
nginx
etag
"63578f43-25e7"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
9703
expires
Sat, 24 Dec 2022 01:04:09 GMT
payment_types.svg
buhgalter.com.ua/assets/templates/base/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/payment_types.svg
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 07:26:26 GMT
server
nginx
etag
W/"63578fa2-c9b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
footer_logo_forum.svg
buhgalter.com.ua/assets/templates/base/images/ 		5 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/footer_logo_forum.svg
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 07:26:44 GMT
server
nginx
etag
W/"63578fb4-1554"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
js.cookie.min.js
buhgalter.com.ua/assets/templates/base/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/js.cookie.min.js?1651056762
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:52:42 GMT
server
nginx
etag
W/"6269207a-690"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 01:04:09 GMT
chat2.js
buhgalter.com.ua/assets/templates/base/chat/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/js/chat2.js?1575636222
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 12:43:42 GMT
server
nginx
etag
W/"5dea4cfe-375c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
favorites.js
buhgalter.com.ua/assets/templates/base/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/favorites.js?1549530983
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Thu, 07 Feb 2019 09:16:23 GMT
server
nginx
etag
W/"5c5bf767-140a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
ads_remove_popup.js
buhgalter.com.ua/assets/templates/base/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/ads_remove_popup.js?1551773669
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 08:14:29 GMT
server
nginx
etag
W/"5c7e2fe5-c04"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
analytics.js
buhgalter.com.ua/assets/templates/base/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 13:17:17 GMT
server
nginx
etag
W/"60f186dd-22ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
content_breaker.js
buhgalter.com.ua/assets/templates/base/js/ 		785 B
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/content_breaker.js?1638465638
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
last-modified
Thu, 02 Dec 2021 17:20:38 GMT
server
nginx
etag
"61a90066-311"
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
785
expires
Sat, 24 Dec 2022 01:04:09 GMT
check_access.js
buhgalter.com.ua/assets/templates/base/js/ 		302 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/check_access.js?1638465374
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
last-modified
Thu, 02 Dec 2021 17:16:14 GMT
server
nginx
etag
"61a8ff5e-12e"
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
302
expires
Sat, 24 Dec 2022 01:04:09 GMT
ads_turn_off.css
buhgalter.com.ua/assets/templates/base/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/ads_turn_off.css?v=20200507
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 11:00:26 GMT
server
nginx
etag
W/"630c9c4a-12ce"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
accounts_manager.js
buhgalter.com.ua/assets/templates/base/js/ 		2 KB
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/accounts_manager.js?v=02022021
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 07:56:35 GMT
server
nginx
etag
W/"600e79b3-609"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
ads_turn_off.js
buhgalter.com.ua/assets/templates/base/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/ads_turn_off.js?1661763183
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 08:53:03 GMT
server
nginx
etag
W/"630c7e6f-b0a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
lw.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
834 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/lw.css?1642000502
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Wed, 12 Jan 2022 15:15:02 GMT
server
nginx
etag
W/"61def076-73c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
wrapper_hb_299506_4371.js
player.adtelligent.com/prebid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19336
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 12 Dec 2022 01:04:09 GMT
date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 01:44:07 GMT
server
nginx
etag
W/"63914167-6c4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gtm.js
www.googletagmanager.com/ 		205 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18b058a41e2f6de6a40523cce3f8db85012c43d27d7739f0637abe5d4f0cc301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73288
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Dec 2022 01:04:09 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/buy-access.css?1666712570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 23:53:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Dec 2022 01:04:09 GMT
resource_icons_v7.png
buhgalter.com.ua/assets/templates/base/images/accounts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/accounts/resource_icons_v7.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
last-modified
Thu, 17 Jun 2021 10:19:17 GMT
server
nginx
etag
"60cb21a5-f41"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
3905
expires
Sat, 24 Dec 2022 01:04:09 GMT
configs
cdn.gravitec.net/sdk/web/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/sdk/web/configs?appKey=c77ccd81f8480b85adc1e41419254e96
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
x-correlation-id
fe1b884b7bbc1b5833b97c2fb3f0c8d1
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-proxy-cache
MISS
hbw_master_299506_4371.js
player.adtelligent.com/prebidlink/19336/ 		128 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19336/hbw_master_299506_4371.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19336
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
cc8e455613eb2f5a4d373144320b33b34324c4cef186f26bb11ea78e4ddf1d7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 12 Dec 2022 01:04:09 GMT
date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 01:43:30 GMT
server
nginx
etag
W/"63914142-1ff58"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hb_299506_4371.js
player.adtelligent.com/prebidlink/19336/ 		350 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299506_4371.js?cb=19336
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
e4d808bad95e4317de730ff30cb286cbe71f03a65d49d59b65bfc8c58bbc1ffc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 12 Dec 2022 01:04:09 GMT
date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 01:43:30 GMT
server
nginx
etag
W/"63914142-57680"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c3024ed229e0941e4ecfa9faf35eca8c8663d8494a4bc8fff7ec62e954433d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27667
x-xss-protection
0
server
sffe
etag
"1417 / 507 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 10 Dec 2022 01:04:09 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
694282a54518a5f1fa5813f34f2f060fa5fb63dc4bee848405258ff77bb65ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 01:04:09 GMT
content-md5
qZEy2IJYQPXGTEjt6dNZ5g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2166
x-fb-rlafr
0
x-fb-debug
jAN7MA4307R0iKeb01YwLHOpZJfPQlbHS0NniEe23cxmPSsAZk/xczbkYo1373+XKC4h5BC+WdocKbwVQXfDBQ==
x-fb-trip-id
917726464
x-fb-content-md5
64cc4307e203b84ad41dc478bf795bc0
cross-origin-opener-policy
same-origin-allow-popups
etag
"049517b0f92478cbedc9109d1c71dc15"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Sat, 10 Dec 2022 01:14:03 GMT
add
analytics.factor.ua/analytics/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.factor.ua/analytics/add
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/analytics.js?1626441437
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.170.82.90 Amsterdam, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
95-170-82-90.colo.transip.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://buhgalter.com.ua
Date
Sat, 10 Dec 2022 01:04:09 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
Content-Type
text/html; charset=UTF-8
logo_event_n.png
buhgalter.com.ua/assets/templates/base/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/logo_event_n.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
last-modified
Thu, 17 Nov 2022 11:31:17 GMT
server
nginx
etag
"63761b85-25c4"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
9668
expires
Sat, 24 Dec 2022 01:04:09 GMT
z
s.zmctrack.net/ Frame 7F97 		50 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e27ed09d7d981bca54cf2bbaae780d25f610c11057db155b59d05c19df07cb2e

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23447
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975200280/?random=1670634249773&cv=9&fst=1670634249773&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96a0c611733b90af699b6b236a735e48ed76f02d74268cc34439bc84c8bd6c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
981
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
jsonip.com/ 		148 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsonip.com/?callback=jQuery111107037884364953049_1670634249534&_=1670634249535
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.77.20 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1176-20.members.linode.com
Software
nginx/1.20.2 /
Resource Hash
a87dcc73ff805f14d042296f823c96df55aa628565ce6f1549fa777854b7c6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:10 GMT
Strict-Transport-Security
max-age=31536000;
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
acceptcookies.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/acceptcookies.css
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 14:51:17 GMT
server
nginx
etag
W/"636283e5-662"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
acceptcookies.js
buhgalter.com.ua/assets/templates/base/js/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/js/acceptcookies.js?_=1670634249536
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://buhgalter.com.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 14:51:31 GMT
server
nginx
etag
W/"636283f3-ba8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
main.css
buhgalter.com.ua/assets/templates/base/chat/css/ 		849 KB
458 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 10:45:44 GMT
server
nginx
etag
W/"60e585d8-d4267"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
favourites.css
buhgalter.com.ua/assets/templates/base/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/favourites.css?1665487532
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 11:25:32 GMT
server
nginx
etag
W/"634552ac-15ec"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
notyfy_popups.css
buhgalter.com.ua/assets/templates/base/css/ 		3 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/notyfy_popups.css?1551775774
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 08:49:34 GMT
server
nginx
etag
W/"5c7e381e-a18"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7QKAAHXG4PCK5WJ4
age
2514102
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
TPD2wYwWoqdjphZrJHA/jeL8726JeMawjik7nMEkcfWhMkPijdAn6kBk7VvRkpqWbRdnr8IhNlA=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmomauKOYA4s47IaVPRBf8KqISB2WKWZ6ZPm6GjAemRQc0E3bZAHAxxNFa95FDGOHSj5AAQdcUCSt%2FfgOXDPrgh8Z7RVX%2FC8bBdywsOX%2B%2BEw4b%2F7bUkeHG%2B2%2FjQFQDarQ4mjWWSaL%2FhkvOWXXVaIfsbx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7772109dcc61778f-LHR
media.css
buhgalter.com.ua/assets/templates/base/css/ 		121 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 01 Nov 2022 09:07:04 GMT
server
nginx
etag
W/"6360e1b8-1e459"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
subscribe_form.css
buhgalter.com.ua/assets/templates/base/css/ 		2 KB
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/subscribe_form.css?1562068831
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Tue, 02 Jul 2019 12:00:31 GMT
server
nginx
etag
W/"5d1b475f-656"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
newsinfocus.css
buhgalter.com.ua/assets/templates/base/css/ 		12 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buhgalter.com.ua/assets/templates/base/css/newsinfocus.css?1629355568
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/js/jquery.min.js?1548420380
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 06:46:08 GMT
server
nginx
etag
W/"611dfe30-2fc1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:09 GMT
/
id.gravitec.net/ Frame 7291 		621 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://id.gravitec.net/
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=315360000 public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 10 Dec 2022 01:04:09 GMT
etag
W/"5e9485b6-26d"
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Mon, 13 Apr 2020 15:31:02 GMT
pragma
public
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
Abk73BAE8Xf/QgnbAg
x-77-nzt-ray
908339306765f10409db9363e51b7639
x-77-pop
frankfurtDE
x-accel-expires
@1938085063
x-age
47909186
x-cache
HIT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35985798-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Dec 2022 23:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6503
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 10 Dec 2022 01:15:46 GMT
/
ghb.adtelligent.com/geo/ 		152 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5fbcc4ff94d56fb37b33e838466308a145e902acc9640acbfc529e7fe88f3d34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:09 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://buhgalter.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
152
tracking
ghb.adtelligent.com/adunit/ 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=299506&site_id=4371&full_page_url=https%3A%2F%2Fbuhgalter.com.ua%2F&adid=h8hx7n.36&features=147488&vpbv=N104&tte=161&lifecycle_tte=733
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:09 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://buhgalter.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977649145/?random=1670634249858&cv=11&fst=1670634249858&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87df3b2b2a5fa80f62a713bbe3fa2dfe02fa981a335faec6dc57fe303f089b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
918
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.google-analytics.com/gtm/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-WMZFGRB
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
717caa82423b365bb307bc47f8cbf11fb2a9cee3643b3bb062c0267950d4af23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45278
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 10 Dec 2022 01:04:09 GMT
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9361f54060bd1e37f71077f3935c37c63df1cfa1800e62978324203cb1796b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 01:04:09 GMT
content-md5
bYzQ4f97nYz7w7OS5f4IEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
ufT62osaq2g5FbI+CSezoY2wUFYkdrud6HUEv4p2+1I63KccsyrQ6SEVRY3CEWM+LERaOtbGrxmkEC1wQs3fTg==
x-fb-trip-id
917726464
x-fb-content-md5
e99091bd28f54c5149053cb257e29ae5
cross-origin-opener-policy
same-origin-allow-popups
etag
"7a6e1690bf220b5a1720b62b58620cf9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Sat, 10 Dec 2022 01:18:02 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 10 Dec 2022 01:04:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
5irXwsp6jFh8j2Zf2+EyYGnvb4Oh545oSTeZ34WFuj/qRqukIFWAb12ZQ+pdqKiDd6NcKgYS7nbVqjs87lQ7wQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLD3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7443db88304846f025d87248180532092fa8a230cdaed78de47311374c697cf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76933
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 10 Dec 2022 01:04:09 GMT
pubads_impl_2022120701.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 11:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132289
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Dec 2023 11:45:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		287 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=buhgalter.com.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:10 GMT
/
www.facebook.com/tr/ 		0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1495025544106981&ev=PixelInitialized&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1670634249902
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 10 Dec 2022 01:04:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1bb0ca338f496307dafa965e2c5429c8df952986576cb812f0f0ba83e4d1f25

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		408 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ed8bdd90963f7ea344f9ba4797400b312447b092830bda8d64c3ba59630fc7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
user.png
buhgalter.com.ua/assets/templates/base/chat/img/ 		631 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/img/user.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
last-modified
Fri, 25 Jan 2019 12:16:54 GMT
server
nginx
etag
"5c4afe36-277"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
631
expires
Sat, 24 Dec 2022 01:04:10 GMT
smyle.png
buhgalter.com.ua/assets/templates/base/chat/img/ 		816 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/img/smyle.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
last-modified
Fri, 25 Jan 2019 12:16:54 GMT
server
nginx
etag
"5c4afe36-330"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
816
expires
Sat, 24 Dec 2022 01:04:10 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T75YYXHXF6MATE4R
age
184652
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74288
x-amz-id-2
i/TxfKzz1gYBa7E1+aU2Xhp5RKyLwVTpuEcBlimwjoA63z5Brw/JEQdXHmh5TJlb0P2w2Ivw0vg=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXrkC0jO7A%2FSo4hZWo7BUH%2Fg9AppS2zTInC6KAzIE3qUstCsR6k0x2S1Sjsgfjwz41ty4rlN7LOYOXdQJPV6OgWAnqupU6XZ7JMuPQ6HOf%2BpAXyNo5kjDbpa0nkygPxisaahj5J0mjVRUgEWGWaUh2%2B7"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7772109eddc47467-LHR
fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J51T9H38W6KRY7K8
age
485078
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14872
x-amz-id-2
I3OQ0g4r+7KOfEPREP4sdWZiNxFdMRCEiXrjwv9Savckg18dNv8zPJ88WAavoMZBbdW39PMDs7I=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"4b218302f9057d02864d4909661831e9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djr7dxdZjh%2BzYZOvVR6qE8H%2BZUyTbLA%2FzY1j0eAp3bRhN7h686ZgcHbK2nW7urinwWzEkTYfOXJjRQ9CEuPDo9gNf4C0ymzZZi6V7Xs0%2FKDNYmJ0CEbbTlioXE4ZG5HZ%2Be0ldPyFTp%2BrEBxV8ILHVbu%2B"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7772109ecdc07467-LHR
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J51YXWABCQ0D28Q2
age
485078
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79100
x-amz-id-2
EL401VodDeCgYqOT+McvSHPQA98YzW/bW2yZrv+cWWKauSmfPlXs6Ocz1FQZFSMpnQ7GSE+nmVo=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyr4OVoKQosKLE99%2F2KjG3AjfnvEvQME%2BeEE0Ik69y3EE0uu3X0lQIg87IsxLe9LKbiM%2F38l7lL30o8qlRL6zUH8v9t%2BCa6ITOemklzfjXuicFmCY4HbdQ2hVR%2BxqxcisoIPj5FyGdFjsEPEN1pLOFNm"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7772109eddc27467-LHR
truncated
/ 		383 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
ic_video.png
buhgalter.com.ua/assets/templates/base/images/ico-social/ 		424 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/ico-social/ic_video.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
last-modified
Thu, 28 May 2020 12:05:04 GMT
server
nginx
etag
"5ecfa8f0-1a8"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
424
expires
Sat, 24 Dec 2022 01:04:10 GMT
fit_logo_site.svg
buhgalter.com.ua/assets/templates/base/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/fit_logo_site.svg
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/css/media.css?1667293624
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 10:17:26 GMT
server
nginx
etag
W/"62dfbf36-12ba"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:10 GMT
truncated
/ 		468 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		425 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		106 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		337 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26a3f227747bef076f84745aff171a08badd022bfbe1f74197dbca9bc443354b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		357 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8ee6435761532684a8d1d79368bfadcc4ebc56c653721a4c2a3e649b69922df

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
1495025544106981
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1495025544106981?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb4fafe3d9db67e1d848a6a313fa0148962e92762ec44488667e3c67559e8373
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 01:04:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85976
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
FSfrmWFMtbXZwg4+IE2d2VlUMI22LzYlS4YIXdvDAX66JLSXomANzMleERPp3ru4yUd/O5aZbCWgxOiImw0heQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/975200280/ 		42 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/975200280/?random=1670634249773&cv=9&fst=1670634000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=2472921983&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/975200280/ 		42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/975200280/?random=1670634249773&cv=9&fst=1670634000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=2472921983&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/977649145/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/977649145/?random=1670634249858&cv=11&fst=1670634000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=850405727&rmt_tld=0&ipr=y
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/977649145/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/977649145/?random=1670634249858&cv=11&fst=1670634000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbuhgalter.com.ua%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&fmt=3&is_vtc=1&random=850405727&rmt_tld=1&ipr=y
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/uk_UA/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=a3a48dd3645f72072560dcb106dd7f33
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d790bdb9c9934a5f355f4252b42f70aa70075349b567823d9366c383b980ea60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 01:04:10 GMT
content-md5
/SlFhOvcG1G9kZvQIvoTjg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88653
x-fb-rlafr
0
x-fb-debug
WiTqzeHA9MbRbPQHRAd7QW1AFk94nQGvyx9nZUQgm4eCZGn+t4i4b8Qcvqvs8+zcNyKTgsLYMvkxyQ1hTeX22g==
x-fb-content-md5
97baa83757ce27b92c94183b990eecdf
cross-origin-opener-policy
same-origin-allow-popups
etag
"c626df1c61e69b6c7743b79d8e653953"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 10 Dec 2023 00:58:04 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=39881125&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUABRAAAACAAI~&jid=1756682642&gjid=2146230313&cid=1938217506.1670634250&tid=UA-35985798-1&_gid=599105427.1670634250&_r=1&gtm=2oubu0&z=735278508
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=39881125&t=event&_s=2&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=event2&_u=4GBACUABRAAAACAAI~&jid=&gjid=&cid=1938217506.1670634250&tid=UA-35985798-1&_gid=599105427.1670634250&cd2=%D0%BD%D0%B5%D1%82&gtm=2oubu0&cd1=%D0%BD%D0%B5%D1%82&z=999579600
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 19:00:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21842
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6VVQ37Y1T2&gtm=2oebu0&_p=39881125&_gaz=1&cid=1938217506.1670634250&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670634250&sct=1&seg=0&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6VVQ37Y1T2&cid=1938217506.1670634250&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VVQ37Y1T2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6VVQ37Y1T2&cid=1938217506.1670634250&gtm=2oebu0&aip=1&z=218211064
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csyncs
ghb.adtelligent.com/ 		690 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=443991
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c34ef6e86efa9e3af58da7200514d3c8f9c157051826020ad940017664fc5a9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:09 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://buhgalter.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
367
0.bundle.js
cdn.gravitec.net/modules/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/0.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:29 GMT
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-2550"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
HIT
1.bundle.js
cdn.gravitec.net/modules/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/1.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/c77ccd81f8480b85adc1e41419254e96/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:29 GMT
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-8092"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
HIT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=39881125&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABRAAAACAAI~&jid=761673526&gjid=490544210&cid=1938217506.1670634250&tid=UA-53572572-5&_gid=599105427.1670634250&_r=1&gtm=2wgbu0WVLD3W&z=1428336328
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=39881125&t=pageview&_s=1&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%96%D0%B2%20%D0%B1%D1%8E%D0%B4%D0%B6%D0%B5%D1%82%D0%BD%D0%B8%D1%85%20%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABRAAAACAAI~&jid=1590889023&gjid=2022408981&cid=1938217506.1670634250&tid=UA-35985798-1&_gid=599105427.1670634250&_r=1&gtm=2wgbu0WVLD3W&z=2037887915
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadercdn.net/ 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=66a05bae80c15f42&d=buhgalter.com.ua
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 10 Dec 2022 01:04:10 GMT
server
openresty
981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame 98CD 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sat, 10 Dec 2022 01:04:10 GMT
Server
nginx
Transfer-Encoding
chunked
8d39819b61aa03f45b0ece15913fb28c.gif
sync.kiviads.com/ Frame 3D2A 		20 B
197 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.kiviads.com/8d39819b61aa03f45b0ece15913fb28c.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739302%26extuid%3D%5BUID%5D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.77.87.114 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sat, 10 Dec 2022 01:04:10 GMT
Keep-Alive
timeout=5
Transfer-Encoding
chunked
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 10 Dec 2022 01:04:10 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=922da23c-eac1-4899-a75c-f8fac669c957
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=922da23c-eac1-4899-a75c-f8fac669c957
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:10 GMT
Server
Adtelligent
Etag
d250fe5fe2f6a8f4
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=922da23c-eac1-4899-a75c-f8fac669c957
date
Sat, 10 Dec 2022 01:04:10 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=1938217506.1670634250&jid=1756682642&gjid=2146230313&_gid=599105427.1670634250&_u=4GBACUAARAAAACAAI~&z=773898867
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/299481/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/299481/config.json?cb=https%3A%2F%2Fbuhgalter.com.ua%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
ece024550d861e5c32110aa1039658ce7688394ed067f05264ceb95d01e5fe7e

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

expires
Mon, 12 Dec 2022 01:04:10 GMT
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
last-modified
Fri, 09 Dec 2022 12:01:10 GMT
server
nginx
etag
W/"63932386-8af"
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
cache-control
max-age=172800
x-proxy-cache
HIT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.co.uk/adsid/ 		107 B
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		690 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265370031501124&correlator=4200341907813319&eid=31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter-brand-custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=2347397124&didk=1293715577&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1670634250324&lmt=1590667965&dlt=1670634249406&idt=869&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2971&msz=1920x-1&fws=640&ohw=0&ga_vid=1938217506.1670634250&ga_sid=1670634250&ga_hid=39881125&ga_fc=true&ga_cid=599105427.1670634250
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73106120faaf8658a5d5272a01316d7a02cea27811b1b579bafdab2c801acef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
353
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		544 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265370031501124&correlator=2730755950497293&eid=31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=430837318%2CTOTAL_TAS%2CAdtelligent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1413638297&didk=607409652&sfv=1-0-40&prev_scp=tmPtS%3DINSERT_UTM_SOURCE_HERE%26tmPtM%3DINSERT_UTM_MEDIUM_HERE%26tmDmn%3DINSERT_DOMAIN_HERE%26tmClnt%3DAdtelligent%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1670634250332&lmt=1590667965&dlt=1670634249406&idt=869&adxs=0&adys=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x2971&msz=1600x0&fws=0&ohw=0&ga_vid=1938217506.1670634250&ga_sid=1670634250&ga_hid=39881125&ga_fc=true&ga_cid=599105427.1670634250
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8c2beb7c2b74195b7bda68bce7b2f3bd317b362ce6d86eadfd6233c047c375d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8871 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:10 GMT
expires
Sun, 10 Dec 2023 01:04:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53572572-5&cid=1938217506.1670634250&jid=761673526&gjid=490544210&_gid=599105427.1670634250&_u=6GDACUABRAAAACAAI~&z=57397862
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35985798-1&cid=1938217506.1670634250&jid=1590889023&gjid=2022408981&_gid=599105427.1670634250&_u=6GDACUABRAAAACAAI~&z=1046617648
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1495025544106981&ev=PageView&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1670634250373&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1670634250371.591693563&it=1670634250073&coo=false&rqm=GET
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 10 Dec 2022 01:04:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
08dc98899bc6fbc694aaaec07ac1f34770124445cba8c3cb03122fe9700d8f5b

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6c421c9533a1c7c8ab8af8228b3b4116e449166c30e90d2e9b7e7505f859a7e0

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8173e00067&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ad7aca6bf9ad72feb89acc1f0a7cabdc4821056550c3a04e5887e29895e0fa17

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b66dd84625754284fe9e270d7226ff457a5e84b4930f197b52ea0bde0d9c2dc9

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
764ba836d8aaf35a9528c814e9b05ea22c566b58330a20e713fbf5a23da855d3

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
eea97132cddb1a868c4c2e3b3fd2c073d928fb9ddbd31bc71c5cf72419da6979

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8d8890244315ff9816a52be72d2a2fc98ee93b6dfc8ad01f1f32343acf36fb49

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad8103460074&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f7a1766b66d96e1e1eb19e2f12b6b4ca66362ac67f6bfccb031b9e71d4956628

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad829262007e&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ed676d69b35c099e552d3aaa442fd3588828e5f72851e1eb70f5a266af629126

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
157566a22df7ac8bfdcc48afbe9f286224ad388423eb469c916d0cdbd4d2ccfe

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
901edb4b4a447bbb1ff2764059ffccafae7a7d74227b5daa4367506dc00c2cc4

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
05e53a3421a2a994ba6c1f48f951c2441c5553e8295b49e2e2a57cb2db3c8eb8

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6cc934e7d47865d351cd8b7788dfe404a4472351ffa2452a28540d94c4a2be76

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84e4b00081&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b9d9a71b2879100a34747d78f1f7ece002835d00da28500833fc500b80032188

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a40af8c17d73b31362be38e6eb6d8f8556dc8fa9f1e3332a9248a37d908befca

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6b5117a49904c7e8ff9aac2dbcb6ea10729864e7225e1eb9ab9d0576db937793

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3b9f8220667138d557e4ab43615c43de5f6845bbf1b0c31636304c94107f8525

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1810d9c1288f29c14d6559eddee941e2f350dd1f563562d921378125144e5482

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0ed7cd554ca7cb94be6dbc4389419a530515554a6608a1ee1cfbd5b973055ad0

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
eb231ddd81ab3b9f6a94bc2648e45f839b606a6a6253e379c5464bcdaba922e7

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
288835374ed109b25201404054a5ef98cfd02eb8f6bb2a1cea16a89af9b9ab52

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9124a6f861f08469b2fc5fad79f6392aa500d45f4c5992559bf2186e1d39c2b1

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8095670064&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8941f04f999d54e9dd1431c77fb4eac9bf0d84e74fe5d89700cc5f3b6fd5d1fa

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad813cb7007b&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
64264632b26710afdd63acd3b513f61f0ee6d6cac6b05187ea835f63201d8083

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad805d2c0071&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5e58f8b78b478aa2523320955716f96d184525be8139482eefb612d1250693fd

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad84331b006b&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f5457f2dad0b354c7eeaef5f733401b7d9c7326aaf5e57f3bed1e74ba5e24138

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad847394007a&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e8e63b273ee7c4272980208e5d6e6d36747f2b675f7b7cf508fccc6d623fb563

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad84af220080&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2d4a003558108036d5e1e3364d37a5cd86359cfdb46fdba413cee4cb2903d45c

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad784fa4006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d0bafc175bf850c1326f94020730aab72654b46d51240f6ea199f1b4f755d688

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad81dedc0075&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
568b7d3cf2e53fa57bb78d9e1a20c1f00de65c62b3ca9ad4c168b88a0a62bba9

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a9694a6018383a89128ad822331007d&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
63d2f7149362366cdb1bc6f7c39b97c89d597b1d29a27071ac0b74d94895096b

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad8253e00069&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3832e80c2f4bae18db01d9ff72307093f4e91b1cfb838166fc401c2507fdd85b

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad81ad100068&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e905fa7f6fb641e301a671f79a50345d62906d8dd9da25919ca521955f70ed15

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad80c1690073&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f8dd67a3930d510197cdfb0dedb2c076621b8417b6c8152188343fdd0316e53b

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969ce4018383a88820ad851b23006c&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ca89d08ccb30883363a0409364cb5bb8c445de036d1f44e34988326654d76798

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53ad77faa1006a&pos=8a969134018383a88c53ad82f4990077&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2643b493d883208f3991775760f86fefee5127efc6a99fba86c08419dcb921f6

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
content-length
62
cygnus
htlb.casalemedia.com/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22386e2bc39c184a5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.4%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240bd7f50b236d5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner%22%7D%7D%2C%7B%22id%22%3A%224348185fc02cea9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A620%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22620x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom%22%7D%7D%2C%7B%22id%22%3A%2249580992a32e92a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner%22%7D%7D%2C%7B%22id%22%3A%2254595eced2dfb34%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22250x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner%22%7D%7D%2C%7B%22id%22%3A%2255562b739b57908%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b4ed2348-a92c-4033-8185-cc1fbc9719ef%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ecd6b5f6c1d64a95f0c12958ded33e890f8ee4c8dc7605f72c2e6df5be86fd7

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2v7DXQZzQLnQIqZA0IehmOOyjo8cFAstdjSIJvCytggwCwenYaS%2BD2%2F38yDiMjJ2amcognYlsjSI1hueedRQ0b6RwzbxJAJiGl37qu0MkJMXh0IrvUnGJKZzYUdy4UVuTFN06DX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
777210a1eaed074e-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
s.seedtag.com/c/hb/ 		88 B
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b8fd7dd4105ce1ed396f303763969895138f914f8a96914107f5f0423881eba

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"58-/hSBaI8EP6Zq6lRnBN3lI05bllY"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fastlane.json
fastlane.rubiconproject.com/a/api/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=2&alt_size_ids=55%2C221&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=7d4f84de-94a6-468c-b251-dbc757a6d2af&l_pb_bid_id=5907f21826e3e1e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.9404862909040894
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0ced1f4816edad827c2a498b490f27cd9c2b0b49e8b8526ee781fe5d95f137d5

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		310 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=1&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.4&x_source.tid=665f5651-798c-4d77-bab6-7d4576174e7b&l_pb_bid_id=603a519243ebaac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.44604534842129717
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dc2c370d8a5d1a0a32059fee415ee027dd9dbb0bf4a7c323ff01d8ae0f165ffa

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
310
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		342 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=46e43819-2fd5-4678-b10a-914e05905c10&l_pb_bid_id=61c7f5edf4acf29&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.6350286157736467
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b1f3a1a548da7198749700d9599957f9d63fb1d94489fb4dedc67839471c34c

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
342
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=a97f9ec1-98e0-46af-89a2-13b8d6e99a3f&l_pb_bid_id=620b6e45ed94897&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.08724508013417132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
aaf51dbf4e7f50571addf72805cf9f9d89ec4370ed4d7e6940d6ffb6a9b9cf94

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767334&size_id=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=9d861a4e-d6e6-4de2-b115-4ba2e41a6633&l_pb_bid_id=638232ae9d52c19&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.7246993841857949
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4902e624cd797af0488835da96a262162484d4e181fde9b7e271dae74ead71fe

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
adc6c5f34c9c4f94735357a08ff809907b2430760eb6b192269ef66e4c2b293e

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://buhgalter.com.ua
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 10 Dec 2022 01:04:10 GMT
cdb
bidder.criteo.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=31682562771
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Dec 2022 01:04:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://buhgalter.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Sat, 10 Dec 2022 01:04:10 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		24 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-94-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
fb420929ea53b852c97e4a0a1f814d8bf1194a2e25c10e818d197bdbcc5d085b

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Sat, 10 Dec 2022 01:04:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55%2C221&gdpr=0&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=7d4f84de-94a6-468c-b251-dbc757a6d2af&l_pb_bid_id=94e04c3beb2a4cc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_top_banner%23div-gpt-ad-top-banner&slots=1&rand=0.015138854968955728
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6ab32739ba4f93340641de33dd7fb0a29b32a09314595a3f2f4830ec586f521f

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		311 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=1&gdpr=0&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&tk_flint=pbjs_lite_v6.25.4&x_source.tid=665f5651-798c-4d77-bab6-7d4576174e7b&l_pb_bid_id=95bb3c47b5e47a7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_bottom%23div-gpt-ad-bottom&slots=1&rand=0.8861513957992897
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4e3f8d43d16f1c9e0757fa04cb28fe7d6602f040b947bfcb098dc7004ff945f0

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
311
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		323 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=46e43819-2fd5-4678-b10a-914e05905c10&l_pb_bid_id=966efcf06b19434&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_right_banner%23div-gpt-ad-right-banner&slots=1&rand=0.7263025459041375
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
736f0e3b065e8ebc1f7af329fc3f711395f644140e3a5d570fc3c6f4997adcf5

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
323
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		321 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=14%2C17%2C179&gdpr=0&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=a97f9ec1-98e0-46af-89a2-13b8d6e99a3f&l_pb_bid_id=97aa1416ffa997b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter.com.ua_left_banner%23div-gpt-ad-left-banner&slots=1&rand=0.9766288554243596
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
242a6a20d12524c488c29a5678ed09c6852d9a920325874abb53824a50d8cafd

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
321
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		331 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&gdpr=0&eid_pubcid.org=b4ed2348-a92c-4033-8185-cc1fbc9719ef%5E1&rf=https%3A%2F%2Fbuhgalter.com.ua%2F&tg_i.pbadslot=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=9d861a4e-d6e6-4de2-b115-4ba2e41a6633&l_pb_bid_id=98bc059ef1da347&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F141806220%2Fbuhgalter_catfish_banner%23div-gpt-ad-buhgalter_catfish_banner&slots=1&rand=0.03334311181176486
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cf546b0a79fa03fe1026055391bc230c83a3ab336af78ef406f1bc61232fbddc

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://buhgalter.com.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
331
expires
Wed, 17 Sep 1975 21:32:10 GMT
ROS
pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/buhgalter.com.ua/ROS?rnd=0.5491325151401307&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.5491325151401307&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250...
581 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.5491325151401307&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.4&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=b4ed2348-a92c-4033-8185-cc1fbc9719ef
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
52e5aa30fbcd4f762fd828571b6d91b0ac214112c4c7cea30d137f4aef3c521a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Sat, 10 Dec 2022 01:04:10 GMT
date
Sat, 10 Dec 2022 01:04:10 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://buhgalter.com.ua
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
581
x-sid
AMS-928

Redirect headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/buhgalter.com.ua/ROS?ct=1&r=pbjs&rnd=0.5491325151401307&e=728x90_0%3A728x90%2C970x90%2C1x1%2B468x60_0%3A468x60%2C610x90%2C620x90%2B160x600_0%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B160x600_1%3A160x600%2C250x600%2C250x500%2C250x250%2C240x400%2C240x500%2C250x400%2B970x90_0%3A970x90%2C1420x90%2C1420x180&ur=https%3A%2F%2Fbuhgalter.com.ua%2F&pbv=6.25.4&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fbuhgalter.com.ua%2F&gdpr=0&e_pubcid=b4ed2348-a92c-4033-8185-cc1fbc9719ef
access-control-allow-origin
https://buhgalter.com.ua
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-928
/
ghb.adtelligent.com/v2/auction/ 		3 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
62e3c56b865e6dbbc780c6eaf200a8feb37b6bdbc7e7c34754b7cc95c4e280e3

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 10 Dec 2022 01:04:09 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://buhgalter.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
398
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1264355410382750&ev=fb_page_view&dl=https%3A%2F%2Fbuhgalter.com.ua%2F&rl=&if=false&ts=1670634250484&sw=1600&sh=1200&at=
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 10 Dec 2022 01:04:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=1938217506.1670634250&jid=1756682642&_u=4GBACUAARAAAACAAI~&z=117443246
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=1938217506.1670634250&jid=1756682642&_u=4GBACUAARAAAACAAI~&z=117443246
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=1938217506.1670634250&jid=1590889023&_u=6GDACUABRAAAACAAI~&z=1884576109
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35985798-1&cid=1938217506.1670634250&jid=1590889023&_u=6GDACUABRAAAACAAI~&z=1884576109
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=1938217506.1670634250&jid=761673526&_u=6GDACUABRAAAACAAI~&z=2130536896
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53572572-5&cid=1938217506.1670634250&jid=761673526&_u=6GDACUABRAAAACAAI~&z=2130536896
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
z
s.zmctrack.net/ Frame 0D9C 		102 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
56fd9e7b808ff385aa584431865f3cf5999f8c5877c0c5fb80b555b689292aaa

Request headers

Content-language
eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://buhgalter.com.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		36 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		489 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1000 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
arr.png
buhgalter.com.ua/assets/templates/base/chat/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/chat/img/arr.png
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/assets/templates/base/chat/css/main.css?1625654744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:10 GMT
last-modified
Tue, 13 Dec 2016 08:59:45 GMT
server
nginx
etag
"584fb881-490"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
1168
expires
Sat, 24 Dec 2022 01:04:10 GMT
truncated
/ 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 11:59:40 GMT
x-content-type-options
nosniff
age
133470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 11:59:40 GMT
/
www.facebook.com/tr/ Frame AF11 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://buhgalter.com.ua
Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://buhgalter.com.ua
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:10 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02bc0e96a3d50029e72d03e578932cc00bd7d5aba37809c4605ac466e74b3def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11154
x-xss-protection
0
group.php
www.facebook.com/v3.2/plugins/ Frame 3349
Redirect Chain
  • https://web.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuh...
  • https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuh...
44 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=a3a48dd3645f72072560dcb106dd7f33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0afa182359f8943e7833245bea17bb97c3967d31fad99a184f40a4786ca6a039
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Sat, 10 Dec 2022 01:04:11 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v15.0
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
V6WWCkxianLmqbDrQ4h3HekpOrxt9C38f0KLhOBNVnXzUkfqr04hbIXwIkCvnt3OkAQ8cch2ZVAAmFQ2ml91zA==
x-fb-rlafr
0
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sat, 10 Dec 2022 01:04:11 GMT
location
https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
strict-transport-security
max-age=15552000; preload
x-fb-debug
uULegBf8VSbhMKnAEmld7L1CRzUJGiX8hRRutMozAPXtZKJAQdj1zdvE5098ufKj7WIEHq7aO2HExfMqEjI8kw==
x-fb-zr-redirect
02|1670720651|
cup_coffee.svg
buhgalter.com.ua/assets/templates/base/images/paywall/ 		113 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/paywall/cup_coffee.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
a4991d87ebaea362f7b779eb0e62f6664d2b0bfb83aada173b6dbdc6ed587a7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 07:46:47 GMT
server
nginx
etag
W/"60487967-1c399"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600, public, no-transform
expires
Sat, 24 Dec 2022 01:04:11 GMT
ic-pay-access.png
buhgalter.com.ua/assets/templates/base/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhgalter.com.ua/assets/templates/base/images/ic-pay-access.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.144.183.196 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
136-144-183-196.colo.transip.net
Software
nginx /
Resource Hash
b6802ed3c9a13e4e0c4be93749ab1ffdfbf488638b05ed7e18ad3896b1a1748e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
last-modified
Fri, 29 Jan 2021 11:15:23 GMT
server
nginx
etag
"6013ee4b-841"
content-type
image/png
cache-control
max-age=1209600, public, no-transform
accept-ranges
bytes
content-length
2113
expires
Sat, 24 Dec 2022 01:04:11 GMT
info
reactive.factor.ua/buhgalter911_chat/ 		79 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reactive.factor.ua/buhgalter911_chat/info
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/sockjs/0.3.4/sockjs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.97.131.40 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-131-40.colo.transip.net
Software
nginx /
Resource Hash
b3b8bc1f85a6271976766d393373716502cc318ab9f0370132bc907c13e075e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:11 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://buhgalter.com.ua
Cache-Control
no-store, no-cache, no-transform, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=buhgalter.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=buhgalter.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=1265370031501124&vrg=2022120701&nw_id=141806220%2C430837318&nslots=10&eid=31071257%2C44777628&pub_url=https%3A%2F%2Fbuhgalter.com.ua%2F&sig=0&req=0&req_cnt=3&dm=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265370031501124&correlator=4317898866349562&eid=31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=141806220%2Cbuhgalter.com.ua_top_banner%2Cbuhgalter.com.ua_bottom%2Cbuhgalter.com.ua_right_banner%2Cbuhgalter.com.ua_left_banner%2Cbuhgalter_catfish_banner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C728x90%7C1x1%2C468x60%7C610x90%7C620x90%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C160x600%7C250x600%7C250x500%7C250x250%7C240x400%7C240x500%7C250x400%2C970x90%7C1420x90%7C1420x180&ifi=3&adks=1472868681%2C377900176%2C2541184592%2C2347727364%2C3757304322&didk=2486344417~4277630285~2963346524~3126075531~1899677630&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D2553039%26hb_buyer_id%3D14399%26hb_div_id%3Ddiv-gpt-ad-top-banner%26hb_r_id%3D5907f21826e3e1e%26hb_site_id%3D4371%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D117c1eb5587b0c93%26hb_bidder%3DadtelligentMarket%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D2553031%26hb_buyer_id%3D14399%26hb_div_id%3Ddiv-gpt-ad-left-banner%26hb_r_id%3D620b6e45ed94897%26hb_site_id%3D4371%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D3.38%26hb_adid%3D11808331cd0f56b3%26hb_bidder%3DadtelligentMarket%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D2553009%26hb_buyer_id%3D14399%26hb_div_id%3Ddiv-gpt-ad-buhgalter_catfish_banner%26hb_r_id%3D638232ae9d52c19%26hb_site_id%3D4371%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.18%26hb_adid%3D116a1a2ccdde0d01%26hb_bidder%3DadtelligentMarket%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252F&sc=1&cookie=ID%3D5218e73bd70a3ea0%3AT%3D1670634250%3AS%3DALNI_Mazp6AUr2YG9-wj-PuJnHzilgwBqw&gpic=UID%3D00000b90674afbdf%3AT%3D1670634250%3ART%3D1670634250%3AS%3DALNI_Mal2ujJOZR5CfNoZIXbI9N5dSKE1w&abxe=1&dt=1670634251055&lmt=1590667965&dlt=1670634249406&idt=869&adxs=315%2C500%2C1160%2C210%2C0&adys=40%2C2676%2C898%2C1249%2C1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C0%7C3%7C4&ucis=3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuhgalter.com.ua%2F&frm=20&vis=1&psz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&msz=1600x-1%7C620x0%7C250x0%7C250x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=1938217506.1670634250&ga_sid=1670634250&ga_hid=39881125&ga_fc=true&ga_cid=599105427.1670634250
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7be36e657cadba9c02dfb614d3471d50d3c66ef3a5225d3927aaf7f8d117220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23144
x-xss-protection
0
google-lineitem-id
5102680544,-1,-2,5102161575,5102680556
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274389523,-1,-2,138274389517,138274111317
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:04:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A0AF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
15198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 20:50:53 GMT
expires
Sat, 09 Dec 2023 20:50:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F26E 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fee2f5031d305581779642efa7a4b973272f1fa711149fb3c6697b2e5989a903
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B3dk3DWxYxMeWwSxxD47dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-B3dk3DWxYxMeWwSxxD47dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:11 GMT
expires
Sat, 10 Dec 2022 01:04:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
g6FXtKkzhsS.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame 3349 		826 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/g6FXtKkzhsS.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2625f168921e25e175a1eb02f6c077b322efd6379d492ebad72f0622613b8eb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b8ZN+EQ8B3eAWJT5BPATbg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
356
x-fb-rlafr
0
x-fb-debug
Q0f8tcqpmdumFgXN0ORDza7RO6bMM4fixnaOL539Ahm01URXfnF6BfdtmsQtKVU40BeYWxs42qhpyNiSZ8ICpg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 05 Dec 2023 17:19:37 GMT
-bGJEGX3Phe.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/ Frame 3349 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/-bGJEGX3Phe.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ffd12e87c755a6cf030c1b418b55d8d51e5a65d2d5a15f485befcc3ef74e7e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/z7uck8WDUOnYMzHnY/Crg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5170
x-fb-rlafr
0
x-fb-debug
NrePySTnfYyZz1cA/i0kODPRvc3DMLdcSAP6xAabCGdqlYkfCuCDFV16c1A5suQaKdnK+412hkLeENCKG2LMuw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 09 Dec 2023 17:05:04 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 3349 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
jDHxQVsGqZPeVNgG4ryxyXa5RBMHTf9OeEMLQFiaRtbfvNnCIja/HIhswbYyBKmRu176XzOobtmU/FqTkE0Skg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 01 Dec 2023 15:27:27 GMT
Kog4LjfaZvK.css
static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/ Frame 3349 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/Kog4LjfaZvK.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a77cfb5ef88689ec9943f5e423ce7be4e962c42e051bc5c86a8992807cfec1e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KLohLHMCrucA3Z2lhBjxlw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3235
x-fb-rlafr
0
x-fb-debug
IAUB1YaO2lDgQ+oE6Rk9zc64ElqHRJjJp4M3iTTS1rOPlmIyvSIhocAxN7Q6oUxOHFMP8EWT8kvR8YtM+aRqEg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 09 Dec 2023 17:05:04 GMT
Q2MAjnh55uk.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame 3349 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/Q2MAjnh55uk.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e86f7b25b83ece6379a4dd715545583806705d952755e7636667c850de9db460
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nkjBlrDToti5uTxOYFQ0ag==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2615
x-fb-rlafr
0
x-fb-debug
fG/ycpiQtLZozFAj/tqr0Pvkt+i490PdPzzq07903S4FFSr//VVf/NanIFSlqom/+Z+H1Y9eYOZLU3IWYzFQLw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 28 Nov 2023 17:12:07 GMT
FszrES0kGVw.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 3349 		305 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/FszrES0kGVw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
88d6065c134848ae1019d0c2afdb83744ae9ee66273fe7acf7655f0f65b57294
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8Q8+Vj9JAT5o0nMpXs2R6Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82715
x-fb-rlafr
0
x-fb-debug
IlUPvFYEW0mMObTdxkwbPOx6btdJVFSbpmVV1atdsPA27wBTGwg7bp3v753sbKCub824N4NDdapaE2D87+Ic3A==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 09 Dec 2023 21:33:42 GMT
zou-1UF9wGe.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 3349 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zou-1UF9wGe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30376b7a02d8985207312e83f0bc075af15ba72c29eb50ab402cc11653cd240d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+9acl7TtP+a2vmJm8VrfoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2000
x-fb-rlafr
0
x-fb-debug
eJZC0Rn5xcytSdBEvPEDIVk5p2nIciI85BydLw9A6fLJvnUa1JtOoDdXP4tqkyPXfkbYp/AM7+VUFzXAFm5bGA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 09 Dec 2023 17:05:04 GMT
8LoDHCcRMmF.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 3349 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GtFa/ANPMQQnyBsHWWA6Kw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12334
x-fb-rlafr
0
x-fb-debug
haQKWxf2+XbWKjUAJeny189hVlM9vSlq1JqIX43/v7z+PAnSu6/CBgAxTNmOz0+OdzbBmLDNd/4T6RzDGPAAxg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 28 Nov 2023 20:50:25 GMT
bPhRbIw5d4Y.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame 3349 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yS75TjCi3ZRz/Z/lM0crcw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16232
x-fb-rlafr
0
x-fb-debug
eR3l63n95torbvz2n7S5femP5FBbwXx8Qxsm5pRWVGWZeeEPzjnl6vYqYQjZiLJk4iv/hq6DH5yarWSJdccDzw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 28 Nov 2023 20:50:47 GMT
F8LQ5-eKZbo.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 3349 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/F8LQ5-eKZbo.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
375869b0de81c6e3af30325ee0289b01e70554d5139eca722f1bff4fdff83c45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mEyEC6v+iKx/kGPV1WZKKQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1091
x-fb-rlafr
0
x-fb-debug
tNG78gNf97o5k9hQO2BY8uV+TsRiF8O5TUK+0/9hmKKlwA/cEkBKiZhzDLgnieF8kN4XVfkSLYnjPasuU/dpog==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Fri, 01 Dec 2023 21:49:24 GMT
201217635_5654539184618609_2513873357703081699_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.6435-9/ Frame 3349 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t1.6435-9/201217635_5654539184618609_2513873357703081699_n.jpg?stp=dst-jpg_p130x130&_nc_cat=107&ccb=1-7&_nc_sid=ac9ee4&_nc_ohc=0737sud8QBQAX_XK-Z9&_nc_ht=scontent-frt3-2.xx&edm=AJ9j6YYEAAAA&oh=00_AfDmQ95a0n17cA0-ez9t7PZumW0USD8KB_xQ3aVZdOCtEg&oe=63BB397F
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/group.php?app_id=1264355410382750&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df77602ca2ce508%26domain%3Dbuhgalter.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbuhgalter.com.ua%252Ff12c1de507b9d94%26relation%3Dparent.parent&container_width=250&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fbuhgalter.com.ua%2F&locale=uk_UA&sdk=joey&show_metadata=false&show_social_context=true&width=250&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dadc342d66fe74c55e27087590362734cad1eb09b0b788032e47a8211252f99c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum
3724070233
date
Sat, 10 Dec 2022 01:04:11 GMT
x-fb-trip-id
686109401
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 16 Jun 2021 06:42:07 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2148807180
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1476050430
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
7797
sodar
pagead2.googlesyndication.com/pagead/ Frame F26E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=1265370031501124&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame A0AF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:07:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4640 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLS7DkUFRVFsjmoR470gW6_3cYB6IF_8eRXTiGmDv6eTC-7BcRIvVWU_z-sFNM44Nk4Edn5LkRD9Ct9KzzyJvrQZHzx8gk0xcKfBu0iL5m06bGC0ioLbGlW-TfZfuF6wA6Ur2bYu2fX-lQHMXuATRJD9dknMpDgNqw0fAPPEjQvolYJ8LZ5vpCTOpoUy_2eKKPoWfmCNA1jQFyMS-Wz0u8zTiwRV7hUhCxEmZ7cb7FjF1VSHSuWWHB0d4pI2oG3wRgNr-kV6UIe-O5UXWOvnRlzYYTqGzUp2Atl80Z48HHyN_XrAeIEQkfBG_bEKeo7QjVA7l4xFDj413I-JzDvrr1gyYU&sai=AMfl-YRNAlm0sTW7rLpMCthdNaeflW3JWrokBIoKrJgC33gWu-yhy3ZMHlaVkMC18MYeYm2mcBj9HbPYYBrvLm6O6bE4ectqXapfML7Go2ry1OW72n_OmNp_bp6_JsbzZg8t&sig=Cg0ArKJSzN5Cy5Def3AFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 43D8 		278 B
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQwtvy-QMY1Zv90wEwAQ&v=APEucNVVgqA76noG15ks5IovAB44v3l5yJA7i11PHCSrGCflZC18eDY4pIpsufZLZ7Q_M1aAgC4-oB5Z4b30orCm8M3XrMKa4AMZcMjnL8OxjxgkS__JdRI
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4640 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 01:04:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4640 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Av_N-AYi2s5DbcyX4V0GYCJQlHjAnARSs2hT-IfmvsLEDqvSY0pnUf3UrTm3aksqEwuKlpnQjoTZNfXZ21uZppV-cv-p1qzjupt22YRVvyeXA8FRQ
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4640 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6614179299645162892&x=8&ct=76
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d5ebcfc8-a547-4234-b508-bd7420fcc02e
beacon-ams3.rubiconproject.com/beacon/d/ Frame 4640 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/d5ebcfc8-a547-4234-b508-bd7420fcc02e?oo=0&accountId=12398&siteId=48254&zoneId=1767334&sizeId=2&e=6A1E40E384DA563BAF6E01C8E9BD4A7E3F79E9C7BA0E6F48CA3DD3260561831EE67447E1F240E0D0D5CD24BB85370790C369E4F1FAC272BF2B543E9A4F93C7C7ABCE44C5DB736E96795F70B7EB37FB80D2C9AB7B64EEB0945108E3B133CCD9D96B1F2F679F79949D83A328C4952D385D81EABBE601EC9DC6DC544701AED1226617484A0970FD32C243DA57D85E2425B017681FD24ADEFB8053C41C4B5FD36C5803A9BACA2521B6623370774D9C2EAFCE0D25C53550388258
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:11 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4640 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:04:11 GMT
container.html
3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8198 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:10 GMT
expires
Sun, 10 Dec 2023 01:04:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C63C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7mHFa6toaT3yPLiszJQsuo4epcZyVFldNwV7xJJp7xDQZvNGcbmpjOWTwruFiqd5lRm7niW4g1sLq1LqJ3cSxlhq6Kulqj1vE7oyNk2wczYgmhn03rV5Iij7ojHw-ZsUneu8TZCG3aAuWrnrYwjneTQx-EbglsUFAN4S5LXxkfxy4hJ-AHSGGhNsmGey8BfyqB1q0H3QcqtDrLZPJ79xNZxszrBvw9OUExzezytJNXSM5ye1iTSQQFcEg48NzQQgaXZpDllu3VHR9JpT3o0-PyJ1v9ugwZ5WSSSE3AKlc30E1xer4P5f_lLOX2tJusWSXq4rWgBJqgy8ReP9tn6PUDKaPOt0&sai=AMfl-YQBiV9tiZLjJYDg3uuvItNSjcNAWpmMbDLmWl9G32ny_W_0RatAftcyVPgYsvLHIDR2mjUCTY4azgFlTwKNNIUuFDr5J6Y0wwMBF7eesooQdLVQHsrO3bOuWdKgQPTr&sig=Cg0ArKJSzO1gyQie_jrXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C813 		278 B
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjshtzbATAB&v=APEucNU4bBy0kZcZQ0IOJLCbSumhdQQKkhm7-ZJpxBteYUgxbt52YaVCFcdwAcuq8OXLesq4ELUYUU6JyU7b-TKRKki-D1KBlxuxST4YGDwpFO6m1_55VO0
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C63C 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 01:04:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C63C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DrJB0h9hUCfeG__8op6Nxh8tYdQkZFEUypU8kK29BPLLDO-qWhz059_8ozqT8GZQ4di-hiof9n7x4yDrP4dRPINQpTqfubCRJawHiS1ugIrjwFqVM
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C63C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10056946384595310446&x=8&ct=76
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
75a7464a-a42e-42ec-8a3a-d0d5078aa24b
beacon-ams3.rubiconproject.com/beacon/d/ Frame C63C 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/75a7464a-a42e-42ec-8a3a-d0d5078aa24b?oo=0&accountId=12398&siteId=48254&zoneId=1767334&sizeId=9&e=6A1E40E384DA563BEF6C00A9BC323CC82FE1A7108E2F7F41F4DADDDF0EC67EFE7080A60D6CE69A7B169513861BF923E2AA308B6E23C45CE129F7710664720AB0ABCE44C5DB736E96795F70B7EB37FB808AECB5F3D66343E37792B3BE333D86D200BE0E1323F9AEF183A328C4952D385D4E6193415A183DD08022EA5478E19A3117484A0970FD32C2E31724EF72D094B028C32A64AC1C9C7041546434763D0DADA09B0814D4009F8ABAE45B10FD310045635609AF06021F7C
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:11 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C63C 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:04:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3BE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkKLh7qCNZTaCQwqmW9I3hVBTHGrHbb8LPRQ6fQ2QXnRkfxXZYshEgX5N_5sGlylGuCK7ygW_OwFYFG6jgq-nwsalRfbMx150j6G4HocVnb0klrhPXBnlKnChYSuk2bTAqHRYn0RkL6Ia9VmQVsAFYEFO6DtUjt-yvHPeAYxeFXEG3n53coIul4g6TKivlUDpyC30gINzbyRAunLfhBLmK7rWionQWHmL706zHrfOC7uu2REKHGVuUoimVhKb8sIvb0ijnXXH0qOFSED9GtqvUyDYiBGpLfIVW8_gYqjjrT4Bk7_9lQi9vqAasRvYjA0_O6QcnXMuyear9mw0wRAtBjA&sai=AMfl-YQOM2rCd2GWlZrIhK-NlFYNI79qC65qBKSdhKI48ecI1codC8qss3F5RryG1USx99__DgMyFnAEE9XqmNJnLClcZGM-XxG36Dr5oT0_Hzq7D5EwAqQSigrsBHlnS4v-&sig=Cg0ArKJSzMrtg2go9ce-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9773 		278 B
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiP--vQIYsdSeywEwAQ&v=APEucNWRZdIpZ3gC3EC_Ei0byRfphdFfCHegY4O0B0lxAltpLd2NdVV9xaY1Ce_vfcKcB45z8k5HbsEMDE89y4Wml61yPRQKS89D10Ljc5-OKMvV_JS1QMg
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3BE1 		65 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbNyi4va2sCWWMnXV9xfkGWycgsYdI2G903ggP1jNDyN9XzG5kNRk1W5iPn6plIbuij9GrLxDz4UvnOueLpW46tsy17Bnx_YsxWYcbYbItlC3PEt7qjnq0irzt_1nfG8Z_dL0lmVm7KZCNDIGKdv-SLzj23vhiK8C0WoEhA4q2oVsDzc&dbm_d=AKAmf-C0rZMEBvAVtueukCDK05WunAyXsn_6iIkaiHYtT5Oemn1JYjmkla1QiRTMY0oG6AIPn7mNpZ-vPVUxL-PwfdBErZ0rigI0rDp5NezpK8Mg-0Rt4r1yoW0Hqg74PXy-c1YCZicU38husFErYoRoLqKbaESE1w30S0T0uZvUMUn50v9kwemSB7-0jTL-Kx3gewyvhWsUm76mQV19bVJSLSqnp5WwuWN0szSn7AglB_NOxNzNLg5Pd5kgmRWjEJK0c3inaLm9IdkCE5Pt_PfXo1oIA1RRXWkZ_bb_hkOFlinDSIZZkurY7HPCXEUPCtZyw5K11Zs5dtTqsWftD__mVIqhbxAmF2V0kaBmE4UJLcOY6qyvdiJmc0MzdanBd7VUtRvO30yrU9Bn5RZm6YPXHFtEDBb8mk2-bOiIxs7FNtc3VMoGUUxRl7CPCpf3rrVmrGeIagxUF-lF6Be8-nkm0S1Le045sC7BRKNy15nwJn-2YHfbiQCqaH4nscOECLv7CzdgDvxvVDLLugATq9hp-s4qyEedfhG2HUYURHq-DzvwQqqVUoO_teDe811dsebTjJ_9yhSoZSKMWr6V6kyR9ImWLJgDBX8xANi9z2GptVbEo3Xpd8rQDl7GjJ8alL7cKljCkYxqYAPPweB6K4mhoR2BtxuyzEzVe3rYTQR40wLfClA5gn0qkE6pkphjUqIiJSTl9rIeGwCRGet5LOnS7_36I6OxiKbYjPLI5YYlKT0VDDOgs7CzKt3EYEJ9pX3ig6n6jJ9hNxOhuFTKu0Hfyu2lxlqUmvWLVAWhW11ULTOF4uwRW2SCtlyupGSObP33q4TaiivkHO9a929ZvBhgaLzJHgH3i8URWk1G2tgZoRHtPS6McWngek6NVJUf5xFcJRnkVrAlWUB3_wjyAEzgkPKvt5MIxHXPADKT-RvuD1VK3pGwwvWuw5sw5iGP7hI1JWLu0W_t_n5J1FMd87w74Y5k5aqgVql33FSsJ-YiJ6Qdtv0hk2OddHxJT-oMQJjERCW7k3s4PpVZFadn53Ni0F5Fgo3DIhM_XmeBfCUF7VemLskJDcwY5rnXpBvO0M9sSwSTOF3PcGO6dN-IUJiGFetfJqOObFmxH8tIcelF1oy6A_UY_pLV-CaURy_DUBgYxZi_zHheIxqMpVRfys5V28R08Lq71O6JHcfDqL2NLvklMAx5pcLrCfGDY9r6RuoRI-NqErSgpQs_5buEDRVHLmTiwtvl9b8Io0LLSKHvRGi1hl8rdm95JigoCvnGLNNW18lqMOS4pSfD0IzPkbc2EkR0UOMRvbo3qjK5igYXZmq6ZfoHImNSAmhgQUVsSo5R-mexKEYmmeds9zCawtytujIQwzc3s7YBceGjRKps99Tj_Zhj3YtRlvLc0HWz1Qk0qRbu7Chf_aiRxhyXOCuT23HM-UeQLNO3GQO9VA5sUZMdTwO815ypxcW-XhCf7GMrQdIT_Tj51R6BDSEJdMmKEHhw3jsa_VIXFXnN5njEK01ORllx3ly_8gIZSEZdkzg1sm3djqZcb5E7PNyOWTnrDg4M8gD-fcjKbnkU7-7M6wkBkHeedUU9IiSt23-y2Z8A7lsSe2ZR_IVxHWrytK94MnfHpreGb3sFKppVaKYhX9yyRb5g9Hx2o8q4UjMY9FSZuEr1gHF4AukHq-xbX1mbaiLx-WJA1CpKXMqHi1u18s0lzraXEp9GObqlnlzB3tz99o8gjAeQT8OscR9WR-Be3Ap2WE47g_iwbpeMmJQW7NCb3gOgSNao3-QmnjjDfkwfBOH8yu_pqf2Iz14LhYsaDUVAu3prwTd4HJgLEIVyv9SfMjfMrdcQtcAroJA7gjJcJdgU5jcWa4QvIA-GL0zEayB2VGVOLd8-pYqBN1qyv2mGHSeYVIZl4D9UOStKxoM0KnGvISFcmYB9bzMsEeCXTpG6sXuD6wmqgPrtQhxyRdQBOCU8nqKBUMi-S91_P8u0pBKYD_wMxrF1mTMEhkR9P9DryIc2B99LYleuRhsWtIFpgbggDdUve49SVBQBkUayzzW7zlXijVqooleeYTafcYFhzCO2UH7VscQJ5P548gfy1C1AmXB8c4oQdrGSxblb226lyKh9BXdMnyiuk-JrKQP2E44ZRJax5im0b4i-CKegTudA2sSKBNICeWcCfjQbecA-iiDMObCjS4yFJ4x-_YpwxEzxAJkXHQCTXMLk6GqKgrkiI2HOQxbpZsYwgfrXYH1X0x2bxryD9cJBJtqz1-hg63FLJl2SE-VRf2GYyD5SjarKPhL7dLaximIj05pawsTEb-Jwpxu5I1ra3Z4Mj9eEWrTtEUrzpb_4BpAqnoZHNDaZlY-8l8fo4IS2qg17mDtUukxRwwjC3uiOrU-daLkCElfyDFFxFFlpNvUhyOTIbnWDF6i9sYK7kdMCCC747Ty58MZpIAefD7iAoJtyj5MpnJRY8H5NqSZNQZDVPixYi_6o4JInVUsa55HBSIXojcYQQLZogdk03CPWKfsuszTCIg9IpYsWhQmFKMNdZWdZ20vgjnMl9wbsuCVas52D-5JPNG-hargYQKVYOrS0EJt6SZgSlQZ25RlRarssJ4sGcvLxXVgJNHejBp-CQfzXtKFYaCuQIJdFgfd6VDogUZCIHJI_m0gRvQ7P9uhpXa0R5UwQKciErGkz6MEkpJZReUs99Q_OuZ7issmExiVO4N6876CQVhdKMmM-WRWN39hqbaZQfyVR20X98EkRjvzcpH85lJwUdnRtHEZax5MAu88soqNXVZ4zmJ_1YL-b_5XbVvgUncTMwznUHaVkSzwUoGDEriDI2wzr4GU2lDyMCvhQycTBs__STAKeDaBukMIlruYG8mG8GBnW6DQq77bsRQ3paxBdPmcX6k8OeqwsjQ-e6BAn6M7mQ-h_-H5VrY7Nkj2e7_phqggb1KqXrteUtL56-A82NKrO10lxKcLhjFZJoKa7EGzzrWnwzs33rlcGsMCzvfF2UrR5YIRXRes1KOOfwsNKB_kqvj13fsYgnjizKZzgCyGT5jr4p1rvw7UibYpZYkpd4khdTcKIXM8-oTUJqc8vMl83ZH0-fwVhQpyicm_FPYlpDAsKA9PV85-1BN3U-ymNs2eLm-SGnTVUhSVyRrV3UxZuIsG3u22pN1spYDEI8rrdNieBud46T3bNPDPC6P2p-OvsShfzKShbNQNqTqijyUWFdmw2p_Dipt5vTprj8upOn0AmZh5tiooDaKTkhAGCuDsX4NETAkJIHFjqvUeK9vtcTeo6g8PaS5AvjmcMDK7r8L08Dpp2ozBQtNj9GOHEF_EAVeea--N7Byxpn_eDIO4WwpbLRnkZk4dOCVYAsOUo4NBXGpp7cIbQZ7mkBqw&pr=8:FB7095CCCA75C253&cid=CAQSMgDq26N9GKj3KwgrQObBd4WzdpUY6fEB7WdsSMYVBPSLiiHcNGImrWwC9Xlald-fpia1GAEgCg&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e70ecfca477097016402b383144895768062f4740740417f203207a3e8db059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30848
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BE1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AB-JvGoj3YE0Q9dCxqothuN83MGEKNiVPRQPEdkJ9XTCWOGtV00So7-HSKfpB8GPn6ZMq5br8vk-d6MQhsKhW7q141SDUGghvPynNitEDsyEo0ECY
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
60c8163e-f12e-4b63-a994-26eae39464f9
beacon-ams3.rubiconproject.com/beacon/d/ Frame 3BE1 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/60c8163e-f12e-4b63-a994-26eae39464f9?oo=0&accountId=12398&siteId=48254&zoneId=1767334&sizeId=55&e=6A1E40E384DA563B453AA4C83D6AA629E24A52F835903EC031D43360EFF38A216C272091940DD81830598559BE0A811F06ED6754DDB43215F42E29F78AFF3FF0ABCE44C5DB736E96795F70B7EB37FB80AA9FC0C91CC4218487E6903855CB7FFFBEB84BE612255BA283A328C4952D385D610060EE9C89D8B580BEDB4A5DDB224817484A0970FD32C2BF64DAF4AE5DBF23533D89B778BE61D106E3CC2A7AD62C87B2EBF34F8549DAD41BC30090129C8F34933A33E963CB1B1A
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:11 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3BE1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:04:11 GMT
LJGwBQWnf37.png
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 3349 		430 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/LJGwBQWnf37.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/g6FXtKkzhsS.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ecee9fa46611c97add225970dbb6dd2ea6e56f0a8e38ace8a027a9f11f8c13c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/g6FXtKkzhsS.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
content-md5
p1DhaYJ4UVT/34CnSlhy2A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
430
x-fb-rlafr
0
x-fb-debug
pBEeNds1mtOrdn8DtqVoCgQ7cNC+OdbNeZ3DdGdtWFY37CYkeREa3TUs0/nXc4h8kppEvsUDLeRbJphH7H7Fpg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 27 Nov 2023 07:11:07 GMT
qSS37rnH1xp.js
static.xx.fbcdn.net/rsrc.php/v3il1s4/ym/l/uk_UA/ Frame 3349 		84 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3il1s4/ym/l/uk_UA/qSS37rnH1xp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/FszrES0kGVw.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
52e9fa27ccae6d5e0fa1a5ba57af999d6977b7e03e2fd3e7381ba4304469f3f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9sSnAmqHq9zblwoUeBXb2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23528
x-fb-rlafr
0
x-fb-debug
JmB4uXgaQcpGb0oKWsIZea0MoirhS/ShMQz9z4LsPaFhe9vNiZN6fxHkypHkbpHmeYYXQ6lzxQa0ZEutPiBoLQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 09 Dec 2023 06:54:06 GMT
7Nmln25n6YE.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 3349 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/FszrES0kGVw.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fLiXl86iqEuUjfrlPQyQ1A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7199
x-fb-rlafr
0
x-fb-debug
IB+6qmNbXRxscf3o/yQZvqxROCPChNgHjQIclVMoVFfO/bocqHLtpTWiVS8/nGurwbUzVR4abbaEtCTGYjSu+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 08 Dec 2023 21:28:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4640 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=259802368155&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4640 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=259802368155&version=m202209210101&ct=76&x=8&cor=6614179299645162000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4640 		69 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcrFq-kBD8GY52spX3smPHYVAMjp1_kRDDPHgw7ByEgCSk_am1PECyABtgqWS5SI99B53XgOdJYZUdz5XUYnJEWiGJaomh_gU8Bl0PVoFI1T10MahWDZ7bn4sR-Kxw6w0dUS77c2qWRpgiZ6neYUrB2QazmzshqPl-lXmZwdZJE5LJfQk&dbm_d=AKAmf-Bh369kROoCp4WGjJT6R9EFQg6ozjeObgBBTwuTXZZpT51HESni_fWKL3ivoVLcFKBlKcyg7eikvbHmziVUr3Q70tNJhSKrsgNxaaLuBX5ZByp5D9HzPzIIG2sqmZJc0aWG1zU4QBcdtMOd2dw-rgowSsJZURxe_-cdTkF_PWAQAEvxpdLMpLdV9jAuc_jWQCp9acNtywF6hJLVnFRbPSLpBeX8WICAvdB-AqF9msHBXCCPHpDP5fy-ETlsR9iUdgbTxebbaDMiiRBpLqBfeQQSa_IiZ_SsYSj-SLyaSHcJnyCDc3ArDVGXqJW3clFB606XJYtFa8ndZTgGteZ4XKIxOz8LfG6sNKFpe63VuUVu5Urr0oo0uOBDTrUsOgOrAhlFxBFO-ZcZDMLClVa4fNSHoOTbL_fKkXo65M4QkZMbQNV6IyW7LRaLJzRdLcvCMQWhG-QwdxPsd3AFHhNXVyMae2OmtvtIGwPulGCiDRPwTKE0mj9Nrll_vtnF8tJemUpGv5DQiTNxvMtJtZLbjqEkD_HXy7Ipmeytvh6rgkbUYPN7Ua9OGvmoqyvpLOyq6HyAOpu4C8lwad08z8LpeLaiGR2UJsywSjjxoAkupXuwjinYoY0xTDqD-iSNaiuq4PE9d4FdTMUcQ1Kauh_VqDraaI9LLy6Z_VLMJvwq1YqPnD0jx6MP-4lQ9vQvP-rna5qlsE63fLRiUN4Ci9SxcOu8haMH_2yol7Tf2NLVN2btYaQ15FzkXw3I1GZEuvb4OF01hDlEh6yNiqFb3iQcyC79PAQcvh9Xy1M_dRF9uwYw1xF7o6Og4SMzuTfKKyrZOoaROs_x0w7Ml7IWOPkAzd1ldYGWZ4EOzm6ZgJR468qW_4H9NuUQ37Nrtpo0Gial0u1BRpNCzMFJ22la0FKmtC0J-aS7JLQeNdu3s6Hu5dGnLfwPunkGmTYQNK0nvP8oQoHEl_lguwna6QGePgVIUc47VRs6SYmwLYVFnpe5MeUOs_lplqDSnk09j63dgnND17brpT_B7iFBYeI9pRJk-umXH7t6hzDyBkqCBW8j65hMR8eXqUHn6exrrBzfhwj4UQ5kPHTQb7vWC68HtC1wV3lXA3weWHuVsa6Nrl3CWELBWyeieI1WOjK7Q0KBj_uWS_Oryu1kuUdoNFFTp7sCryWf204Wph36aON_8frWUm1B4ZuuoG1c7bDhqE5qPfY77m5frI1OKtIgHeAHGk-wBychfuSOVB2J7PllsMM4j5CtQAfxKFTYzCh-uVHgvWhV52m9-03FJ9glfiwhQosL0D2Crwk0o9Wvx4HgCFWZqGt5plOicJ4mGTG3SaQ56TQ7kEIlY_BtnkpuLuk9a0qUem8oKH3ZCTWp0vydDITFCwLnXdz68gH5PaLqrwn8xfqTMNsgEWotwP2AAVCjn8wL0ECV0v2aDJUzDzfIERxdmVr9su4fEgGEEqpo3_NhV37cOexj0YTjbgZ-YLMud5ve8UPl1MaYpp_vHLhTaidGlib2_BFtw4hLmoVICWb-iTDd9lOgTmsXYE3L3oIfUloqsYuNc5fPzdp3qK3tCrtAyUqDFfSNlRwexomJ9MRmZ9OSLSOsTD1JNmIl6A0xZySw-rG4FHMtjjmaJFRJ-ONIq7M1r7gZtcQfMlYz5C8xjnEz17-aeWnlAaDNscUIlwAHarLsbiEYVel9zLIUb_Y6nMZ3LwAOxDiO9G3jlWFEuDG0lqRK8_DSn0ANQyA6Wu6w7SQC7Zqsta3g2hFHU2t0WsMAuW9LOrdwum_uh9P1aCr113tM4alFWAyTe9giQGqh8LKsbkOSbxIjPTipynZj7uRkxPm53WUTjyYEn--rZ0J8mPCPRs0QIAN8VJZMyCWYtxrgle8lIXY0dSpvINmbrXqGOTnARYK0tMUg_FvRzaaDjVrqbxIsNF4Q5Flt7Ojlb63REHeay8lXrRPWsr7LX8MddTpUoO9-LjfXi2WynFcVsVdmFPxXJV5TLcqoIXCgbQZqg23QfD_lsdzxVQyvdowIsUSubIgVAWx6q_-D9LlyNob5lOjaL-k4vJPAIbbbptX9s2-d8g43a0URxSsypkcwUjUvhbYS6-LbOz-5y4lVjwjQmw3R01-OyRpvLbYz3DefuWKYUxB3rMqgIqhqi0Xje67y44UkiH2hoayb4JFOioRrHK0xliyOSx9VZiV4LRZ45mwbfe-QFARua1czVjNDXcp80I8oLxIR9-HKVGQ9jsYsK6ElPST7Y_-KQZ3LlhHl5aiRuGJou9_Fyrwk2EEymfduU7Xm18A3G99xQHErK6C47ZXJo0l20ZOONAmMScY9b0HHDf2gTklAzdSK7x2gEseNCa0PKvVANpV_EVKelQcdUhHfTWQkU-KRRgfPSAdteHVZ-iKiQvUHRfJ82ajGv0OE61I4_QSkKBiMRAxbT5ZkYRM6xU4Y1eAmp9320QBjGIwXdmuXLLJUvUUN08b8-JuKdu3P7AzXdPR_KAPtIETThc2CMkSJ7tDmy0dSStH4SJ3bvTv_MPxWjqGZf6xXmOsHHvf7v11-nLNJ39nF8Ukgwwse_vZfWwfmGOP00PFKqaX0V5Via7IPS_tSOmpytY0wcGA0yfY4Dy94er871Dc6hAHzNY-Ro7CHg9NviSv7tV_b6ncvDAoEKQcikz2zfu6UaMtGXr1f2ZrvKCYgGfbLnKbCz3EF8-m6VosVuJItm5Y1PpTLPsvKqo7dMkHYxtDxWf0qP9oDZg4dJJVv37I4EhJv4Kp_Bq8X63mhuVrQOp2uhDy2RaboYWOm8PUPAlaHmIQIMK_rdMphal3LYuxBsOvyQxYCFm6Y5ltajzuTiXNLTEeP3OHxdVTzzkk0_s2x2E6p_MTiFJTuV2RM3vycECUAK8dFTI3m-eRTjxcvfS2A5j-Im5e7S7TXhgngZZqYkrDnhOhSvQFtlwG7HQST2sgW3bv1Q1-F6zNv84zreGqs9U88OWO2VMUD8EaksRhZ-_zEFwdEGk2mILE6QKc-e-906B6LP7F29iJtTJ8XEreIuVpUh-XdHAj0msOL0oGYtMXLANSZf76f6lmepSnLhRscco5fGxHP0CgwfgPRHT1H1tOOiZiNLQRQIMUPlMkqOLZO3XnhKUj8vHytpIH1XyS8XmYo8bXu_RK2gqsKrX1TTA&pr=8%3AD2AA1ED61C52301E&cid=CAASBORo7Yg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=6614179299645162000&adk=4144141728&idt=89&cac=0&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93b573c56fa5c2f022653fe1017fb1153a34623e951304d11ce0fe7fce65b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33566
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C63C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=770106640604&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C63C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=770106640604&version=m202209210101&ct=76&x=8&cor=10056946384595310000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C63C 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDZqcUx13AnnWBKW1xryxgNBiXYc4QPmY6k_Yv5hM_1f1FANaynGIeppEzdSvFOsNguKIUY4yYWhvuiIQLbuaoFKJUwCqFhvSHcbXW40mkXVu2fxWm4IF_QqErhzptKtLsODGtb93ugzIei_5AOT4Hq6yHxsKb8zwrzLkXv-PrG5o2SwU&dbm_d=AKAmf-A_3MEShMjyedEJU4rE00HIJ_jIK-ejbSGjobu8I8rmlajL9MeJpHi2fH2g-eJY71W_Y7Fuu0M1B6mvp-XY5zj8-lApuBWIzvgMaQUgDyHHTg2Ti-HyUMMOcZPGWKiAi_N_foxS-zk4HgpIyd3QOrO4bIVgv-aVbjB6hc744oFYFNja9uEZo6lL1HrSJKoUyD6obSYCKDIBTAYsLOLxiac-j2t9XJ07SieueTCJM7Ej7A1hJLiw9xFtqs9bvfxLrZgFyCfL5Y0UYmSzuquT54Z-RrPsJyj4pwfuCElsNt-Ii75P39-tyfh2U2LNYdlADHWQgrUQppebQITSaNMh7FqeWlfeWHcS9ZYRNeZ8PMHyS1wGbHRB4A4nkHnyTNDf7CRy3-H_Qnd37FQMMgBpKof2CrAvZbRMQgtCshyNmOSYPmXLD5XsayZI04vjpudn1aw-dyBPJWs0rPqyk17Lh-IRq3RyulyLYQ6hsTK475BIGYHujz-BUZLe-ro1bYu_hXVe7blR9cxtnbDJce6crPCteZEXD0GgV8tvLb-kKk9nyrIUSo-l-rB2qbQdIWQv4mmRg0shoiTOK-9Mo8k0jMHwzMh56j_RU90KccSqFKDmG7MsXZo9IBVtRzL4_gqvADCKmfhrSFwlF9FkD4XpHvBOSeCO8dj0JnQJMpsqVWmQSAgMqtaIFFsTVWiCY9jLKuieA7VVx4BTL_BwKeqOcNjlOjHngGlyeVRrEMjCL2HeliVPvmtx-oYRGuTJWyw8oItULe6YLrfIYUL4wAAyFVxmGZeo1I_G4Tiei7WyZliSo4whdrRnpPg4TLcDd5Ni_C2jNV9jSjPlR_CiNPNkQL93SLsFPlbt0zdBhIckvg1hUb5Vq4KLY2Py48vpaQw7OJkAlzk4eb-N9K9hZML7wy8ifuBk7dfjwtnzZ4WneXQZheYNK1ZvC04Z9mJulY9kWeQSCxj-aT1RuRM6IxYfiu1RF1UQjmNmAnRz3hUhmSp64DD2TDERbwpss3REVOEd33jwAXDcfkfIv0xp1i72t2fROkBNRvKnq7KtIqAZ8rrq2352sjTTZt1katmySEGL5Bx70KB5V5-zizKLuY7-O6YAAT5lvg4TOdG2lUriJWxKjwTYJ79R8uqPauKSFzgLaDV9anwTANxNy8LlQC8B7SMmtgRIvyvX_C4E6iZZD62Wed09AbZnwu-xLtG4brlE2CYq8b8unPskvkYx1_uWmILtMGbMgXoa0ZpQ3KkTUE6tpuG5cVz2M6Hn7TzX3iMOKX60lAQKT8GziqZYZqY07nB92NBbqXePWDGnZMOoHjeBkz6sHreDlkhZGXAJjo8zhx5hhWeYfjg1bW_485U56WHfL_DRpKv8mJ9R8nMUl2oKu5sIzHTeVE3w4T6GgRY38ChPpduzxvg5i91G0SwIcJhhdg1E254AG15ZhoAMYEAXmcl6w2D3D_ofn6XkGzGdNIsdsykDTenoiEgGwska_xng8wI_Xko6LWshGmt3fkJVZyRfiWeNrI_TtB6gUfU0TKB_2n1eSvNU9SFfjGwgj8ZalOIgZbF-tJ3h_TPCifvA702KCUOJxzw6Yjkh6zqPrQqDrI9F_iVfLO3bVyBC0AYpnBuS8qRe1e-Jaa5bhHlBmk0ScSIRNPxxkTj7ati7bcOeA0BLZhRa9Ly76ZNgMm5FTJh1mOLormmUMiAI5XpU7t1uwtQ-yEiZT2vVetIesKLK90RaqH5IWPZYMIfD_hrHadbkL8s4jx0KkNkuFaYtd5ukoSIT_C-pcbiWgAaqtBrdUFNi9QD4snOX42ah2iaK9hkSSDUx2lFwyntePFkAL2iGYcFDs1hp62romcehocTbgLTp6T2xsxElXDdUoD3zs29OBt9f-M3NjbUN0XWyjjyxW_DChzPmNcnjQ9GMoRA9O7PqKhciBpLy8RvE-E9inhYuXbgS-qMS3idaZ4e6mOuzve_EPN40A3qGzUhV-tmIKOTrW3evK8_2y7VypvR0vF-fbJMMaoc0wAHtDCxWulLhN_l9y3E2gxxejsDPjEAS3s04j6R5xepFKMKFgGRRAN-la94HI4ZRpVnoYSXEXidBFsyzPTJ0eTKLSZssXpsoDZv-eNeUYPuHW6CRv5DEDYUywFVeeNQzlmi1pea0ycxDzvydcx17Owg7IT8Ue_-iIIfQJu5Cg0jRwzNIzeWxaZ5xCCnW7o-EtQrut_eaxLbGRCnmCuh1L3u5vAIzy4Y1tPVZmkf48atMIZsAKGGhV1oU9U3nDuQq_ojXJO2-bdZbBYksbl4RVewJi94YCv-M07pMgI209haQ-TgcyiBryOTCa8Q-Vd6h-XChehHtRph0oLWIlv7rFwKbk90mEqsux9tTAjrJqQSdMW9ihV98K4wehYUtENRARLxHqEQ3FhmwLqUpJkmXjAprtJOOwFGrleqNpDya8LDxUq5Gcwx-YWnswUYIQtXFUQAXncpU4wdD51648rlNyT_wrznGh2KeD7gJxwOfyZeosgwX0AY5iEWBHxvXZDpTkCu7Yn5OCQ6wBvVkdJnqcDIJdGrSt6PIRtsaROz4ZEb31T4bwujREj5NK3tu0wlLm_ksh7hQfERZoUxzo6u8AXLF55VWEKNL_escYI49ITGpRfFMTnzOE7jTX4iH-U2NEU6OryzpTf-pPfK36dGVygjAlokqnJNutfECbLTBvL3LDRP_IKa15gGgVFHdKjQPGCE65LhvJ72esBwmhMIXb_UOvj2JYg-byOiuxsmpcx9eMbxZIQPvxUbW3ddS2HXrygqmdBtSp7vYdMvjZxCq2ZbqPb_pK37yHz8fENIWHtk9ZDVgcyh_-kHJPKyh6PomskR5LqlRiPZ1cyorVw_0quKBGDMYj6Nv12ylHZC2ZkQ7U5A2IYQITmbTbFXY3MDIMf4xFctGJ5qjqb-JKsDc_RF0cm8lz6dSQiqhQ-3hL6layEjLyD4bQ-h_KoNyK_YGQvMrnwONqXOVgdYOcWXUBdaaU8HlxWNUHabdEs-J2cTtodI_idJO3UJVq5h7JHDBateIZGVP8J188dR5ljiUhwZWomFlITC9DtzFnFw0C3TcSzm5SrLUve5wwa7xJUqh-8CngdCZEjaAO6CMPyHVzQNHOvwIqHohG0dlBG4exbDZWnNXpanMgWqsXc-BDxG69QxD04UlNLXug05IvC-YBSV9KcBgtpSbJNXuafsejBslhYypTpf6wrU-IOwhnWsShia7A3rVOLuFSmeDdwPpVRku9sf34Pg1FV_cgj7kpLzQUKFh2XcGdoreTYzpEn8fUUgYMC0xADZVHTnLViVxeV71gqBVra40qhGW0I0qJnq1c_4aP58MgVwpudMcsCS_wDhRMjbcKdplIEp_gaMZpHdDUpkMknlUMxvZ7aJLgN-R9ivfdtAUa4FVzDPxYoYultYy9XwngAV45jRs8BPEdkgktu35LYDkcXH-D_0ZdJyk-wqBADusFzF8JNWhGfemd7ovdnUez7v0OdY&pr=8%3A342EFD77EE6CFDBD&cid=CAQSMgDq26N9kgAwDXOmse4NTZ_cFbkr0JVddEWsZIpScp_KGtxUIzMkFBrsq13UM0B6ZXVwGAEgCg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=10056946384595310000&adk=4042653751&idt=109&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d69f1278d6e4a0029b7768f07efe1d3b12162e7c4f29aa8f361fa076af045dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36563
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame 9773
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiP--vQIYsdSeywEwAQ&v=APEucNWRZdIpZ3gC3EC_Ei0byRfphdFfCHegY4O0B0lxAltpLd2NdVV9xaY1Ce_vfcKcB45z8k5HbsEMDE89y4Wml61yPRQKS89D10Ljc5-OKMvV_JS1QMg
Protocol
H3
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 10 Dec 2022 01:04:12 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
ad.yieldlab.net/ Frame 9773
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiP--vQIYsdSeywEwAQ&v=APEucNWRZdIpZ3gC3EC_Ei0byRfphdFfCHegY4O0B0lxAltpLd2NdVV9xaY1Ce_vfcKcB45z8k5HbsEMDE89y4Wml61yPRQKS89D10Ljc5-OKMvV_JS1QMg
Protocol
HTTP/1.1
Server
184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 09 Dec 2022 01:04:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame C813
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjshtzbATAB&v=APEucNU4bBy0kZcZQ0IOJLCbSumhdQQKkhm7-ZJpxBteYUgxbt52YaVCFcdwAcuq8OXLesq4ELUYUU6JyU7b-TKRKki-D1KBlxuxST4YGDwpFO6m1_55VO0
Protocol
H3
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 10 Dec 2022 01:04:12 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
ad.yieldlab.net/ Frame C813
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhjshtzbATAB&v=APEucNU4bBy0kZcZQ0IOJLCbSumhdQQKkhm7-ZJpxBteYUgxbt52YaVCFcdwAcuq8OXLesq4ELUYUU6JyU7b-TKRKki-D1KBlxuxST4YGDwpFO6m1_55VO0
Protocol
HTTP/1.1
Server
184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 09 Dec 2022 01:04:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame 43D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQwtvy-QMY1Zv90wEwAQ&v=APEucNVVgqA76noG15ks5IovAB44v3l5yJA7i11PHCSrGCflZC18eDY4pIpsufZLZ7Q_M1aAgC4-oB5Z4b30orCm8M3XrMKa4AMZcMjnL8OxjxgkS__JdRI
Protocol
H3
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 10 Dec 2022 01:04:12 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESECIkPCcP1Dni00L1QRGmm7Q&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
ad.yieldlab.net/ Frame 43D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQwtvy-QMY1Zv90wEwAQ&v=APEucNVVgqA76noG15ks5IovAB44v3l5yJA7i11PHCSrGCflZC18eDY4pIpsufZLZ7Q_M1aAgC4-oB5Z4b30orCm8M3XrMKa4AMZcMjnL8OxjxgkS__JdRI
Protocol
HTTP/1.1
Server
184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 09 Dec 2022 01:04:12 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECNsAEchsz40edANv3puGYU&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A10B 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGL3gzdsBMAE&v=APEucNXytruq_vPeBT2kH6D8oC-Umf9CBmnDaqgiEcKx5CUbzGWQGg38guaRhVB7GOL6zdbZ1EMXVI4dwPZ3DA3HfH3FKVypGN1pw2Fglq6LLRZMHzLJtNI5IoQBu02VWc2l2hPZKlB-6hZbI6OjxWAnFwBB5nruSTpleW41-mE25R0RTi3cA7U
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4E15 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 01:04:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 4E15 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 16:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
30226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 16:40:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 4E15 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
46422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 12:10:29 GMT
l
www.google.com/ads/measurement/ Frame 4E15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-hYZ6GCh8U2NikZlofVooXNLNUyMT0b2qwveB-Wp4V4S6kSQtbrqZ1P2O33aY2dUdKLXIEMyzOmEa9HIOkOSc95LrwA
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E15 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:04:11 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 4E15 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
46422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 12:10:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E15 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAKmO1gkNypPM9-MvGVzjP4tqXuBhytXFMltOUTNOGSKFPR_Uq5qyVuFYiyqIZ4EQ2cyll6iBMsJWYLtRgmYmg9tq0pfw0rOlLiwQWP6aruysWbjA
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E15 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=253758944722563391&x=1&ct=76
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A0AF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VDxiCw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 3BE1 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbNyi4va2sCWWMnXV9xfkGWycgsYdI2G903ggP1jNDyN9XzG5kNRk1W5iPn6plIbuij9GrLxDz4UvnOueLpW46tsy17Bnx_YsxWYcbYbItlC3PEt7qjnq0irzt_1nfG8Z_dL0lmVm7KZCNDIGKdv-SLzj23vhiK8C0WoEhA4q2oVsDzc&dbm_d=AKAmf-C0rZMEBvAVtueukCDK05WunAyXsn_6iIkaiHYtT5Oemn1JYjmkla1QiRTMY0oG6AIPn7mNpZ-vPVUxL-PwfdBErZ0rigI0rDp5NezpK8Mg-0Rt4r1yoW0Hqg74PXy-c1YCZicU38husFErYoRoLqKbaESE1w30S0T0uZvUMUn50v9kwemSB7-0jTL-Kx3gewyvhWsUm76mQV19bVJSLSqnp5WwuWN0szSn7AglB_NOxNzNLg5Pd5kgmRWjEJK0c3inaLm9IdkCE5Pt_PfXo1oIA1RRXWkZ_bb_hkOFlinDSIZZkurY7HPCXEUPCtZyw5K11Zs5dtTqsWftD__mVIqhbxAmF2V0kaBmE4UJLcOY6qyvdiJmc0MzdanBd7VUtRvO30yrU9Bn5RZm6YPXHFtEDBb8mk2-bOiIxs7FNtc3VMoGUUxRl7CPCpf3rrVmrGeIagxUF-lF6Be8-nkm0S1Le045sC7BRKNy15nwJn-2YHfbiQCqaH4nscOECLv7CzdgDvxvVDLLugATq9hp-s4qyEedfhG2HUYURHq-DzvwQqqVUoO_teDe811dsebTjJ_9yhSoZSKMWr6V6kyR9ImWLJgDBX8xANi9z2GptVbEo3Xpd8rQDl7GjJ8alL7cKljCkYxqYAPPweB6K4mhoR2BtxuyzEzVe3rYTQR40wLfClA5gn0qkE6pkphjUqIiJSTl9rIeGwCRGet5LOnS7_36I6OxiKbYjPLI5YYlKT0VDDOgs7CzKt3EYEJ9pX3ig6n6jJ9hNxOhuFTKu0Hfyu2lxlqUmvWLVAWhW11ULTOF4uwRW2SCtlyupGSObP33q4TaiivkHO9a929ZvBhgaLzJHgH3i8URWk1G2tgZoRHtPS6McWngek6NVJUf5xFcJRnkVrAlWUB3_wjyAEzgkPKvt5MIxHXPADKT-RvuD1VK3pGwwvWuw5sw5iGP7hI1JWLu0W_t_n5J1FMd87w74Y5k5aqgVql33FSsJ-YiJ6Qdtv0hk2OddHxJT-oMQJjERCW7k3s4PpVZFadn53Ni0F5Fgo3DIhM_XmeBfCUF7VemLskJDcwY5rnXpBvO0M9sSwSTOF3PcGO6dN-IUJiGFetfJqOObFmxH8tIcelF1oy6A_UY_pLV-CaURy_DUBgYxZi_zHheIxqMpVRfys5V28R08Lq71O6JHcfDqL2NLvklMAx5pcLrCfGDY9r6RuoRI-NqErSgpQs_5buEDRVHLmTiwtvl9b8Io0LLSKHvRGi1hl8rdm95JigoCvnGLNNW18lqMOS4pSfD0IzPkbc2EkR0UOMRvbo3qjK5igYXZmq6ZfoHImNSAmhgQUVsSo5R-mexKEYmmeds9zCawtytujIQwzc3s7YBceGjRKps99Tj_Zhj3YtRlvLc0HWz1Qk0qRbu7Chf_aiRxhyXOCuT23HM-UeQLNO3GQO9VA5sUZMdTwO815ypxcW-XhCf7GMrQdIT_Tj51R6BDSEJdMmKEHhw3jsa_VIXFXnN5njEK01ORllx3ly_8gIZSEZdkzg1sm3djqZcb5E7PNyOWTnrDg4M8gD-fcjKbnkU7-7M6wkBkHeedUU9IiSt23-y2Z8A7lsSe2ZR_IVxHWrytK94MnfHpreGb3sFKppVaKYhX9yyRb5g9Hx2o8q4UjMY9FSZuEr1gHF4AukHq-xbX1mbaiLx-WJA1CpKXMqHi1u18s0lzraXEp9GObqlnlzB3tz99o8gjAeQT8OscR9WR-Be3Ap2WE47g_iwbpeMmJQW7NCb3gOgSNao3-QmnjjDfkwfBOH8yu_pqf2Iz14LhYsaDUVAu3prwTd4HJgLEIVyv9SfMjfMrdcQtcAroJA7gjJcJdgU5jcWa4QvIA-GL0zEayB2VGVOLd8-pYqBN1qyv2mGHSeYVIZl4D9UOStKxoM0KnGvISFcmYB9bzMsEeCXTpG6sXuD6wmqgPrtQhxyRdQBOCU8nqKBUMi-S91_P8u0pBKYD_wMxrF1mTMEhkR9P9DryIc2B99LYleuRhsWtIFpgbggDdUve49SVBQBkUayzzW7zlXijVqooleeYTafcYFhzCO2UH7VscQJ5P548gfy1C1AmXB8c4oQdrGSxblb226lyKh9BXdMnyiuk-JrKQP2E44ZRJax5im0b4i-CKegTudA2sSKBNICeWcCfjQbecA-iiDMObCjS4yFJ4x-_YpwxEzxAJkXHQCTXMLk6GqKgrkiI2HOQxbpZsYwgfrXYH1X0x2bxryD9cJBJtqz1-hg63FLJl2SE-VRf2GYyD5SjarKPhL7dLaximIj05pawsTEb-Jwpxu5I1ra3Z4Mj9eEWrTtEUrzpb_4BpAqnoZHNDaZlY-8l8fo4IS2qg17mDtUukxRwwjC3uiOrU-daLkCElfyDFFxFFlpNvUhyOTIbnWDF6i9sYK7kdMCCC747Ty58MZpIAefD7iAoJtyj5MpnJRY8H5NqSZNQZDVPixYi_6o4JInVUsa55HBSIXojcYQQLZogdk03CPWKfsuszTCIg9IpYsWhQmFKMNdZWdZ20vgjnMl9wbsuCVas52D-5JPNG-hargYQKVYOrS0EJt6SZgSlQZ25RlRarssJ4sGcvLxXVgJNHejBp-CQfzXtKFYaCuQIJdFgfd6VDogUZCIHJI_m0gRvQ7P9uhpXa0R5UwQKciErGkz6MEkpJZReUs99Q_OuZ7issmExiVO4N6876CQVhdKMmM-WRWN39hqbaZQfyVR20X98EkRjvzcpH85lJwUdnRtHEZax5MAu88soqNXVZ4zmJ_1YL-b_5XbVvgUncTMwznUHaVkSzwUoGDEriDI2wzr4GU2lDyMCvhQycTBs__STAKeDaBukMIlruYG8mG8GBnW6DQq77bsRQ3paxBdPmcX6k8OeqwsjQ-e6BAn6M7mQ-h_-H5VrY7Nkj2e7_phqggb1KqXrteUtL56-A82NKrO10lxKcLhjFZJoKa7EGzzrWnwzs33rlcGsMCzvfF2UrR5YIRXRes1KOOfwsNKB_kqvj13fsYgnjizKZzgCyGT5jr4p1rvw7UibYpZYkpd4khdTcKIXM8-oTUJqc8vMl83ZH0-fwVhQpyicm_FPYlpDAsKA9PV85-1BN3U-ymNs2eLm-SGnTVUhSVyRrV3UxZuIsG3u22pN1spYDEI8rrdNieBud46T3bNPDPC6P2p-OvsShfzKShbNQNqTqijyUWFdmw2p_Dipt5vTprj8upOn0AmZh5tiooDaKTkhAGCuDsX4NETAkJIHFjqvUeK9vtcTeo6g8PaS5AvjmcMDK7r8L08Dpp2ozBQtNj9GOHEF_EAVeea--N7Byxpn_eDIO4WwpbLRnkZk4dOCVYAsOUo4NBXGpp7cIbQZ7mkBqw&pr=8:FB7095CCCA75C253&cid=CAQSMgDq26N9GKj3KwgrQObBd4WzdpUY6fEB7WdsSMYVBPSLiiHcNGImrWwC9Xlald-fpia1GAEgCg&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
24666
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:13:05 GMT
5857362146616621051
s0.2mdn.net/simgad/ Frame 3BE1 		260 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5857362146616621051
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbNyi4va2sCWWMnXV9xfkGWycgsYdI2G903ggP1jNDyN9XzG5kNRk1W5iPn6plIbuij9GrLxDz4UvnOueLpW46tsy17Bnx_YsxWYcbYbItlC3PEt7qjnq0irzt_1nfG8Z_dL0lmVm7KZCNDIGKdv-SLzj23vhiK8C0WoEhA4q2oVsDzc&dbm_d=AKAmf-C0rZMEBvAVtueukCDK05WunAyXsn_6iIkaiHYtT5Oemn1JYjmkla1QiRTMY0oG6AIPn7mNpZ-vPVUxL-PwfdBErZ0rigI0rDp5NezpK8Mg-0Rt4r1yoW0Hqg74PXy-c1YCZicU38husFErYoRoLqKbaESE1w30S0T0uZvUMUn50v9kwemSB7-0jTL-Kx3gewyvhWsUm76mQV19bVJSLSqnp5WwuWN0szSn7AglB_NOxNzNLg5Pd5kgmRWjEJK0c3inaLm9IdkCE5Pt_PfXo1oIA1RRXWkZ_bb_hkOFlinDSIZZkurY7HPCXEUPCtZyw5K11Zs5dtTqsWftD__mVIqhbxAmF2V0kaBmE4UJLcOY6qyvdiJmc0MzdanBd7VUtRvO30yrU9Bn5RZm6YPXHFtEDBb8mk2-bOiIxs7FNtc3VMoGUUxRl7CPCpf3rrVmrGeIagxUF-lF6Be8-nkm0S1Le045sC7BRKNy15nwJn-2YHfbiQCqaH4nscOECLv7CzdgDvxvVDLLugATq9hp-s4qyEedfhG2HUYURHq-DzvwQqqVUoO_teDe811dsebTjJ_9yhSoZSKMWr6V6kyR9ImWLJgDBX8xANi9z2GptVbEo3Xpd8rQDl7GjJ8alL7cKljCkYxqYAPPweB6K4mhoR2BtxuyzEzVe3rYTQR40wLfClA5gn0qkE6pkphjUqIiJSTl9rIeGwCRGet5LOnS7_36I6OxiKbYjPLI5YYlKT0VDDOgs7CzKt3EYEJ9pX3ig6n6jJ9hNxOhuFTKu0Hfyu2lxlqUmvWLVAWhW11ULTOF4uwRW2SCtlyupGSObP33q4TaiivkHO9a929ZvBhgaLzJHgH3i8URWk1G2tgZoRHtPS6McWngek6NVJUf5xFcJRnkVrAlWUB3_wjyAEzgkPKvt5MIxHXPADKT-RvuD1VK3pGwwvWuw5sw5iGP7hI1JWLu0W_t_n5J1FMd87w74Y5k5aqgVql33FSsJ-YiJ6Qdtv0hk2OddHxJT-oMQJjERCW7k3s4PpVZFadn53Ni0F5Fgo3DIhM_XmeBfCUF7VemLskJDcwY5rnXpBvO0M9sSwSTOF3PcGO6dN-IUJiGFetfJqOObFmxH8tIcelF1oy6A_UY_pLV-CaURy_DUBgYxZi_zHheIxqMpVRfys5V28R08Lq71O6JHcfDqL2NLvklMAx5pcLrCfGDY9r6RuoRI-NqErSgpQs_5buEDRVHLmTiwtvl9b8Io0LLSKHvRGi1hl8rdm95JigoCvnGLNNW18lqMOS4pSfD0IzPkbc2EkR0UOMRvbo3qjK5igYXZmq6ZfoHImNSAmhgQUVsSo5R-mexKEYmmeds9zCawtytujIQwzc3s7YBceGjRKps99Tj_Zhj3YtRlvLc0HWz1Qk0qRbu7Chf_aiRxhyXOCuT23HM-UeQLNO3GQO9VA5sUZMdTwO815ypxcW-XhCf7GMrQdIT_Tj51R6BDSEJdMmKEHhw3jsa_VIXFXnN5njEK01ORllx3ly_8gIZSEZdkzg1sm3djqZcb5E7PNyOWTnrDg4M8gD-fcjKbnkU7-7M6wkBkHeedUU9IiSt23-y2Z8A7lsSe2ZR_IVxHWrytK94MnfHpreGb3sFKppVaKYhX9yyRb5g9Hx2o8q4UjMY9FSZuEr1gHF4AukHq-xbX1mbaiLx-WJA1CpKXMqHi1u18s0lzraXEp9GObqlnlzB3tz99o8gjAeQT8OscR9WR-Be3Ap2WE47g_iwbpeMmJQW7NCb3gOgSNao3-QmnjjDfkwfBOH8yu_pqf2Iz14LhYsaDUVAu3prwTd4HJgLEIVyv9SfMjfMrdcQtcAroJA7gjJcJdgU5jcWa4QvIA-GL0zEayB2VGVOLd8-pYqBN1qyv2mGHSeYVIZl4D9UOStKxoM0KnGvISFcmYB9bzMsEeCXTpG6sXuD6wmqgPrtQhxyRdQBOCU8nqKBUMi-S91_P8u0pBKYD_wMxrF1mTMEhkR9P9DryIc2B99LYleuRhsWtIFpgbggDdUve49SVBQBkUayzzW7zlXijVqooleeYTafcYFhzCO2UH7VscQJ5P548gfy1C1AmXB8c4oQdrGSxblb226lyKh9BXdMnyiuk-JrKQP2E44ZRJax5im0b4i-CKegTudA2sSKBNICeWcCfjQbecA-iiDMObCjS4yFJ4x-_YpwxEzxAJkXHQCTXMLk6GqKgrkiI2HOQxbpZsYwgfrXYH1X0x2bxryD9cJBJtqz1-hg63FLJl2SE-VRf2GYyD5SjarKPhL7dLaximIj05pawsTEb-Jwpxu5I1ra3Z4Mj9eEWrTtEUrzpb_4BpAqnoZHNDaZlY-8l8fo4IS2qg17mDtUukxRwwjC3uiOrU-daLkCElfyDFFxFFlpNvUhyOTIbnWDF6i9sYK7kdMCCC747Ty58MZpIAefD7iAoJtyj5MpnJRY8H5NqSZNQZDVPixYi_6o4JInVUsa55HBSIXojcYQQLZogdk03CPWKfsuszTCIg9IpYsWhQmFKMNdZWdZ20vgjnMl9wbsuCVas52D-5JPNG-hargYQKVYOrS0EJt6SZgSlQZ25RlRarssJ4sGcvLxXVgJNHejBp-CQfzXtKFYaCuQIJdFgfd6VDogUZCIHJI_m0gRvQ7P9uhpXa0R5UwQKciErGkz6MEkpJZReUs99Q_OuZ7issmExiVO4N6876CQVhdKMmM-WRWN39hqbaZQfyVR20X98EkRjvzcpH85lJwUdnRtHEZax5MAu88soqNXVZ4zmJ_1YL-b_5XbVvgUncTMwznUHaVkSzwUoGDEriDI2wzr4GU2lDyMCvhQycTBs__STAKeDaBukMIlruYG8mG8GBnW6DQq77bsRQ3paxBdPmcX6k8OeqwsjQ-e6BAn6M7mQ-h_-H5VrY7Nkj2e7_phqggb1KqXrteUtL56-A82NKrO10lxKcLhjFZJoKa7EGzzrWnwzs33rlcGsMCzvfF2UrR5YIRXRes1KOOfwsNKB_kqvj13fsYgnjizKZzgCyGT5jr4p1rvw7UibYpZYkpd4khdTcKIXM8-oTUJqc8vMl83ZH0-fwVhQpyicm_FPYlpDAsKA9PV85-1BN3U-ymNs2eLm-SGnTVUhSVyRrV3UxZuIsG3u22pN1spYDEI8rrdNieBud46T3bNPDPC6P2p-OvsShfzKShbNQNqTqijyUWFdmw2p_Dipt5vTprj8upOn0AmZh5tiooDaKTkhAGCuDsX4NETAkJIHFjqvUeK9vtcTeo6g8PaS5AvjmcMDK7r8L08Dpp2ozBQtNj9GOHEF_EAVeea--N7Byxpn_eDIO4WwpbLRnkZk4dOCVYAsOUo4NBXGpp7cIbQZ7mkBqw&pr=8:FB7095CCCA75C253&cid=CAQSMgDq26N9GKj3KwgrQObBd4WzdpUY6fEB7WdsSMYVBPSLiiHcNGImrWwC9Xlald-fpia1GAEgCg&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df54930b77e169f8fe3c37810a4ebcd2bfcf377d924e0d905814bec27d6f8cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 18:53:55 GMT
x-content-type-options
nosniff
age
540616
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
265795
x-xss-protection
0
last-modified
Mon, 23 May 2022 15:16:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Dec 2023 18:53:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 3BE1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbNyi4va2sCWWMnXV9xfkGWycgsYdI2G903ggP1jNDyN9XzG5kNRk1W5iPn6plIbuij9GrLxDz4UvnOueLpW46tsy17Bnx_YsxWYcbYbItlC3PEt7qjnq0irzt_1nfG8Z_dL0lmVm7KZCNDIGKdv-SLzj23vhiK8C0WoEhA4q2oVsDzc&dbm_d=AKAmf-C0rZMEBvAVtueukCDK05WunAyXsn_6iIkaiHYtT5Oemn1JYjmkla1QiRTMY0oG6AIPn7mNpZ-vPVUxL-PwfdBErZ0rigI0rDp5NezpK8Mg-0Rt4r1yoW0Hqg74PXy-c1YCZicU38husFErYoRoLqKbaESE1w30S0T0uZvUMUn50v9kwemSB7-0jTL-Kx3gewyvhWsUm76mQV19bVJSLSqnp5WwuWN0szSn7AglB_NOxNzNLg5Pd5kgmRWjEJK0c3inaLm9IdkCE5Pt_PfXo1oIA1RRXWkZ_bb_hkOFlinDSIZZkurY7HPCXEUPCtZyw5K11Zs5dtTqsWftD__mVIqhbxAmF2V0kaBmE4UJLcOY6qyvdiJmc0MzdanBd7VUtRvO30yrU9Bn5RZm6YPXHFtEDBb8mk2-bOiIxs7FNtc3VMoGUUxRl7CPCpf3rrVmrGeIagxUF-lF6Be8-nkm0S1Le045sC7BRKNy15nwJn-2YHfbiQCqaH4nscOECLv7CzdgDvxvVDLLugATq9hp-s4qyEedfhG2HUYURHq-DzvwQqqVUoO_teDe811dsebTjJ_9yhSoZSKMWr6V6kyR9ImWLJgDBX8xANi9z2GptVbEo3Xpd8rQDl7GjJ8alL7cKljCkYxqYAPPweB6K4mhoR2BtxuyzEzVe3rYTQR40wLfClA5gn0qkE6pkphjUqIiJSTl9rIeGwCRGet5LOnS7_36I6OxiKbYjPLI5YYlKT0VDDOgs7CzKt3EYEJ9pX3ig6n6jJ9hNxOhuFTKu0Hfyu2lxlqUmvWLVAWhW11ULTOF4uwRW2SCtlyupGSObP33q4TaiivkHO9a929ZvBhgaLzJHgH3i8URWk1G2tgZoRHtPS6McWngek6NVJUf5xFcJRnkVrAlWUB3_wjyAEzgkPKvt5MIxHXPADKT-RvuD1VK3pGwwvWuw5sw5iGP7hI1JWLu0W_t_n5J1FMd87w74Y5k5aqgVql33FSsJ-YiJ6Qdtv0hk2OddHxJT-oMQJjERCW7k3s4PpVZFadn53Ni0F5Fgo3DIhM_XmeBfCUF7VemLskJDcwY5rnXpBvO0M9sSwSTOF3PcGO6dN-IUJiGFetfJqOObFmxH8tIcelF1oy6A_UY_pLV-CaURy_DUBgYxZi_zHheIxqMpVRfys5V28R08Lq71O6JHcfDqL2NLvklMAx5pcLrCfGDY9r6RuoRI-NqErSgpQs_5buEDRVHLmTiwtvl9b8Io0LLSKHvRGi1hl8rdm95JigoCvnGLNNW18lqMOS4pSfD0IzPkbc2EkR0UOMRvbo3qjK5igYXZmq6ZfoHImNSAmhgQUVsSo5R-mexKEYmmeds9zCawtytujIQwzc3s7YBceGjRKps99Tj_Zhj3YtRlvLc0HWz1Qk0qRbu7Chf_aiRxhyXOCuT23HM-UeQLNO3GQO9VA5sUZMdTwO815ypxcW-XhCf7GMrQdIT_Tj51R6BDSEJdMmKEHhw3jsa_VIXFXnN5njEK01ORllx3ly_8gIZSEZdkzg1sm3djqZcb5E7PNyOWTnrDg4M8gD-fcjKbnkU7-7M6wkBkHeedUU9IiSt23-y2Z8A7lsSe2ZR_IVxHWrytK94MnfHpreGb3sFKppVaKYhX9yyRb5g9Hx2o8q4UjMY9FSZuEr1gHF4AukHq-xbX1mbaiLx-WJA1CpKXMqHi1u18s0lzraXEp9GObqlnlzB3tz99o8gjAeQT8OscR9WR-Be3Ap2WE47g_iwbpeMmJQW7NCb3gOgSNao3-QmnjjDfkwfBOH8yu_pqf2Iz14LhYsaDUVAu3prwTd4HJgLEIVyv9SfMjfMrdcQtcAroJA7gjJcJdgU5jcWa4QvIA-GL0zEayB2VGVOLd8-pYqBN1qyv2mGHSeYVIZl4D9UOStKxoM0KnGvISFcmYB9bzMsEeCXTpG6sXuD6wmqgPrtQhxyRdQBOCU8nqKBUMi-S91_P8u0pBKYD_wMxrF1mTMEhkR9P9DryIc2B99LYleuRhsWtIFpgbggDdUve49SVBQBkUayzzW7zlXijVqooleeYTafcYFhzCO2UH7VscQJ5P548gfy1C1AmXB8c4oQdrGSxblb226lyKh9BXdMnyiuk-JrKQP2E44ZRJax5im0b4i-CKegTudA2sSKBNICeWcCfjQbecA-iiDMObCjS4yFJ4x-_YpwxEzxAJkXHQCTXMLk6GqKgrkiI2HOQxbpZsYwgfrXYH1X0x2bxryD9cJBJtqz1-hg63FLJl2SE-VRf2GYyD5SjarKPhL7dLaximIj05pawsTEb-Jwpxu5I1ra3Z4Mj9eEWrTtEUrzpb_4BpAqnoZHNDaZlY-8l8fo4IS2qg17mDtUukxRwwjC3uiOrU-daLkCElfyDFFxFFlpNvUhyOTIbnWDF6i9sYK7kdMCCC747Ty58MZpIAefD7iAoJtyj5MpnJRY8H5NqSZNQZDVPixYi_6o4JInVUsa55HBSIXojcYQQLZogdk03CPWKfsuszTCIg9IpYsWhQmFKMNdZWdZ20vgjnMl9wbsuCVas52D-5JPNG-hargYQKVYOrS0EJt6SZgSlQZ25RlRarssJ4sGcvLxXVgJNHejBp-CQfzXtKFYaCuQIJdFgfd6VDogUZCIHJI_m0gRvQ7P9uhpXa0R5UwQKciErGkz6MEkpJZReUs99Q_OuZ7issmExiVO4N6876CQVhdKMmM-WRWN39hqbaZQfyVR20X98EkRjvzcpH85lJwUdnRtHEZax5MAu88soqNXVZ4zmJ_1YL-b_5XbVvgUncTMwznUHaVkSzwUoGDEriDI2wzr4GU2lDyMCvhQycTBs__STAKeDaBukMIlruYG8mG8GBnW6DQq77bsRQ3paxBdPmcX6k8OeqwsjQ-e6BAn6M7mQ-h_-H5VrY7Nkj2e7_phqggb1KqXrteUtL56-A82NKrO10lxKcLhjFZJoKa7EGzzrWnwzs33rlcGsMCzvfF2UrR5YIRXRes1KOOfwsNKB_kqvj13fsYgnjizKZzgCyGT5jr4p1rvw7UibYpZYkpd4khdTcKIXM8-oTUJqc8vMl83ZH0-fwVhQpyicm_FPYlpDAsKA9PV85-1BN3U-ymNs2eLm-SGnTVUhSVyRrV3UxZuIsG3u22pN1spYDEI8rrdNieBud46T3bNPDPC6P2p-OvsShfzKShbNQNqTqijyUWFdmw2p_Dipt5vTprj8upOn0AmZh5tiooDaKTkhAGCuDsX4NETAkJIHFjqvUeK9vtcTeo6g8PaS5AvjmcMDK7r8L08Dpp2ozBQtNj9GOHEF_EAVeea--N7Byxpn_eDIO4WwpbLRnkZk4dOCVYAsOUo4NBXGpp7cIbQZ7mkBqw&pr=8:FB7095CCCA75C253&cid=CAQSMgDq26N9GKj3KwgrQObBd4WzdpUY6fEB7WdsSMYVBPSLiiHcNGImrWwC9Xlald-fpia1GAEgCg&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
21952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:58:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3BE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstBio8NYgJwgpUjEltdchsH8d1Aeyw36jn3Uzgnq_XUxMHpBsLmUfmslZwNM3ou14fwKSnlsTh5ApAA3XBT87CDSOj0VamWedy2kHHhQ20Pklxkp4kyhnm27P2MKgiQyRr-BIRXIt2nljkRVTGUrMihV-M4IapLcEq_BW_0-ewDsWzfr4ni0jnXNbphOvFMBx9zlDEOIKSsNH9MI23G_Gz-4AS3qd9rgEobCi8_87r5SEzEYCqUGlL2-owZqM9tRlEb1TvCrY-RWHjiVXsnQlNWVC6eK7-4ASdbp9GtSnV6oeX8cmVpCSOYhv61VET6drU4NMWrS57NE3kH7PVHI-OPMFG18AUpU9zxjFGoELBBieCQXX8ZCFXMFk4IFUe4ykpQc6L9JPL9bbT1J1R8QzbgZFvEU9TPxxf_Akf8cu7HpLTTVNu3XUEDPAWGgB4FgiOUPUwa_G_cxpFAYTrjDnnhC-kbYQ7t1wlQAqIDG_wa2e4c1FoKdswo8hKATL95ZojgzHXGli4ym9YyGnPELkiZQEAayRcXnJqJW0K6y26lWktU0IBBIKK2WM5lRANdMfG94eW5XtdgEoEJ_HyFbj0sZRryZ_UrwPzoWmGEJELqtpzzpHDI5MIHzPilz80kVx3tI-N-GZqKi3_Ck0T8ph34t2DwbGGkf9lSN5yy844ANeeQ-d-1tJDkuhLgcINIkzdR70GryK5_N_Qh5UXcRw68JM6L9Ti392Fv3DV-8d7Z0GD-oThaBH-0X1o6Nj00oO1SxG8tpsGbMsdXpUC4s9lCzH6BLG4gAHNGL3Gr8VDRMHsZrjZAkd3bX8GoihbkmF0natMG8v_YJC7miVzR3taLZ17WQHavSQJJakxASpNCslhmZgoGQk0obnpRztsYVExaEytnLny86ZhuOOd-8EqJ07spy1o3TDxu9fa2FoGtV50AgsTuYoHYk2UIcBL8YlHZ1tMft5EAt1R24aLShYF1fa75iWRGL3FxNK3AXqKelmI-wgeh_g9Y3kc6WucDiv-Tqinb_0w8FyPaE1PtmCuv757kggtjRFJVTUhkKsSN0PHeTya8jm94UTIKVO77DlJylQzSNEIhywxxTLjlPq9qEZbw7E_hjGCwkgXi_w8ksV1IBCJ7hZPPLoWI6KmFkYKJWuzPmpAo64pzlR2cKOXNFTSbZAck7123q6AQijYVDYXkr5X84_hzpgnKVRxUFRn7WYoWsUEKE2mkdwGTnDNhnqZv35T2o8-1MbORwIQXK7M1GjgW-Uf1yF3o3jq_n_k18k1nerKJn8wpSH6YIFrAIctwCQ&sai=AMfl-YQag-K8I7SvKIq8tlAZ2NzIlRlKdJ1GD83TRCl9BNK_Tc17blEWxRLjLd3qz0oQeama-dlvsZHE3IJzdSmDtrnNekqc8b31OL7wjy7qSV74HZSP1rp1lzDI8ko1y016R7XrDEFN_Sq75i-o80xapoi11AIgPzMiXcZuJxU5_l2rNU5-rNPdDB_kzz70V5tgSaallNoGjkukY67a5qBBNTeHPwED70tQTXTDv5wHgOK-VXYXCQlpiwfNzCjW&sig=Cg0ArKJSzL0mrRspMffuEAE&uach_m=[UACH]&pr=8:FB7095CCCA75C253&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221206.25924&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbNyi4va2sCWWMnXV9xfkGWycgsYdI2G903ggP1jNDyN9XzG5kNRk1W5iPn6plIbuij9GrLxDz4UvnOueLpW46tsy17Bnx_YsxWYcbYbItlC3PEt7qjnq0irzt_1nfG8Z_dL0lmVm7KZCNDIGKdv-SLzj23vhiK8C0WoEhA4q2oVsDzc&dbm_d=AKAmf-C0rZMEBvAVtueukCDK05WunAyXsn_6iIkaiHYtT5Oemn1JYjmkla1QiRTMY0oG6AIPn7mNpZ-vPVUxL-PwfdBErZ0rigI0rDp5NezpK8Mg-0Rt4r1yoW0Hqg74PXy-c1YCZicU38husFErYoRoLqKbaESE1w30S0T0uZvUMUn50v9kwemSB7-0jTL-Kx3gewyvhWsUm76mQV19bVJSLSqnp5WwuWN0szSn7AglB_NOxNzNLg5Pd5kgmRWjEJK0c3inaLm9IdkCE5Pt_PfXo1oIA1RRXWkZ_bb_hkOFlinDSIZZkurY7HPCXEUPCtZyw5K11Zs5dtTqsWftD__mVIqhbxAmF2V0kaBmE4UJLcOY6qyvdiJmc0MzdanBd7VUtRvO30yrU9Bn5RZm6YPXHFtEDBb8mk2-bOiIxs7FNtc3VMoGUUxRl7CPCpf3rrVmrGeIagxUF-lF6Be8-nkm0S1Le045sC7BRKNy15nwJn-2YHfbiQCqaH4nscOECLv7CzdgDvxvVDLLugATq9hp-s4qyEedfhG2HUYURHq-DzvwQqqVUoO_teDe811dsebTjJ_9yhSoZSKMWr6V6kyR9ImWLJgDBX8xANi9z2GptVbEo3Xpd8rQDl7GjJ8alL7cKljCkYxqYAPPweB6K4mhoR2BtxuyzEzVe3rYTQR40wLfClA5gn0qkE6pkphjUqIiJSTl9rIeGwCRGet5LOnS7_36I6OxiKbYjPLI5YYlKT0VDDOgs7CzKt3EYEJ9pX3ig6n6jJ9hNxOhuFTKu0Hfyu2lxlqUmvWLVAWhW11ULTOF4uwRW2SCtlyupGSObP33q4TaiivkHO9a929ZvBhgaLzJHgH3i8URWk1G2tgZoRHtPS6McWngek6NVJUf5xFcJRnkVrAlWUB3_wjyAEzgkPKvt5MIxHXPADKT-RvuD1VK3pGwwvWuw5sw5iGP7hI1JWLu0W_t_n5J1FMd87w74Y5k5aqgVql33FSsJ-YiJ6Qdtv0hk2OddHxJT-oMQJjERCW7k3s4PpVZFadn53Ni0F5Fgo3DIhM_XmeBfCUF7VemLskJDcwY5rnXpBvO0M9sSwSTOF3PcGO6dN-IUJiGFetfJqOObFmxH8tIcelF1oy6A_UY_pLV-CaURy_DUBgYxZi_zHheIxqMpVRfys5V28R08Lq71O6JHcfDqL2NLvklMAx5pcLrCfGDY9r6RuoRI-NqErSgpQs_5buEDRVHLmTiwtvl9b8Io0LLSKHvRGi1hl8rdm95JigoCvnGLNNW18lqMOS4pSfD0IzPkbc2EkR0UOMRvbo3qjK5igYXZmq6ZfoHImNSAmhgQUVsSo5R-mexKEYmmeds9zCawtytujIQwzc3s7YBceGjRKps99Tj_Zhj3YtRlvLc0HWz1Qk0qRbu7Chf_aiRxhyXOCuT23HM-UeQLNO3GQO9VA5sUZMdTwO815ypxcW-XhCf7GMrQdIT_Tj51R6BDSEJdMmKEHhw3jsa_VIXFXnN5njEK01ORllx3ly_8gIZSEZdkzg1sm3djqZcb5E7PNyOWTnrDg4M8gD-fcjKbnkU7-7M6wkBkHeedUU9IiSt23-y2Z8A7lsSe2ZR_IVxHWrytK94MnfHpreGb3sFKppVaKYhX9yyRb5g9Hx2o8q4UjMY9FSZuEr1gHF4AukHq-xbX1mbaiLx-WJA1CpKXMqHi1u18s0lzraXEp9GObqlnlzB3tz99o8gjAeQT8OscR9WR-Be3Ap2WE47g_iwbpeMmJQW7NCb3gOgSNao3-QmnjjDfkwfBOH8yu_pqf2Iz14LhYsaDUVAu3prwTd4HJgLEIVyv9SfMjfMrdcQtcAroJA7gjJcJdgU5jcWa4QvIA-GL0zEayB2VGVOLd8-pYqBN1qyv2mGHSeYVIZl4D9UOStKxoM0KnGvISFcmYB9bzMsEeCXTpG6sXuD6wmqgPrtQhxyRdQBOCU8nqKBUMi-S91_P8u0pBKYD_wMxrF1mTMEhkR9P9DryIc2B99LYleuRhsWtIFpgbggDdUve49SVBQBkUayzzW7zlXijVqooleeYTafcYFhzCO2UH7VscQJ5P548gfy1C1AmXB8c4oQdrGSxblb226lyKh9BXdMnyiuk-JrKQP2E44ZRJax5im0b4i-CKegTudA2sSKBNICeWcCfjQbecA-iiDMObCjS4yFJ4x-_YpwxEzxAJkXHQCTXMLk6GqKgrkiI2HOQxbpZsYwgfrXYH1X0x2bxryD9cJBJtqz1-hg63FLJl2SE-VRf2GYyD5SjarKPhL7dLaximIj05pawsTEb-Jwpxu5I1ra3Z4Mj9eEWrTtEUrzpb_4BpAqnoZHNDaZlY-8l8fo4IS2qg17mDtUukxRwwjC3uiOrU-daLkCElfyDFFxFFlpNvUhyOTIbnWDF6i9sYK7kdMCCC747Ty58MZpIAefD7iAoJtyj5MpnJRY8H5NqSZNQZDVPixYi_6o4JInVUsa55HBSIXojcYQQLZogdk03CPWKfsuszTCIg9IpYsWhQmFKMNdZWdZ20vgjnMl9wbsuCVas52D-5JPNG-hargYQKVYOrS0EJt6SZgSlQZ25RlRarssJ4sGcvLxXVgJNHejBp-CQfzXtKFYaCuQIJdFgfd6VDogUZCIHJI_m0gRvQ7P9uhpXa0R5UwQKciErGkz6MEkpJZReUs99Q_OuZ7issmExiVO4N6876CQVhdKMmM-WRWN39hqbaZQfyVR20X98EkRjvzcpH85lJwUdnRtHEZax5MAu88soqNXVZ4zmJ_1YL-b_5XbVvgUncTMwznUHaVkSzwUoGDEriDI2wzr4GU2lDyMCvhQycTBs__STAKeDaBukMIlruYG8mG8GBnW6DQq77bsRQ3paxBdPmcX6k8OeqwsjQ-e6BAn6M7mQ-h_-H5VrY7Nkj2e7_phqggb1KqXrteUtL56-A82NKrO10lxKcLhjFZJoKa7EGzzrWnwzs33rlcGsMCzvfF2UrR5YIRXRes1KOOfwsNKB_kqvj13fsYgnjizKZzgCyGT5jr4p1rvw7UibYpZYkpd4khdTcKIXM8-oTUJqc8vMl83ZH0-fwVhQpyicm_FPYlpDAsKA9PV85-1BN3U-ymNs2eLm-SGnTVUhSVyRrV3UxZuIsG3u22pN1spYDEI8rrdNieBud46T3bNPDPC6P2p-OvsShfzKShbNQNqTqijyUWFdmw2p_Dipt5vTprj8upOn0AmZh5tiooDaKTkhAGCuDsX4NETAkJIHFjqvUeK9vtcTeo6g8PaS5AvjmcMDK7r8L08Dpp2ozBQtNj9GOHEF_EAVeea--N7Byxpn_eDIO4WwpbLRnkZk4dOCVYAsOUo4NBXGpp7cIbQZ7mkBqw&pr=8:FB7095CCCA75C253&cid=CAQSMgDq26N9GKj3KwgrQObBd4WzdpUY6fEB7WdsSMYVBPSLiiHcNGImrWwC9Xlald-fpia1GAEgCg&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:11 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3BE1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbNyi4va2sCWWMnXV9xfkGWycgsYdI2G903ggP1jNDyN9XzG5kNRk1W5iPn6plIbuij9GrLxDz4UvnOueLpW46tsy17Bnx_YsxWYcbYbItlC3PEt7qjnq0irzt_1nfG8Z_dL0lmVm7KZCNDIGKdv-SLzj23vhiK8C0WoEhA4q2oVsDzc&dbm_d=AKAmf-C0rZMEBvAVtueukCDK05WunAyXsn_6iIkaiHYtT5Oemn1JYjmkla1QiRTMY0oG6AIPn7mNpZ-vPVUxL-PwfdBErZ0rigI0rDp5NezpK8Mg-0Rt4r1yoW0Hqg74PXy-c1YCZicU38husFErYoRoLqKbaESE1w30S0T0uZvUMUn50v9kwemSB7-0jTL-Kx3gewyvhWsUm76mQV19bVJSLSqnp5WwuWN0szSn7AglB_NOxNzNLg5Pd5kgmRWjEJK0c3inaLm9IdkCE5Pt_PfXo1oIA1RRXWkZ_bb_hkOFlinDSIZZkurY7HPCXEUPCtZyw5K11Zs5dtTqsWftD__mVIqhbxAmF2V0kaBmE4UJLcOY6qyvdiJmc0MzdanBd7VUtRvO30yrU9Bn5RZm6YPXHFtEDBb8mk2-bOiIxs7FNtc3VMoGUUxRl7CPCpf3rrVmrGeIagxUF-lF6Be8-nkm0S1Le045sC7BRKNy15nwJn-2YHfbiQCqaH4nscOECLv7CzdgDvxvVDLLugATq9hp-s4qyEedfhG2HUYURHq-DzvwQqqVUoO_teDe811dsebTjJ_9yhSoZSKMWr6V6kyR9ImWLJgDBX8xANi9z2GptVbEo3Xpd8rQDl7GjJ8alL7cKljCkYxqYAPPweB6K4mhoR2BtxuyzEzVe3rYTQR40wLfClA5gn0qkE6pkphjUqIiJSTl9rIeGwCRGet5LOnS7_36I6OxiKbYjPLI5YYlKT0VDDOgs7CzKt3EYEJ9pX3ig6n6jJ9hNxOhuFTKu0Hfyu2lxlqUmvWLVAWhW11ULTOF4uwRW2SCtlyupGSObP33q4TaiivkHO9a929ZvBhgaLzJHgH3i8URWk1G2tgZoRHtPS6McWngek6NVJUf5xFcJRnkVrAlWUB3_wjyAEzgkPKvt5MIxHXPADKT-RvuD1VK3pGwwvWuw5sw5iGP7hI1JWLu0W_t_n5J1FMd87w74Y5k5aqgVql33FSsJ-YiJ6Qdtv0hk2OddHxJT-oMQJjERCW7k3s4PpVZFadn53Ni0F5Fgo3DIhM_XmeBfCUF7VemLskJDcwY5rnXpBvO0M9sSwSTOF3PcGO6dN-IUJiGFetfJqOObFmxH8tIcelF1oy6A_UY_pLV-CaURy_DUBgYxZi_zHheIxqMpVRfys5V28R08Lq71O6JHcfDqL2NLvklMAx5pcLrCfGDY9r6RuoRI-NqErSgpQs_5buEDRVHLmTiwtvl9b8Io0LLSKHvRGi1hl8rdm95JigoCvnGLNNW18lqMOS4pSfD0IzPkbc2EkR0UOMRvbo3qjK5igYXZmq6ZfoHImNSAmhgQUVsSo5R-mexKEYmmeds9zCawtytujIQwzc3s7YBceGjRKps99Tj_Zhj3YtRlvLc0HWz1Qk0qRbu7Chf_aiRxhyXOCuT23HM-UeQLNO3GQO9VA5sUZMdTwO815ypxcW-XhCf7GMrQdIT_Tj51R6BDSEJdMmKEHhw3jsa_VIXFXnN5njEK01ORllx3ly_8gIZSEZdkzg1sm3djqZcb5E7PNyOWTnrDg4M8gD-fcjKbnkU7-7M6wkBkHeedUU9IiSt23-y2Z8A7lsSe2ZR_IVxHWrytK94MnfHpreGb3sFKppVaKYhX9yyRb5g9Hx2o8q4UjMY9FSZuEr1gHF4AukHq-xbX1mbaiLx-WJA1CpKXMqHi1u18s0lzraXEp9GObqlnlzB3tz99o8gjAeQT8OscR9WR-Be3Ap2WE47g_iwbpeMmJQW7NCb3gOgSNao3-QmnjjDfkwfBOH8yu_pqf2Iz14LhYsaDUVAu3prwTd4HJgLEIVyv9SfMjfMrdcQtcAroJA7gjJcJdgU5jcWa4QvIA-GL0zEayB2VGVOLd8-pYqBN1qyv2mGHSeYVIZl4D9UOStKxoM0KnGvISFcmYB9bzMsEeCXTpG6sXuD6wmqgPrtQhxyRdQBOCU8nqKBUMi-S91_P8u0pBKYD_wMxrF1mTMEhkR9P9DryIc2B99LYleuRhsWtIFpgbggDdUve49SVBQBkUayzzW7zlXijVqooleeYTafcYFhzCO2UH7VscQJ5P548gfy1C1AmXB8c4oQdrGSxblb226lyKh9BXdMnyiuk-JrKQP2E44ZRJax5im0b4i-CKegTudA2sSKBNICeWcCfjQbecA-iiDMObCjS4yFJ4x-_YpwxEzxAJkXHQCTXMLk6GqKgrkiI2HOQxbpZsYwgfrXYH1X0x2bxryD9cJBJtqz1-hg63FLJl2SE-VRf2GYyD5SjarKPhL7dLaximIj05pawsTEb-Jwpxu5I1ra3Z4Mj9eEWrTtEUrzpb_4BpAqnoZHNDaZlY-8l8fo4IS2qg17mDtUukxRwwjC3uiOrU-daLkCElfyDFFxFFlpNvUhyOTIbnWDF6i9sYK7kdMCCC747Ty58MZpIAefD7iAoJtyj5MpnJRY8H5NqSZNQZDVPixYi_6o4JInVUsa55HBSIXojcYQQLZogdk03CPWKfsuszTCIg9IpYsWhQmFKMNdZWdZ20vgjnMl9wbsuCVas52D-5JPNG-hargYQKVYOrS0EJt6SZgSlQZ25RlRarssJ4sGcvLxXVgJNHejBp-CQfzXtKFYaCuQIJdFgfd6VDogUZCIHJI_m0gRvQ7P9uhpXa0R5UwQKciErGkz6MEkpJZReUs99Q_OuZ7issmExiVO4N6876CQVhdKMmM-WRWN39hqbaZQfyVR20X98EkRjvzcpH85lJwUdnRtHEZax5MAu88soqNXVZ4zmJ_1YL-b_5XbVvgUncTMwznUHaVkSzwUoGDEriDI2wzr4GU2lDyMCvhQycTBs__STAKeDaBukMIlruYG8mG8GBnW6DQq77bsRQ3paxBdPmcX6k8OeqwsjQ-e6BAn6M7mQ-h_-H5VrY7Nkj2e7_phqggb1KqXrteUtL56-A82NKrO10lxKcLhjFZJoKa7EGzzrWnwzs33rlcGsMCzvfF2UrR5YIRXRes1KOOfwsNKB_kqvj13fsYgnjizKZzgCyGT5jr4p1rvw7UibYpZYkpd4khdTcKIXM8-oTUJqc8vMl83ZH0-fwVhQpyicm_FPYlpDAsKA9PV85-1BN3U-ymNs2eLm-SGnTVUhSVyRrV3UxZuIsG3u22pN1spYDEI8rrdNieBud46T3bNPDPC6P2p-OvsShfzKShbNQNqTqijyUWFdmw2p_Dipt5vTprj8upOn0AmZh5tiooDaKTkhAGCuDsX4NETAkJIHFjqvUeK9vtcTeo6g8PaS5AvjmcMDK7r8L08Dpp2ozBQtNj9GOHEF_EAVeea--N7Byxpn_eDIO4WwpbLRnkZk4dOCVYAsOUo4NBXGpp7cIbQZ7mkBqw&pr=8:FB7095CCCA75C253&cid=CAQSMgDq26N9GKj3KwgrQObBd4WzdpUY6fEB7WdsSMYVBPSLiiHcNGImrWwC9Xlald-fpia1GAEgCg&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 07:06:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 4640 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcrFq-kBD8GY52spX3smPHYVAMjp1_kRDDPHgw7ByEgCSk_am1PECyABtgqWS5SI99B53XgOdJYZUdz5XUYnJEWiGJaomh_gU8Bl0PVoFI1T10MahWDZ7bn4sR-Kxw6w0dUS77c2qWRpgiZ6neYUrB2QazmzshqPl-lXmZwdZJE5LJfQk&dbm_d=AKAmf-Bh369kROoCp4WGjJT6R9EFQg6ozjeObgBBTwuTXZZpT51HESni_fWKL3ivoVLcFKBlKcyg7eikvbHmziVUr3Q70tNJhSKrsgNxaaLuBX5ZByp5D9HzPzIIG2sqmZJc0aWG1zU4QBcdtMOd2dw-rgowSsJZURxe_-cdTkF_PWAQAEvxpdLMpLdV9jAuc_jWQCp9acNtywF6hJLVnFRbPSLpBeX8WICAvdB-AqF9msHBXCCPHpDP5fy-ETlsR9iUdgbTxebbaDMiiRBpLqBfeQQSa_IiZ_SsYSj-SLyaSHcJnyCDc3ArDVGXqJW3clFB606XJYtFa8ndZTgGteZ4XKIxOz8LfG6sNKFpe63VuUVu5Urr0oo0uOBDTrUsOgOrAhlFxBFO-ZcZDMLClVa4fNSHoOTbL_fKkXo65M4QkZMbQNV6IyW7LRaLJzRdLcvCMQWhG-QwdxPsd3AFHhNXVyMae2OmtvtIGwPulGCiDRPwTKE0mj9Nrll_vtnF8tJemUpGv5DQiTNxvMtJtZLbjqEkD_HXy7Ipmeytvh6rgkbUYPN7Ua9OGvmoqyvpLOyq6HyAOpu4C8lwad08z8LpeLaiGR2UJsywSjjxoAkupXuwjinYoY0xTDqD-iSNaiuq4PE9d4FdTMUcQ1Kauh_VqDraaI9LLy6Z_VLMJvwq1YqPnD0jx6MP-4lQ9vQvP-rna5qlsE63fLRiUN4Ci9SxcOu8haMH_2yol7Tf2NLVN2btYaQ15FzkXw3I1GZEuvb4OF01hDlEh6yNiqFb3iQcyC79PAQcvh9Xy1M_dRF9uwYw1xF7o6Og4SMzuTfKKyrZOoaROs_x0w7Ml7IWOPkAzd1ldYGWZ4EOzm6ZgJR468qW_4H9NuUQ37Nrtpo0Gial0u1BRpNCzMFJ22la0FKmtC0J-aS7JLQeNdu3s6Hu5dGnLfwPunkGmTYQNK0nvP8oQoHEl_lguwna6QGePgVIUc47VRs6SYmwLYVFnpe5MeUOs_lplqDSnk09j63dgnND17brpT_B7iFBYeI9pRJk-umXH7t6hzDyBkqCBW8j65hMR8eXqUHn6exrrBzfhwj4UQ5kPHTQb7vWC68HtC1wV3lXA3weWHuVsa6Nrl3CWELBWyeieI1WOjK7Q0KBj_uWS_Oryu1kuUdoNFFTp7sCryWf204Wph36aON_8frWUm1B4ZuuoG1c7bDhqE5qPfY77m5frI1OKtIgHeAHGk-wBychfuSOVB2J7PllsMM4j5CtQAfxKFTYzCh-uVHgvWhV52m9-03FJ9glfiwhQosL0D2Crwk0o9Wvx4HgCFWZqGt5plOicJ4mGTG3SaQ56TQ7kEIlY_BtnkpuLuk9a0qUem8oKH3ZCTWp0vydDITFCwLnXdz68gH5PaLqrwn8xfqTMNsgEWotwP2AAVCjn8wL0ECV0v2aDJUzDzfIERxdmVr9su4fEgGEEqpo3_NhV37cOexj0YTjbgZ-YLMud5ve8UPl1MaYpp_vHLhTaidGlib2_BFtw4hLmoVICWb-iTDd9lOgTmsXYE3L3oIfUloqsYuNc5fPzdp3qK3tCrtAyUqDFfSNlRwexomJ9MRmZ9OSLSOsTD1JNmIl6A0xZySw-rG4FHMtjjmaJFRJ-ONIq7M1r7gZtcQfMlYz5C8xjnEz17-aeWnlAaDNscUIlwAHarLsbiEYVel9zLIUb_Y6nMZ3LwAOxDiO9G3jlWFEuDG0lqRK8_DSn0ANQyA6Wu6w7SQC7Zqsta3g2hFHU2t0WsMAuW9LOrdwum_uh9P1aCr113tM4alFWAyTe9giQGqh8LKsbkOSbxIjPTipynZj7uRkxPm53WUTjyYEn--rZ0J8mPCPRs0QIAN8VJZMyCWYtxrgle8lIXY0dSpvINmbrXqGOTnARYK0tMUg_FvRzaaDjVrqbxIsNF4Q5Flt7Ojlb63REHeay8lXrRPWsr7LX8MddTpUoO9-LjfXi2WynFcVsVdmFPxXJV5TLcqoIXCgbQZqg23QfD_lsdzxVQyvdowIsUSubIgVAWx6q_-D9LlyNob5lOjaL-k4vJPAIbbbptX9s2-d8g43a0URxSsypkcwUjUvhbYS6-LbOz-5y4lVjwjQmw3R01-OyRpvLbYz3DefuWKYUxB3rMqgIqhqi0Xje67y44UkiH2hoayb4JFOioRrHK0xliyOSx9VZiV4LRZ45mwbfe-QFARua1czVjNDXcp80I8oLxIR9-HKVGQ9jsYsK6ElPST7Y_-KQZ3LlhHl5aiRuGJou9_Fyrwk2EEymfduU7Xm18A3G99xQHErK6C47ZXJo0l20ZOONAmMScY9b0HHDf2gTklAzdSK7x2gEseNCa0PKvVANpV_EVKelQcdUhHfTWQkU-KRRgfPSAdteHVZ-iKiQvUHRfJ82ajGv0OE61I4_QSkKBiMRAxbT5ZkYRM6xU4Y1eAmp9320QBjGIwXdmuXLLJUvUUN08b8-JuKdu3P7AzXdPR_KAPtIETThc2CMkSJ7tDmy0dSStH4SJ3bvTv_MPxWjqGZf6xXmOsHHvf7v11-nLNJ39nF8Ukgwwse_vZfWwfmGOP00PFKqaX0V5Via7IPS_tSOmpytY0wcGA0yfY4Dy94er871Dc6hAHzNY-Ro7CHg9NviSv7tV_b6ncvDAoEKQcikz2zfu6UaMtGXr1f2ZrvKCYgGfbLnKbCz3EF8-m6VosVuJItm5Y1PpTLPsvKqo7dMkHYxtDxWf0qP9oDZg4dJJVv37I4EhJv4Kp_Bq8X63mhuVrQOp2uhDy2RaboYWOm8PUPAlaHmIQIMK_rdMphal3LYuxBsOvyQxYCFm6Y5ltajzuTiXNLTEeP3OHxdVTzzkk0_s2x2E6p_MTiFJTuV2RM3vycECUAK8dFTI3m-eRTjxcvfS2A5j-Im5e7S7TXhgngZZqYkrDnhOhSvQFtlwG7HQST2sgW3bv1Q1-F6zNv84zreGqs9U88OWO2VMUD8EaksRhZ-_zEFwdEGk2mILE6QKc-e-906B6LP7F29iJtTJ8XEreIuVpUh-XdHAj0msOL0oGYtMXLANSZf76f6lmepSnLhRscco5fGxHP0CgwfgPRHT1H1tOOiZiNLQRQIMUPlMkqOLZO3XnhKUj8vHytpIH1XyS8XmYo8bXu_RK2gqsKrX1TTA&pr=8%3AD2AA1ED61C52301E&cid=CAASBORo7Yg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=6614179299645162000&adk=4144141728&idt=89&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
24666
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:13:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 4640 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcrFq-kBD8GY52spX3smPHYVAMjp1_kRDDPHgw7ByEgCSk_am1PECyABtgqWS5SI99B53XgOdJYZUdz5XUYnJEWiGJaomh_gU8Bl0PVoFI1T10MahWDZ7bn4sR-Kxw6w0dUS77c2qWRpgiZ6neYUrB2QazmzshqPl-lXmZwdZJE5LJfQk&dbm_d=AKAmf-Bh369kROoCp4WGjJT6R9EFQg6ozjeObgBBTwuTXZZpT51HESni_fWKL3ivoVLcFKBlKcyg7eikvbHmziVUr3Q70tNJhSKrsgNxaaLuBX5ZByp5D9HzPzIIG2sqmZJc0aWG1zU4QBcdtMOd2dw-rgowSsJZURxe_-cdTkF_PWAQAEvxpdLMpLdV9jAuc_jWQCp9acNtywF6hJLVnFRbPSLpBeX8WICAvdB-AqF9msHBXCCPHpDP5fy-ETlsR9iUdgbTxebbaDMiiRBpLqBfeQQSa_IiZ_SsYSj-SLyaSHcJnyCDc3ArDVGXqJW3clFB606XJYtFa8ndZTgGteZ4XKIxOz8LfG6sNKFpe63VuUVu5Urr0oo0uOBDTrUsOgOrAhlFxBFO-ZcZDMLClVa4fNSHoOTbL_fKkXo65M4QkZMbQNV6IyW7LRaLJzRdLcvCMQWhG-QwdxPsd3AFHhNXVyMae2OmtvtIGwPulGCiDRPwTKE0mj9Nrll_vtnF8tJemUpGv5DQiTNxvMtJtZLbjqEkD_HXy7Ipmeytvh6rgkbUYPN7Ua9OGvmoqyvpLOyq6HyAOpu4C8lwad08z8LpeLaiGR2UJsywSjjxoAkupXuwjinYoY0xTDqD-iSNaiuq4PE9d4FdTMUcQ1Kauh_VqDraaI9LLy6Z_VLMJvwq1YqPnD0jx6MP-4lQ9vQvP-rna5qlsE63fLRiUN4Ci9SxcOu8haMH_2yol7Tf2NLVN2btYaQ15FzkXw3I1GZEuvb4OF01hDlEh6yNiqFb3iQcyC79PAQcvh9Xy1M_dRF9uwYw1xF7o6Og4SMzuTfKKyrZOoaROs_x0w7Ml7IWOPkAzd1ldYGWZ4EOzm6ZgJR468qW_4H9NuUQ37Nrtpo0Gial0u1BRpNCzMFJ22la0FKmtC0J-aS7JLQeNdu3s6Hu5dGnLfwPunkGmTYQNK0nvP8oQoHEl_lguwna6QGePgVIUc47VRs6SYmwLYVFnpe5MeUOs_lplqDSnk09j63dgnND17brpT_B7iFBYeI9pRJk-umXH7t6hzDyBkqCBW8j65hMR8eXqUHn6exrrBzfhwj4UQ5kPHTQb7vWC68HtC1wV3lXA3weWHuVsa6Nrl3CWELBWyeieI1WOjK7Q0KBj_uWS_Oryu1kuUdoNFFTp7sCryWf204Wph36aON_8frWUm1B4ZuuoG1c7bDhqE5qPfY77m5frI1OKtIgHeAHGk-wBychfuSOVB2J7PllsMM4j5CtQAfxKFTYzCh-uVHgvWhV52m9-03FJ9glfiwhQosL0D2Crwk0o9Wvx4HgCFWZqGt5plOicJ4mGTG3SaQ56TQ7kEIlY_BtnkpuLuk9a0qUem8oKH3ZCTWp0vydDITFCwLnXdz68gH5PaLqrwn8xfqTMNsgEWotwP2AAVCjn8wL0ECV0v2aDJUzDzfIERxdmVr9su4fEgGEEqpo3_NhV37cOexj0YTjbgZ-YLMud5ve8UPl1MaYpp_vHLhTaidGlib2_BFtw4hLmoVICWb-iTDd9lOgTmsXYE3L3oIfUloqsYuNc5fPzdp3qK3tCrtAyUqDFfSNlRwexomJ9MRmZ9OSLSOsTD1JNmIl6A0xZySw-rG4FHMtjjmaJFRJ-ONIq7M1r7gZtcQfMlYz5C8xjnEz17-aeWnlAaDNscUIlwAHarLsbiEYVel9zLIUb_Y6nMZ3LwAOxDiO9G3jlWFEuDG0lqRK8_DSn0ANQyA6Wu6w7SQC7Zqsta3g2hFHU2t0WsMAuW9LOrdwum_uh9P1aCr113tM4alFWAyTe9giQGqh8LKsbkOSbxIjPTipynZj7uRkxPm53WUTjyYEn--rZ0J8mPCPRs0QIAN8VJZMyCWYtxrgle8lIXY0dSpvINmbrXqGOTnARYK0tMUg_FvRzaaDjVrqbxIsNF4Q5Flt7Ojlb63REHeay8lXrRPWsr7LX8MddTpUoO9-LjfXi2WynFcVsVdmFPxXJV5TLcqoIXCgbQZqg23QfD_lsdzxVQyvdowIsUSubIgVAWx6q_-D9LlyNob5lOjaL-k4vJPAIbbbptX9s2-d8g43a0URxSsypkcwUjUvhbYS6-LbOz-5y4lVjwjQmw3R01-OyRpvLbYz3DefuWKYUxB3rMqgIqhqi0Xje67y44UkiH2hoayb4JFOioRrHK0xliyOSx9VZiV4LRZ45mwbfe-QFARua1czVjNDXcp80I8oLxIR9-HKVGQ9jsYsK6ElPST7Y_-KQZ3LlhHl5aiRuGJou9_Fyrwk2EEymfduU7Xm18A3G99xQHErK6C47ZXJo0l20ZOONAmMScY9b0HHDf2gTklAzdSK7x2gEseNCa0PKvVANpV_EVKelQcdUhHfTWQkU-KRRgfPSAdteHVZ-iKiQvUHRfJ82ajGv0OE61I4_QSkKBiMRAxbT5ZkYRM6xU4Y1eAmp9320QBjGIwXdmuXLLJUvUUN08b8-JuKdu3P7AzXdPR_KAPtIETThc2CMkSJ7tDmy0dSStH4SJ3bvTv_MPxWjqGZf6xXmOsHHvf7v11-nLNJ39nF8Ukgwwse_vZfWwfmGOP00PFKqaX0V5Via7IPS_tSOmpytY0wcGA0yfY4Dy94er871Dc6hAHzNY-Ro7CHg9NviSv7tV_b6ncvDAoEKQcikz2zfu6UaMtGXr1f2ZrvKCYgGfbLnKbCz3EF8-m6VosVuJItm5Y1PpTLPsvKqo7dMkHYxtDxWf0qP9oDZg4dJJVv37I4EhJv4Kp_Bq8X63mhuVrQOp2uhDy2RaboYWOm8PUPAlaHmIQIMK_rdMphal3LYuxBsOvyQxYCFm6Y5ltajzuTiXNLTEeP3OHxdVTzzkk0_s2x2E6p_MTiFJTuV2RM3vycECUAK8dFTI3m-eRTjxcvfS2A5j-Im5e7S7TXhgngZZqYkrDnhOhSvQFtlwG7HQST2sgW3bv1Q1-F6zNv84zreGqs9U88OWO2VMUD8EaksRhZ-_zEFwdEGk2mILE6QKc-e-906B6LP7F29iJtTJ8XEreIuVpUh-XdHAj0msOL0oGYtMXLANSZf76f6lmepSnLhRscco5fGxHP0CgwfgPRHT1H1tOOiZiNLQRQIMUPlMkqOLZO3XnhKUj8vHytpIH1XyS8XmYo8bXu_RK2gqsKrX1TTA&pr=8%3AD2AA1ED61C52301E&cid=CAASBORo7Yg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=6614179299645162000&adk=4144141728&idt=89&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
21952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:58:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4640 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvdjB0o0LmcX8WdBtErCpPIrMbpAWpedmWDgU7GWSbe-XLPTaopHI-eSaxE4HO3FyVSCLJQa2B3epMt6tKu5vx5TfjY0OvdXLohzyzqxqshhC9SdNlqStdCz3DX8fWTXzQv7HMn6kMWIs1ewRYoffY3tPN5KHF9K_DREsUmti_yIMQitbDOWizZBQgveKXZNgKxUtC7noSoYBLVyPotFmSlNWZRw5JcCQGD_1PvUmCbgW8swE1SFGt2VSOCfbAb2pTEIkgWnzZ3b3sdbcWEkvW8JqTy9-PzQ8jMYrZNZ_PZtCsEVI97NIzuz3B0EGd5jc_mB0fPZYOmLD_61bIaZ_cBBI8gf84k2Nwc-MqQ-H9UeWy6qJbaijeWJeSLTjX0ncCikxR0knph4KOA27W54T-VEIDvgvEkfgzMcTpgCoEd7nd9LhYrudynZ6Z7UAPf6DNCeR-6CODMI09KwZae41KUub05Bgsd0MjTl5ChG6ZEUUHb5AH_VRwgI6zYIYuRksWut2qP8djtIK3Hu3JhXctiddnHhqDX2JjiWlhfbj1fk_mEYk1rFdX6rohmb0_FCauC3BWGbpX8tTiblLTCTi5DXQbGjxJqTCALC9isuzrd8NxBD0y5hMoR4lclmd8d_-Kpun7A_81lUHvZtrN8OBDfWRuvNXnDZEUB-6xaUWWB0w6EaJEGcNfwGa3YkDBwQ32sh4I5qj6-TjHikkBJKiu1NoOnNHTLw0qc0WgeXTP1oa2kN90R3ZD0WWPbN1lJlVxBkbsbhN0ZaGxhdol8f4iyKOc9KpnReXvCqcgrD5VWwSpF5KmGT66AbMEh0Qpds2IHLGu74p_NtnXkAOhC3LXDIaqqwFPlnv-WMaV28N7PY5sbjbiY9IYFm-S0HDpuuc8PeVFM8NV0kMecP-xDZM_-Q1rV2NaL5srGEGkrFNfid9_l47tkT1sI4BEWVek1jiJMxt38dtfokksCWJDk2phk-aTCJRiT7ehYdv2LKExlEKERXIzO6SI8L4IxbYqEhl2iRKvNIWgXbCu0jloWnoR7BW21AsUkHUMzjWfFFXVM6CvD8QYba5zcc4PcFYSNxu6zTt3m9NQkl9SHSKsdX6tw-tI6YJ-NKGPzSwyW38WLkDjoudGm62wtih2c0WYKVdFrU1TMTrew035qG5IIiiSbjaBStDHIufA4Fak2qsz8PwrpcSC68MxJe0ITeLa31k&sai=AMfl-YRrVLZr5cY6x22EvE_XKASSp48YbDwrrN7jz8xYb7q2XVvav8kQ8kFtKSXOL_k2bu3pID59YJIQT3zTJn4fz66gYxYagEIiCvVEPAgkpf2lcoLtpaEIjy-uR8vttk4O033OMUbPnQ&sig=Cg0ArKJSzL76dboWqDlDEAE&uach_m=[UACH]&pr=8:D2AA1ED61C52301E&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221206.39579&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcrFq-kBD8GY52spX3smPHYVAMjp1_kRDDPHgw7ByEgCSk_am1PECyABtgqWS5SI99B53XgOdJYZUdz5XUYnJEWiGJaomh_gU8Bl0PVoFI1T10MahWDZ7bn4sR-Kxw6w0dUS77c2qWRpgiZ6neYUrB2QazmzshqPl-lXmZwdZJE5LJfQk&dbm_d=AKAmf-Bh369kROoCp4WGjJT6R9EFQg6ozjeObgBBTwuTXZZpT51HESni_fWKL3ivoVLcFKBlKcyg7eikvbHmziVUr3Q70tNJhSKrsgNxaaLuBX5ZByp5D9HzPzIIG2sqmZJc0aWG1zU4QBcdtMOd2dw-rgowSsJZURxe_-cdTkF_PWAQAEvxpdLMpLdV9jAuc_jWQCp9acNtywF6hJLVnFRbPSLpBeX8WICAvdB-AqF9msHBXCCPHpDP5fy-ETlsR9iUdgbTxebbaDMiiRBpLqBfeQQSa_IiZ_SsYSj-SLyaSHcJnyCDc3ArDVGXqJW3clFB606XJYtFa8ndZTgGteZ4XKIxOz8LfG6sNKFpe63VuUVu5Urr0oo0uOBDTrUsOgOrAhlFxBFO-ZcZDMLClVa4fNSHoOTbL_fKkXo65M4QkZMbQNV6IyW7LRaLJzRdLcvCMQWhG-QwdxPsd3AFHhNXVyMae2OmtvtIGwPulGCiDRPwTKE0mj9Nrll_vtnF8tJemUpGv5DQiTNxvMtJtZLbjqEkD_HXy7Ipmeytvh6rgkbUYPN7Ua9OGvmoqyvpLOyq6HyAOpu4C8lwad08z8LpeLaiGR2UJsywSjjxoAkupXuwjinYoY0xTDqD-iSNaiuq4PE9d4FdTMUcQ1Kauh_VqDraaI9LLy6Z_VLMJvwq1YqPnD0jx6MP-4lQ9vQvP-rna5qlsE63fLRiUN4Ci9SxcOu8haMH_2yol7Tf2NLVN2btYaQ15FzkXw3I1GZEuvb4OF01hDlEh6yNiqFb3iQcyC79PAQcvh9Xy1M_dRF9uwYw1xF7o6Og4SMzuTfKKyrZOoaROs_x0w7Ml7IWOPkAzd1ldYGWZ4EOzm6ZgJR468qW_4H9NuUQ37Nrtpo0Gial0u1BRpNCzMFJ22la0FKmtC0J-aS7JLQeNdu3s6Hu5dGnLfwPunkGmTYQNK0nvP8oQoHEl_lguwna6QGePgVIUc47VRs6SYmwLYVFnpe5MeUOs_lplqDSnk09j63dgnND17brpT_B7iFBYeI9pRJk-umXH7t6hzDyBkqCBW8j65hMR8eXqUHn6exrrBzfhwj4UQ5kPHTQb7vWC68HtC1wV3lXA3weWHuVsa6Nrl3CWELBWyeieI1WOjK7Q0KBj_uWS_Oryu1kuUdoNFFTp7sCryWf204Wph36aON_8frWUm1B4ZuuoG1c7bDhqE5qPfY77m5frI1OKtIgHeAHGk-wBychfuSOVB2J7PllsMM4j5CtQAfxKFTYzCh-uVHgvWhV52m9-03FJ9glfiwhQosL0D2Crwk0o9Wvx4HgCFWZqGt5plOicJ4mGTG3SaQ56TQ7kEIlY_BtnkpuLuk9a0qUem8oKH3ZCTWp0vydDITFCwLnXdz68gH5PaLqrwn8xfqTMNsgEWotwP2AAVCjn8wL0ECV0v2aDJUzDzfIERxdmVr9su4fEgGEEqpo3_NhV37cOexj0YTjbgZ-YLMud5ve8UPl1MaYpp_vHLhTaidGlib2_BFtw4hLmoVICWb-iTDd9lOgTmsXYE3L3oIfUloqsYuNc5fPzdp3qK3tCrtAyUqDFfSNlRwexomJ9MRmZ9OSLSOsTD1JNmIl6A0xZySw-rG4FHMtjjmaJFRJ-ONIq7M1r7gZtcQfMlYz5C8xjnEz17-aeWnlAaDNscUIlwAHarLsbiEYVel9zLIUb_Y6nMZ3LwAOxDiO9G3jlWFEuDG0lqRK8_DSn0ANQyA6Wu6w7SQC7Zqsta3g2hFHU2t0WsMAuW9LOrdwum_uh9P1aCr113tM4alFWAyTe9giQGqh8LKsbkOSbxIjPTipynZj7uRkxPm53WUTjyYEn--rZ0J8mPCPRs0QIAN8VJZMyCWYtxrgle8lIXY0dSpvINmbrXqGOTnARYK0tMUg_FvRzaaDjVrqbxIsNF4Q5Flt7Ojlb63REHeay8lXrRPWsr7LX8MddTpUoO9-LjfXi2WynFcVsVdmFPxXJV5TLcqoIXCgbQZqg23QfD_lsdzxVQyvdowIsUSubIgVAWx6q_-D9LlyNob5lOjaL-k4vJPAIbbbptX9s2-d8g43a0URxSsypkcwUjUvhbYS6-LbOz-5y4lVjwjQmw3R01-OyRpvLbYz3DefuWKYUxB3rMqgIqhqi0Xje67y44UkiH2hoayb4JFOioRrHK0xliyOSx9VZiV4LRZ45mwbfe-QFARua1czVjNDXcp80I8oLxIR9-HKVGQ9jsYsK6ElPST7Y_-KQZ3LlhHl5aiRuGJou9_Fyrwk2EEymfduU7Xm18A3G99xQHErK6C47ZXJo0l20ZOONAmMScY9b0HHDf2gTklAzdSK7x2gEseNCa0PKvVANpV_EVKelQcdUhHfTWQkU-KRRgfPSAdteHVZ-iKiQvUHRfJ82ajGv0OE61I4_QSkKBiMRAxbT5ZkYRM6xU4Y1eAmp9320QBjGIwXdmuXLLJUvUUN08b8-JuKdu3P7AzXdPR_KAPtIETThc2CMkSJ7tDmy0dSStH4SJ3bvTv_MPxWjqGZf6xXmOsHHvf7v11-nLNJ39nF8Ukgwwse_vZfWwfmGOP00PFKqaX0V5Via7IPS_tSOmpytY0wcGA0yfY4Dy94er871Dc6hAHzNY-Ro7CHg9NviSv7tV_b6ncvDAoEKQcikz2zfu6UaMtGXr1f2ZrvKCYgGfbLnKbCz3EF8-m6VosVuJItm5Y1PpTLPsvKqo7dMkHYxtDxWf0qP9oDZg4dJJVv37I4EhJv4Kp_Bq8X63mhuVrQOp2uhDy2RaboYWOm8PUPAlaHmIQIMK_rdMphal3LYuxBsOvyQxYCFm6Y5ltajzuTiXNLTEeP3OHxdVTzzkk0_s2x2E6p_MTiFJTuV2RM3vycECUAK8dFTI3m-eRTjxcvfS2A5j-Im5e7S7TXhgngZZqYkrDnhOhSvQFtlwG7HQST2sgW3bv1Q1-F6zNv84zreGqs9U88OWO2VMUD8EaksRhZ-_zEFwdEGk2mILE6QKc-e-906B6LP7F29iJtTJ8XEreIuVpUh-XdHAj0msOL0oGYtMXLANSZf76f6lmepSnLhRscco5fGxHP0CgwfgPRHT1H1tOOiZiNLQRQIMUPlMkqOLZO3XnhKUj8vHytpIH1XyS8XmYo8bXu_RK2gqsKrX1TTA&pr=8%3AD2AA1ED61C52301E&cid=CAASBORo7Yg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=6614179299645162000&adk=4144141728&idt=89&cac=0&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 10 Dec 2022 01:04:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:11 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4640 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcrFq-kBD8GY52spX3smPHYVAMjp1_kRDDPHgw7ByEgCSk_am1PECyABtgqWS5SI99B53XgOdJYZUdz5XUYnJEWiGJaomh_gU8Bl0PVoFI1T10MahWDZ7bn4sR-Kxw6w0dUS77c2qWRpgiZ6neYUrB2QazmzshqPl-lXmZwdZJE5LJfQk&dbm_d=AKAmf-Bh369kROoCp4WGjJT6R9EFQg6ozjeObgBBTwuTXZZpT51HESni_fWKL3ivoVLcFKBlKcyg7eikvbHmziVUr3Q70tNJhSKrsgNxaaLuBX5ZByp5D9HzPzIIG2sqmZJc0aWG1zU4QBcdtMOd2dw-rgowSsJZURxe_-cdTkF_PWAQAEvxpdLMpLdV9jAuc_jWQCp9acNtywF6hJLVnFRbPSLpBeX8WICAvdB-AqF9msHBXCCPHpDP5fy-ETlsR9iUdgbTxebbaDMiiRBpLqBfeQQSa_IiZ_SsYSj-SLyaSHcJnyCDc3ArDVGXqJW3clFB606XJYtFa8ndZTgGteZ4XKIxOz8LfG6sNKFpe63VuUVu5Urr0oo0uOBDTrUsOgOrAhlFxBFO-ZcZDMLClVa4fNSHoOTbL_fKkXo65M4QkZMbQNV6IyW7LRaLJzRdLcvCMQWhG-QwdxPsd3AFHhNXVyMae2OmtvtIGwPulGCiDRPwTKE0mj9Nrll_vtnF8tJemUpGv5DQiTNxvMtJtZLbjqEkD_HXy7Ipmeytvh6rgkbUYPN7Ua9OGvmoqyvpLOyq6HyAOpu4C8lwad08z8LpeLaiGR2UJsywSjjxoAkupXuwjinYoY0xTDqD-iSNaiuq4PE9d4FdTMUcQ1Kauh_VqDraaI9LLy6Z_VLMJvwq1YqPnD0jx6MP-4lQ9vQvP-rna5qlsE63fLRiUN4Ci9SxcOu8haMH_2yol7Tf2NLVN2btYaQ15FzkXw3I1GZEuvb4OF01hDlEh6yNiqFb3iQcyC79PAQcvh9Xy1M_dRF9uwYw1xF7o6Og4SMzuTfKKyrZOoaROs_x0w7Ml7IWOPkAzd1ldYGWZ4EOzm6ZgJR468qW_4H9NuUQ37Nrtpo0Gial0u1BRpNCzMFJ22la0FKmtC0J-aS7JLQeNdu3s6Hu5dGnLfwPunkGmTYQNK0nvP8oQoHEl_lguwna6QGePgVIUc47VRs6SYmwLYVFnpe5MeUOs_lplqDSnk09j63dgnND17brpT_B7iFBYeI9pRJk-umXH7t6hzDyBkqCBW8j65hMR8eXqUHn6exrrBzfhwj4UQ5kPHTQb7vWC68HtC1wV3lXA3weWHuVsa6Nrl3CWELBWyeieI1WOjK7Q0KBj_uWS_Oryu1kuUdoNFFTp7sCryWf204Wph36aON_8frWUm1B4ZuuoG1c7bDhqE5qPfY77m5frI1OKtIgHeAHGk-wBychfuSOVB2J7PllsMM4j5CtQAfxKFTYzCh-uVHgvWhV52m9-03FJ9glfiwhQosL0D2Crwk0o9Wvx4HgCFWZqGt5plOicJ4mGTG3SaQ56TQ7kEIlY_BtnkpuLuk9a0qUem8oKH3ZCTWp0vydDITFCwLnXdz68gH5PaLqrwn8xfqTMNsgEWotwP2AAVCjn8wL0ECV0v2aDJUzDzfIERxdmVr9su4fEgGEEqpo3_NhV37cOexj0YTjbgZ-YLMud5ve8UPl1MaYpp_vHLhTaidGlib2_BFtw4hLmoVICWb-iTDd9lOgTmsXYE3L3oIfUloqsYuNc5fPzdp3qK3tCrtAyUqDFfSNlRwexomJ9MRmZ9OSLSOsTD1JNmIl6A0xZySw-rG4FHMtjjmaJFRJ-ONIq7M1r7gZtcQfMlYz5C8xjnEz17-aeWnlAaDNscUIlwAHarLsbiEYVel9zLIUb_Y6nMZ3LwAOxDiO9G3jlWFEuDG0lqRK8_DSn0ANQyA6Wu6w7SQC7Zqsta3g2hFHU2t0WsMAuW9LOrdwum_uh9P1aCr113tM4alFWAyTe9giQGqh8LKsbkOSbxIjPTipynZj7uRkxPm53WUTjyYEn--rZ0J8mPCPRs0QIAN8VJZMyCWYtxrgle8lIXY0dSpvINmbrXqGOTnARYK0tMUg_FvRzaaDjVrqbxIsNF4Q5Flt7Ojlb63REHeay8lXrRPWsr7LX8MddTpUoO9-LjfXi2WynFcVsVdmFPxXJV5TLcqoIXCgbQZqg23QfD_lsdzxVQyvdowIsUSubIgVAWx6q_-D9LlyNob5lOjaL-k4vJPAIbbbptX9s2-d8g43a0URxSsypkcwUjUvhbYS6-LbOz-5y4lVjwjQmw3R01-OyRpvLbYz3DefuWKYUxB3rMqgIqhqi0Xje67y44UkiH2hoayb4JFOioRrHK0xliyOSx9VZiV4LRZ45mwbfe-QFARua1czVjNDXcp80I8oLxIR9-HKVGQ9jsYsK6ElPST7Y_-KQZ3LlhHl5aiRuGJou9_Fyrwk2EEymfduU7Xm18A3G99xQHErK6C47ZXJo0l20ZOONAmMScY9b0HHDf2gTklAzdSK7x2gEseNCa0PKvVANpV_EVKelQcdUhHfTWQkU-KRRgfPSAdteHVZ-iKiQvUHRfJ82ajGv0OE61I4_QSkKBiMRAxbT5ZkYRM6xU4Y1eAmp9320QBjGIwXdmuXLLJUvUUN08b8-JuKdu3P7AzXdPR_KAPtIETThc2CMkSJ7tDmy0dSStH4SJ3bvTv_MPxWjqGZf6xXmOsHHvf7v11-nLNJ39nF8Ukgwwse_vZfWwfmGOP00PFKqaX0V5Via7IPS_tSOmpytY0wcGA0yfY4Dy94er871Dc6hAHzNY-Ro7CHg9NviSv7tV_b6ncvDAoEKQcikz2zfu6UaMtGXr1f2ZrvKCYgGfbLnKbCz3EF8-m6VosVuJItm5Y1PpTLPsvKqo7dMkHYxtDxWf0qP9oDZg4dJJVv37I4EhJv4Kp_Bq8X63mhuVrQOp2uhDy2RaboYWOm8PUPAlaHmIQIMK_rdMphal3LYuxBsOvyQxYCFm6Y5ltajzuTiXNLTEeP3OHxdVTzzkk0_s2x2E6p_MTiFJTuV2RM3vycECUAK8dFTI3m-eRTjxcvfS2A5j-Im5e7S7TXhgngZZqYkrDnhOhSvQFtlwG7HQST2sgW3bv1Q1-F6zNv84zreGqs9U88OWO2VMUD8EaksRhZ-_zEFwdEGk2mILE6QKc-e-906B6LP7F29iJtTJ8XEreIuVpUh-XdHAj0msOL0oGYtMXLANSZf76f6lmepSnLhRscco5fGxHP0CgwfgPRHT1H1tOOiZiNLQRQIMUPlMkqOLZO3XnhKUj8vHytpIH1XyS8XmYo8bXu_RK2gqsKrX1TTA&pr=8%3AD2AA1ED61C52301E&cid=CAASBORo7Yg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=6614179299645162000&adk=4144141728&idt=89&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 07:06:25 GMT
13535860408919737569
s0.2mdn.net/simgad/ Frame 4640 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13535860408919737569
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c263200d38a81c6b1a196bd36fa33b084ca93f6966c8dcebd364bfd10e6bedf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 16:22:52 GMT
x-content-type-options
nosniff
age
290479
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81643
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 15:51:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Dec 2023 16:22:52 GMT
rum
dsum-sec.casalemedia.com/ Frame A10B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGL3gzdsBMAE&v=APEucNXytruq_vPeBT2kH6D8oC-Umf9CBmnDaqgiEcKx5CUbzGWQGg38guaRhVB7GOL6zdbZ1EMXVI4dwPZ3DA3HfH3FKVypGN1pw2Fglq6LLRZMHzLJtNI5IoQBu02VWc2l2hPZKlB-6hZbI6OjxWAnFwBB5nruSTpleW41-mE25R0RTi3cA7U
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame A10B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5PbC9RdFZhuTg-R4CxyqQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGL3gzdsBMAE&v=APEucNXytruq_vPeBT2kH6D8oC-Umf9CBmnDaqgiEcKx5CUbzGWQGg38guaRhVB7GOL6zdbZ1EMXVI4dwPZ3DA3HfH3FKVypGN1pw2Fglq6LLRZMHzLJtNI5IoQBu02VWc2l2hPZKlB-6hZbI6OjxWAnFwBB5nruSTpleW41-mE25R0RTi3cA7U
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ6XN2cERd4LbXFFi_559w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A10B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAa8BvyklDlN4pqU-EX9i5g&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAa8BvyklDlN4pqU-EX9i5g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGL3gzdsBMAE&v=APEucNXytruq_vPeBT2kH6D8oC-Umf9CBmnDaqgiEcKx5CUbzGWQGg38guaRhVB7GOL6zdbZ1EMXVI4dwPZ3DA3HfH3FKVypGN1pw2Fglq6LLRZMHzLJtNI5IoQBu02VWc2l2hPZKlB-6hZbI6OjxWAnFwBB5nruSTpleW41-mE25R0RTi3cA7U
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:12 GMT
AN-X-Request-Uuid
a42771e3-e9e7-41f7-8b24-ba8cc12b7935
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAa8BvyklDlN4pqU-EX9i5g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A10B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3OTUyODY2MzQzODY5MjE4Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3OTUyODY2MzQzODY5MjE4Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEMDLzegCGL3gzdsBMAE&v=APEucNXytruq_vPeBT2kH6D8oC-Umf9CBmnDaqgiEcKx5CUbzGWQGg38guaRhVB7GOL6zdbZ1EMXVI4dwPZ3DA3HfH3FKVypGN1pw2Fglq6LLRZMHzLJtNI5IoQBu02VWc2l2hPZKlB-6hZbI6OjxWAnFwBB5nruSTpleW41-mE25R0RTi3cA7U
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:12 GMT
AN-X-Request-Uuid
22a38d42-81f7-499c-b5ae-925bc4463482
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3OTUyODY2MzQzODY5MjE4Nw%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C63C 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Dec 2022 10:22:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame C63C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDZqcUx13AnnWBKW1xryxgNBiXYc4QPmY6k_Yv5hM_1f1FANaynGIeppEzdSvFOsNguKIUY4yYWhvuiIQLbuaoFKJUwCqFhvSHcbXW40mkXVu2fxWm4IF_QqErhzptKtLsODGtb93ugzIei_5AOT4Hq6yHxsKb8zwrzLkXv-PrG5o2SwU&dbm_d=AKAmf-A_3MEShMjyedEJU4rE00HIJ_jIK-ejbSGjobu8I8rmlajL9MeJpHi2fH2g-eJY71W_Y7Fuu0M1B6mvp-XY5zj8-lApuBWIzvgMaQUgDyHHTg2Ti-HyUMMOcZPGWKiAi_N_foxS-zk4HgpIyd3QOrO4bIVgv-aVbjB6hc744oFYFNja9uEZo6lL1HrSJKoUyD6obSYCKDIBTAYsLOLxiac-j2t9XJ07SieueTCJM7Ej7A1hJLiw9xFtqs9bvfxLrZgFyCfL5Y0UYmSzuquT54Z-RrPsJyj4pwfuCElsNt-Ii75P39-tyfh2U2LNYdlADHWQgrUQppebQITSaNMh7FqeWlfeWHcS9ZYRNeZ8PMHyS1wGbHRB4A4nkHnyTNDf7CRy3-H_Qnd37FQMMgBpKof2CrAvZbRMQgtCshyNmOSYPmXLD5XsayZI04vjpudn1aw-dyBPJWs0rPqyk17Lh-IRq3RyulyLYQ6hsTK475BIGYHujz-BUZLe-ro1bYu_hXVe7blR9cxtnbDJce6crPCteZEXD0GgV8tvLb-kKk9nyrIUSo-l-rB2qbQdIWQv4mmRg0shoiTOK-9Mo8k0jMHwzMh56j_RU90KccSqFKDmG7MsXZo9IBVtRzL4_gqvADCKmfhrSFwlF9FkD4XpHvBOSeCO8dj0JnQJMpsqVWmQSAgMqtaIFFsTVWiCY9jLKuieA7VVx4BTL_BwKeqOcNjlOjHngGlyeVRrEMjCL2HeliVPvmtx-oYRGuTJWyw8oItULe6YLrfIYUL4wAAyFVxmGZeo1I_G4Tiei7WyZliSo4whdrRnpPg4TLcDd5Ni_C2jNV9jSjPlR_CiNPNkQL93SLsFPlbt0zdBhIckvg1hUb5Vq4KLY2Py48vpaQw7OJkAlzk4eb-N9K9hZML7wy8ifuBk7dfjwtnzZ4WneXQZheYNK1ZvC04Z9mJulY9kWeQSCxj-aT1RuRM6IxYfiu1RF1UQjmNmAnRz3hUhmSp64DD2TDERbwpss3REVOEd33jwAXDcfkfIv0xp1i72t2fROkBNRvKnq7KtIqAZ8rrq2352sjTTZt1katmySEGL5Bx70KB5V5-zizKLuY7-O6YAAT5lvg4TOdG2lUriJWxKjwTYJ79R8uqPauKSFzgLaDV9anwTANxNy8LlQC8B7SMmtgRIvyvX_C4E6iZZD62Wed09AbZnwu-xLtG4brlE2CYq8b8unPskvkYx1_uWmILtMGbMgXoa0ZpQ3KkTUE6tpuG5cVz2M6Hn7TzX3iMOKX60lAQKT8GziqZYZqY07nB92NBbqXePWDGnZMOoHjeBkz6sHreDlkhZGXAJjo8zhx5hhWeYfjg1bW_485U56WHfL_DRpKv8mJ9R8nMUl2oKu5sIzHTeVE3w4T6GgRY38ChPpduzxvg5i91G0SwIcJhhdg1E254AG15ZhoAMYEAXmcl6w2D3D_ofn6XkGzGdNIsdsykDTenoiEgGwska_xng8wI_Xko6LWshGmt3fkJVZyRfiWeNrI_TtB6gUfU0TKB_2n1eSvNU9SFfjGwgj8ZalOIgZbF-tJ3h_TPCifvA702KCUOJxzw6Yjkh6zqPrQqDrI9F_iVfLO3bVyBC0AYpnBuS8qRe1e-Jaa5bhHlBmk0ScSIRNPxxkTj7ati7bcOeA0BLZhRa9Ly76ZNgMm5FTJh1mOLormmUMiAI5XpU7t1uwtQ-yEiZT2vVetIesKLK90RaqH5IWPZYMIfD_hrHadbkL8s4jx0KkNkuFaYtd5ukoSIT_C-pcbiWgAaqtBrdUFNi9QD4snOX42ah2iaK9hkSSDUx2lFwyntePFkAL2iGYcFDs1hp62romcehocTbgLTp6T2xsxElXDdUoD3zs29OBt9f-M3NjbUN0XWyjjyxW_DChzPmNcnjQ9GMoRA9O7PqKhciBpLy8RvE-E9inhYuXbgS-qMS3idaZ4e6mOuzve_EPN40A3qGzUhV-tmIKOTrW3evK8_2y7VypvR0vF-fbJMMaoc0wAHtDCxWulLhN_l9y3E2gxxejsDPjEAS3s04j6R5xepFKMKFgGRRAN-la94HI4ZRpVnoYSXEXidBFsyzPTJ0eTKLSZssXpsoDZv-eNeUYPuHW6CRv5DEDYUywFVeeNQzlmi1pea0ycxDzvydcx17Owg7IT8Ue_-iIIfQJu5Cg0jRwzNIzeWxaZ5xCCnW7o-EtQrut_eaxLbGRCnmCuh1L3u5vAIzy4Y1tPVZmkf48atMIZsAKGGhV1oU9U3nDuQq_ojXJO2-bdZbBYksbl4RVewJi94YCv-M07pMgI209haQ-TgcyiBryOTCa8Q-Vd6h-XChehHtRph0oLWIlv7rFwKbk90mEqsux9tTAjrJqQSdMW9ihV98K4wehYUtENRARLxHqEQ3FhmwLqUpJkmXjAprtJOOwFGrleqNpDya8LDxUq5Gcwx-YWnswUYIQtXFUQAXncpU4wdD51648rlNyT_wrznGh2KeD7gJxwOfyZeosgwX0AY5iEWBHxvXZDpTkCu7Yn5OCQ6wBvVkdJnqcDIJdGrSt6PIRtsaROz4ZEb31T4bwujREj5NK3tu0wlLm_ksh7hQfERZoUxzo6u8AXLF55VWEKNL_escYI49ITGpRfFMTnzOE7jTX4iH-U2NEU6OryzpTf-pPfK36dGVygjAlokqnJNutfECbLTBvL3LDRP_IKa15gGgVFHdKjQPGCE65LhvJ72esBwmhMIXb_UOvj2JYg-byOiuxsmpcx9eMbxZIQPvxUbW3ddS2HXrygqmdBtSp7vYdMvjZxCq2ZbqPb_pK37yHz8fENIWHtk9ZDVgcyh_-kHJPKyh6PomskR5LqlRiPZ1cyorVw_0quKBGDMYj6Nv12ylHZC2ZkQ7U5A2IYQITmbTbFXY3MDIMf4xFctGJ5qjqb-JKsDc_RF0cm8lz6dSQiqhQ-3hL6layEjLyD4bQ-h_KoNyK_YGQvMrnwONqXOVgdYOcWXUBdaaU8HlxWNUHabdEs-J2cTtodI_idJO3UJVq5h7JHDBateIZGVP8J188dR5ljiUhwZWomFlITC9DtzFnFw0C3TcSzm5SrLUve5wwa7xJUqh-8CngdCZEjaAO6CMPyHVzQNHOvwIqHohG0dlBG4exbDZWnNXpanMgWqsXc-BDxG69QxD04UlNLXug05IvC-YBSV9KcBgtpSbJNXuafsejBslhYypTpf6wrU-IOwhnWsShia7A3rVOLuFSmeDdwPpVRku9sf34Pg1FV_cgj7kpLzQUKFh2XcGdoreTYzpEn8fUUgYMC0xADZVHTnLViVxeV71gqBVra40qhGW0I0qJnq1c_4aP58MgVwpudMcsCS_wDhRMjbcKdplIEp_gaMZpHdDUpkMknlUMxvZ7aJLgN-R9ivfdtAUa4FVzDPxYoYultYy9XwngAV45jRs8BPEdkgktu35LYDkcXH-D_0ZdJyk-wqBADusFzF8JNWhGfemd7ovdnUez7v0OdY&pr=8%3A342EFD77EE6CFDBD&cid=CAQSMgDq26N9kgAwDXOmse4NTZ_cFbkr0JVddEWsZIpScp_KGtxUIzMkFBrsq13UM0B6ZXVwGAEgCg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=10056946384595310000&adk=4042653751&idt=109&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
21952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:58:19 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame C63C 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDZqcUx13AnnWBKW1xryxgNBiXYc4QPmY6k_Yv5hM_1f1FANaynGIeppEzdSvFOsNguKIUY4yYWhvuiIQLbuaoFKJUwCqFhvSHcbXW40mkXVu2fxWm4IF_QqErhzptKtLsODGtb93ugzIei_5AOT4Hq6yHxsKb8zwrzLkXv-PrG5o2SwU&dbm_d=AKAmf-A_3MEShMjyedEJU4rE00HIJ_jIK-ejbSGjobu8I8rmlajL9MeJpHi2fH2g-eJY71W_Y7Fuu0M1B6mvp-XY5zj8-lApuBWIzvgMaQUgDyHHTg2Ti-HyUMMOcZPGWKiAi_N_foxS-zk4HgpIyd3QOrO4bIVgv-aVbjB6hc744oFYFNja9uEZo6lL1HrSJKoUyD6obSYCKDIBTAYsLOLxiac-j2t9XJ07SieueTCJM7Ej7A1hJLiw9xFtqs9bvfxLrZgFyCfL5Y0UYmSzuquT54Z-RrPsJyj4pwfuCElsNt-Ii75P39-tyfh2U2LNYdlADHWQgrUQppebQITSaNMh7FqeWlfeWHcS9ZYRNeZ8PMHyS1wGbHRB4A4nkHnyTNDf7CRy3-H_Qnd37FQMMgBpKof2CrAvZbRMQgtCshyNmOSYPmXLD5XsayZI04vjpudn1aw-dyBPJWs0rPqyk17Lh-IRq3RyulyLYQ6hsTK475BIGYHujz-BUZLe-ro1bYu_hXVe7blR9cxtnbDJce6crPCteZEXD0GgV8tvLb-kKk9nyrIUSo-l-rB2qbQdIWQv4mmRg0shoiTOK-9Mo8k0jMHwzMh56j_RU90KccSqFKDmG7MsXZo9IBVtRzL4_gqvADCKmfhrSFwlF9FkD4XpHvBOSeCO8dj0JnQJMpsqVWmQSAgMqtaIFFsTVWiCY9jLKuieA7VVx4BTL_BwKeqOcNjlOjHngGlyeVRrEMjCL2HeliVPvmtx-oYRGuTJWyw8oItULe6YLrfIYUL4wAAyFVxmGZeo1I_G4Tiei7WyZliSo4whdrRnpPg4TLcDd5Ni_C2jNV9jSjPlR_CiNPNkQL93SLsFPlbt0zdBhIckvg1hUb5Vq4KLY2Py48vpaQw7OJkAlzk4eb-N9K9hZML7wy8ifuBk7dfjwtnzZ4WneXQZheYNK1ZvC04Z9mJulY9kWeQSCxj-aT1RuRM6IxYfiu1RF1UQjmNmAnRz3hUhmSp64DD2TDERbwpss3REVOEd33jwAXDcfkfIv0xp1i72t2fROkBNRvKnq7KtIqAZ8rrq2352sjTTZt1katmySEGL5Bx70KB5V5-zizKLuY7-O6YAAT5lvg4TOdG2lUriJWxKjwTYJ79R8uqPauKSFzgLaDV9anwTANxNy8LlQC8B7SMmtgRIvyvX_C4E6iZZD62Wed09AbZnwu-xLtG4brlE2CYq8b8unPskvkYx1_uWmILtMGbMgXoa0ZpQ3KkTUE6tpuG5cVz2M6Hn7TzX3iMOKX60lAQKT8GziqZYZqY07nB92NBbqXePWDGnZMOoHjeBkz6sHreDlkhZGXAJjo8zhx5hhWeYfjg1bW_485U56WHfL_DRpKv8mJ9R8nMUl2oKu5sIzHTeVE3w4T6GgRY38ChPpduzxvg5i91G0SwIcJhhdg1E254AG15ZhoAMYEAXmcl6w2D3D_ofn6XkGzGdNIsdsykDTenoiEgGwska_xng8wI_Xko6LWshGmt3fkJVZyRfiWeNrI_TtB6gUfU0TKB_2n1eSvNU9SFfjGwgj8ZalOIgZbF-tJ3h_TPCifvA702KCUOJxzw6Yjkh6zqPrQqDrI9F_iVfLO3bVyBC0AYpnBuS8qRe1e-Jaa5bhHlBmk0ScSIRNPxxkTj7ati7bcOeA0BLZhRa9Ly76ZNgMm5FTJh1mOLormmUMiAI5XpU7t1uwtQ-yEiZT2vVetIesKLK90RaqH5IWPZYMIfD_hrHadbkL8s4jx0KkNkuFaYtd5ukoSIT_C-pcbiWgAaqtBrdUFNi9QD4snOX42ah2iaK9hkSSDUx2lFwyntePFkAL2iGYcFDs1hp62romcehocTbgLTp6T2xsxElXDdUoD3zs29OBt9f-M3NjbUN0XWyjjyxW_DChzPmNcnjQ9GMoRA9O7PqKhciBpLy8RvE-E9inhYuXbgS-qMS3idaZ4e6mOuzve_EPN40A3qGzUhV-tmIKOTrW3evK8_2y7VypvR0vF-fbJMMaoc0wAHtDCxWulLhN_l9y3E2gxxejsDPjEAS3s04j6R5xepFKMKFgGRRAN-la94HI4ZRpVnoYSXEXidBFsyzPTJ0eTKLSZssXpsoDZv-eNeUYPuHW6CRv5DEDYUywFVeeNQzlmi1pea0ycxDzvydcx17Owg7IT8Ue_-iIIfQJu5Cg0jRwzNIzeWxaZ5xCCnW7o-EtQrut_eaxLbGRCnmCuh1L3u5vAIzy4Y1tPVZmkf48atMIZsAKGGhV1oU9U3nDuQq_ojXJO2-bdZbBYksbl4RVewJi94YCv-M07pMgI209haQ-TgcyiBryOTCa8Q-Vd6h-XChehHtRph0oLWIlv7rFwKbk90mEqsux9tTAjrJqQSdMW9ihV98K4wehYUtENRARLxHqEQ3FhmwLqUpJkmXjAprtJOOwFGrleqNpDya8LDxUq5Gcwx-YWnswUYIQtXFUQAXncpU4wdD51648rlNyT_wrznGh2KeD7gJxwOfyZeosgwX0AY5iEWBHxvXZDpTkCu7Yn5OCQ6wBvVkdJnqcDIJdGrSt6PIRtsaROz4ZEb31T4bwujREj5NK3tu0wlLm_ksh7hQfERZoUxzo6u8AXLF55VWEKNL_escYI49ITGpRfFMTnzOE7jTX4iH-U2NEU6OryzpTf-pPfK36dGVygjAlokqnJNutfECbLTBvL3LDRP_IKa15gGgVFHdKjQPGCE65LhvJ72esBwmhMIXb_UOvj2JYg-byOiuxsmpcx9eMbxZIQPvxUbW3ddS2HXrygqmdBtSp7vYdMvjZxCq2ZbqPb_pK37yHz8fENIWHtk9ZDVgcyh_-kHJPKyh6PomskR5LqlRiPZ1cyorVw_0quKBGDMYj6Nv12ylHZC2ZkQ7U5A2IYQITmbTbFXY3MDIMf4xFctGJ5qjqb-JKsDc_RF0cm8lz6dSQiqhQ-3hL6layEjLyD4bQ-h_KoNyK_YGQvMrnwONqXOVgdYOcWXUBdaaU8HlxWNUHabdEs-J2cTtodI_idJO3UJVq5h7JHDBateIZGVP8J188dR5ljiUhwZWomFlITC9DtzFnFw0C3TcSzm5SrLUve5wwa7xJUqh-8CngdCZEjaAO6CMPyHVzQNHOvwIqHohG0dlBG4exbDZWnNXpanMgWqsXc-BDxG69QxD04UlNLXug05IvC-YBSV9KcBgtpSbJNXuafsejBslhYypTpf6wrU-IOwhnWsShia7A3rVOLuFSmeDdwPpVRku9sf34Pg1FV_cgj7kpLzQUKFh2XcGdoreTYzpEn8fUUgYMC0xADZVHTnLViVxeV71gqBVra40qhGW0I0qJnq1c_4aP58MgVwpudMcsCS_wDhRMjbcKdplIEp_gaMZpHdDUpkMknlUMxvZ7aJLgN-R9ivfdtAUa4FVzDPxYoYultYy9XwngAV45jRs8BPEdkgktu35LYDkcXH-D_0ZdJyk-wqBADusFzF8JNWhGfemd7ovdnUez7v0OdY&pr=8%3A342EFD77EE6CFDBD&cid=CAQSMgDq26N9kgAwDXOmse4NTZ_cFbkr0JVddEWsZIpScp_KGtxUIzMkFBrsq13UM0B6ZXVwGAEgCg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=10056946384595310000&adk=4042653751&idt=109&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
24666
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:13:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E15 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4329997009960&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E15 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4329997009960&version=m202209210101&ct=76&x=1&cor=253758944722563400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4E15 		64 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkWnl-YGmuQtLG-IANTFNLPYe-2eSgKe2lMDCZbe09DvyXhv6IMfPIgcYj6Gi4NN00l9c9Dz3MuyLZQYAqrFdSPotGsQ&cry=1&dbm_d=AKAmf-AEpG4WMLjZ_0RegVbbq-SiK4LIhoHnW11oN-V4cejjN76BnTg5NxmcpNDNIVXuYDEI9YypVngaJ_qWUiKbm44UY9wfBhcwl3gtEyXZFT5YvxKErP9AQO7wcV3XbMafU8gbC8ZfF_ghPriNNWPf_jylhBhfTWMws7GOjPN9g3kfuAR3Ut3MwqVsItmLXf56doxy6NpckTtpveYx0t2G5TaGurVaKtIZP3nnA3bd4YLbCG0qu7kkU2IXud79vi0L7uR_v9KOqaiHjbO9HsSXI3d6LeDra7toIV5u4wpV4oYWntGEL_DhtMbzkE43lE7h6VfJhHW30BrUMcSLxzlMD1PhkCIRAZFzzNjFmGyEnYGvADrmLejcqu4wUIcB5VGdbofvgVsPEmXPvfyimMg-zWGv0ZjJ8JIzw8mle6-YbRSIWuWjyoFZ77QBNOIDXUIIRqlpHw_5rT-1eIguwZA2lLaPA4EmnBdmNSHQhbDJPnmDLVqoW4bdth3mET37WLQYENjW6iC96HzeqxPILMF4JUQx3FHahPRkjMrv70PPyIVQUkohZ2Z2fQcydAKuzkWj7tTQb4NXyA3idL_qAxyTRVqk21zpfTvUN8-ZZlIttb7lqlOFO9OKiPMesTuJjmK0npPtQ-KMIjV_TFSR5bvBwLPbsW2nmr-wX41VKhN_J-YptMwx-hDK2sv9N4mb6JLw5r2DEXU5q1qAXl3GaADO-PSg2K3dvuaLctCuCZ2SXXwN2bl4ziw8xhh2c-gjHGhEB62s4Ycr7PgqBJ0fQeyzWz_X_vVY25lFOF8LRWqhwrbkoE0P8LayNQi0ldLRATGOpKFJCgPjXyNBytGImQ36H_sGZR7vLVsdq33tg07PUgFWoam7k68Z5ffc7y4zzpbukKgDL-zWPRZjg_fiC8wp1zUfSbpFet8H5M3Gcu45D8wBf5fHg0LMa_1F-OQ2cuh7AeseWjrGdHgUu_gQ7QZLw9jd-sRNA1ymQfjbH95AleO0w4tMhC9H0i5lFx1c2bJONPqyFDyqrVWeIcYSi2OtH4g1_PpSD0ijj16FlS5wUHymWxUh10QoYPgfJwCHK_PHK9ps5KwfVAw9upFYkeYj8GSUe0GRRgTBzXnugHhqHnRl8qkaexHoT-mpEae5MvMyy-7O4gdNXsaZ4UIE_3rJJjz41iQrKxgzb4j-mRTaoLyhfq4KmOMWdkOhgkjT7LG87RWMWYqbZM0cKGwAXlB1o3OvpZvaB2cXNFP1NC2Lg_IU3eYHqTywRp-AoqQd1m-26ynoW3cpIhOyT3nLzVrT84RcLfiECbx4EnJ7b0C_5r0zfUfbf4CJg9P30PQWGSEVM1TrXYBPGNmvsGY2N4H9hhaDYqMD6C2VH1NIUsZT_CUA_jXJR1rvJpZIJQXMHadzVODTUMzAz7MaWworoYIxIjMjr5J-bJtyIZ-4I98E8kQwjsMhdWfIx10EFUvoToY70hfs9MocVapUxbIgtK836ZX6fqNIw8AYap5b-fGNEBpfw4wtYdmg0D28eNEKikG8xl5SDNPDgqio-IIVLV9uYojc8xLq-nX9_ZA7oRb52eCyrSIDDMNLhep-n1qcrqx0KZl0zIHYUHVvgbm1oaTyMvaVOilDYXnnHTkEBtkFU-Ohk8l03QiFhBk-7epEjUIO092tzXnDTFJWb1v18VMtv7hP9tUAENf8bD-SJtLlJkhd78_o2bOqD8uRVUzI5BUbhVwwfhHkct9GApseS8h2Ei0c9WYLx38ZNmr3w_DHrGqizlLfluCNp5Ax3B9hhWiD41rfHyRD_t35-rxLCcBUWKiCqJr7PwoiKQYAG4CaqbSOF0Zmi9ShOBydinPmk1MbV5CLcRVLY4hFjBFZRHiwgXm0Rrgz6hHv7wJNg5JKvD4ZxzLBrlNCtsAkK4kn8CfVQUjdoc89GzwKIxVq4A1JI1T_S-2JmPD1v6klx76UwSSckbKPa8pO1o7vnuA1jejN2JJ-gLJTwx4hCza-hjiOCMF4eywiAKM0ullQ7iC13-IsY54bIpiriRglu4VRm71246J8MDRPDas4Sq7PE-yGX3LLFQe1MPVenKW9J68SktC7INRlF6BIQTwyiKh__vCxIllJQ5KiyANlUyhSKOHIPVFlL5XrxfStGK55id9wfuFuNQyZBP8e8MKRnt0I9GEUzIe2I6HhC8YNCmUtNlCx318O9c_08-JDdrKszATp40mlJY8_Fthj8UP7tD5msJOIx8P5PlPG2I72ZTKJwapxW2BhLNn8ah76J9Qrykwrez0UPy4Arsr0o7TcVjANREgurXklYgtoRLjoimJmtnNW3koy1yU4JQQnMrbjAzGKlafZKwaHe5P2Vqt5WLmsouLUf6MXUszzStG-fl5P2fFXdlc2veZaG7wolGSRGR2uPov8AmXCa7KdKQB-OXUUMTi69FIzrzHnK8ckOtWOHGZdD3gOHu2MrNxcPcfuLfgvQnzoO0YlxBRNzvu9I2cmrXW56wYxeJqngL7YTED6VG7MsYNsxAMaVVKWuwq2PMgQI-KCZznQZkV0yJ1d_44hnW1Qmnornh29muLwvGqoWBcDLjnqhBuXdi_CcJVixJJqCf_lLGpsyJSwkMZyrYZw9GJF6CiAhU7ISj9vI37K8ltDlfGqo8CqDOPmOM0OlTLNJu1COryoZmNTuljazwuDTjmra_i_fCf6G3s_fyzC8BWTj_-i9lZdJUs5zmqU-U3yJZhj3oNh8-mWDCk0Sf55SQ7DlHFjKS4V2tO8W4HyxDqujF-MEnLKt6e1GljDLcmYtuVFEg-jyio8bnpkIYgiaUjatVFsmMO2LGJ62QyxC_qwLV6amCKS0inPMOalliibxnior-9EQxNldScKs_atRH08yJfwRNE3sWT_pXdx_ROoHgM46fhoeBcvbI2c5wLMuwx2c3m0bfx-y0QgB8ol3xHpLJvWlpon0LFPSmRK0-YgNxqykAeQJme8PjezyIb9bfSPuHX1fLKtB1hhEfPTPL6HFJgnAwcd9DguTRqw8dXOYB23OXI6vT2md1g5abUuIK3BGJRNGOwo-Dic_Za75cnZHcTBw-_suxLKurP83lUlMhNEbw1Cx4-CIGgvReBLyMWgFHOT0e5f3itH66JZazWtZYruFqz7jvfDihTCt_RQIg7wJqjxE-nwjdLoblgHAGvj8I4pCX_TOkwRLEZ3qSKH32MD_wVrZHr1T8RFP8i4e1e1iX1sUlIWSU1tfRwzyj6ezfH9lzODKRaojzRCrgFQ9pKk9cIOXwFSGjbthg2MsIT8fXNexYLUBKLqUbS0vnEEKeZR6Q-C3TsoXHpipAMIhXdhBqrTdCqmLUys5noci8KeqVOr2pPxgKWx3yQDCf7wSUjDopuGaZHgYEGCLgdyon-E5-X4IALwWt9Fktq_ZvkYx_3N0sDNOxPDlg5t2HSMG25eo6gR1RLmxIjWrmV6NTVYpbujy2H6tVGflovfnZpn5uC-gxnk-c5mThCTfDFj5RGxvAe56Pm4HreyIKpr3oyM7I5phvhrJdWlJXnAEps6_DQMblTmjcLYrjqap-q2A-Au7hqRxib9eLg-IOBEfA0Vn4Dv&cid=CAQSOwDq26N9A-gflwcmzR0kh6X7ZmgQ1a2fboykrE8KYXZ9bpfVO1U14XtGpyHMapb_JT905JB1DIZQqkQjGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=1&iif=1&cor=253758944722563400&adk=2935317967&idt=86&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c76df2edc4aac9adc409fe5f6f2250a05ed1ef1d32c411c2d754445e53146f52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30456
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame FC61 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Dec 2022 01:04:12 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3BE1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:04:12 GMT
usync.html
eus.rubiconproject.com/ Frame 0520 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Dec 2022 01:04:12 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4640 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:04:12 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BB65 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
537890
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 19:39:22 GMT
expires
Sun, 03 Dec 2023 19:39:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EE3C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
537890
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 19:39:22 GMT
expires
Sun, 03 Dec 2023 19:39:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C63C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 07:06:25 GMT
usync.html
eus.rubiconproject.com/ Frame CBB5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Dec 2022 01:04:12 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame C63C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVQN2pl7GFldnVweXgxZ0QJ3vH5eucK2TW7vKlSMme_Y_fnxaObtp4yF32aRCdi5um37Tl4E62KZ0P3PcPUmX8Ka6RxQtVrX6WvPTyp61EEP2_V87a06ZWANkfi0ahkeH--CZJ-NkTdVrDk8yX8J-WOIW7GC5knkJkSQe9bb-0fl6MaXZ5CQ6fA4E0gMmwb3GSv3sDnaPPqogE_42S1p3SFURQkP9VtU5gwaHL82CG6LfnBJUspHlunqSgab4gcoCZzy7GzV0SbeN7nb3hD3oo2ye9Gfhz6CFUKVlnIAv2AD2rW4v0axcejFt6YGWIsGRRm6W6p82x447erxFyiibDneG291Hz0w&sai=AMfl-YTg8gMPygaD7pHmFES2gMast_IL6lx48b4aSX-gdwljoN4_2-QeVYPfzOTB0nJ2Zmddp67rfWvK3dd4nOrMVilOgcsUBccOL5bUTZ4Mg5IyTyltiV4xkX0cYhIGgmhM&sig=Cg0ArKJSzHRqXJc2EeExEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
truncated
/ Frame C63C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a33048e30d15afc0eaa7734898be22ab913880bff745bcbe624de5d4b0862ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BE1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b6a35331dd68f99e7f98c910482458ff65198fe5e6385d4ea1a2e451bf877e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4640 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30ba9045c27675eeddd69564add4e731cdb9fc7f913db3f608d4fc1b7d0a4cd5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 4E15 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkWnl-YGmuQtLG-IANTFNLPYe-2eSgKe2lMDCZbe09DvyXhv6IMfPIgcYj6Gi4NN00l9c9Dz3MuyLZQYAqrFdSPotGsQ&cry=1&dbm_d=AKAmf-AEpG4WMLjZ_0RegVbbq-SiK4LIhoHnW11oN-V4cejjN76BnTg5NxmcpNDNIVXuYDEI9YypVngaJ_qWUiKbm44UY9wfBhcwl3gtEyXZFT5YvxKErP9AQO7wcV3XbMafU8gbC8ZfF_ghPriNNWPf_jylhBhfTWMws7GOjPN9g3kfuAR3Ut3MwqVsItmLXf56doxy6NpckTtpveYx0t2G5TaGurVaKtIZP3nnA3bd4YLbCG0qu7kkU2IXud79vi0L7uR_v9KOqaiHjbO9HsSXI3d6LeDra7toIV5u4wpV4oYWntGEL_DhtMbzkE43lE7h6VfJhHW30BrUMcSLxzlMD1PhkCIRAZFzzNjFmGyEnYGvADrmLejcqu4wUIcB5VGdbofvgVsPEmXPvfyimMg-zWGv0ZjJ8JIzw8mle6-YbRSIWuWjyoFZ77QBNOIDXUIIRqlpHw_5rT-1eIguwZA2lLaPA4EmnBdmNSHQhbDJPnmDLVqoW4bdth3mET37WLQYENjW6iC96HzeqxPILMF4JUQx3FHahPRkjMrv70PPyIVQUkohZ2Z2fQcydAKuzkWj7tTQb4NXyA3idL_qAxyTRVqk21zpfTvUN8-ZZlIttb7lqlOFO9OKiPMesTuJjmK0npPtQ-KMIjV_TFSR5bvBwLPbsW2nmr-wX41VKhN_J-YptMwx-hDK2sv9N4mb6JLw5r2DEXU5q1qAXl3GaADO-PSg2K3dvuaLctCuCZ2SXXwN2bl4ziw8xhh2c-gjHGhEB62s4Ycr7PgqBJ0fQeyzWz_X_vVY25lFOF8LRWqhwrbkoE0P8LayNQi0ldLRATGOpKFJCgPjXyNBytGImQ36H_sGZR7vLVsdq33tg07PUgFWoam7k68Z5ffc7y4zzpbukKgDL-zWPRZjg_fiC8wp1zUfSbpFet8H5M3Gcu45D8wBf5fHg0LMa_1F-OQ2cuh7AeseWjrGdHgUu_gQ7QZLw9jd-sRNA1ymQfjbH95AleO0w4tMhC9H0i5lFx1c2bJONPqyFDyqrVWeIcYSi2OtH4g1_PpSD0ijj16FlS5wUHymWxUh10QoYPgfJwCHK_PHK9ps5KwfVAw9upFYkeYj8GSUe0GRRgTBzXnugHhqHnRl8qkaexHoT-mpEae5MvMyy-7O4gdNXsaZ4UIE_3rJJjz41iQrKxgzb4j-mRTaoLyhfq4KmOMWdkOhgkjT7LG87RWMWYqbZM0cKGwAXlB1o3OvpZvaB2cXNFP1NC2Lg_IU3eYHqTywRp-AoqQd1m-26ynoW3cpIhOyT3nLzVrT84RcLfiECbx4EnJ7b0C_5r0zfUfbf4CJg9P30PQWGSEVM1TrXYBPGNmvsGY2N4H9hhaDYqMD6C2VH1NIUsZT_CUA_jXJR1rvJpZIJQXMHadzVODTUMzAz7MaWworoYIxIjMjr5J-bJtyIZ-4I98E8kQwjsMhdWfIx10EFUvoToY70hfs9MocVapUxbIgtK836ZX6fqNIw8AYap5b-fGNEBpfw4wtYdmg0D28eNEKikG8xl5SDNPDgqio-IIVLV9uYojc8xLq-nX9_ZA7oRb52eCyrSIDDMNLhep-n1qcrqx0KZl0zIHYUHVvgbm1oaTyMvaVOilDYXnnHTkEBtkFU-Ohk8l03QiFhBk-7epEjUIO092tzXnDTFJWb1v18VMtv7hP9tUAENf8bD-SJtLlJkhd78_o2bOqD8uRVUzI5BUbhVwwfhHkct9GApseS8h2Ei0c9WYLx38ZNmr3w_DHrGqizlLfluCNp5Ax3B9hhWiD41rfHyRD_t35-rxLCcBUWKiCqJr7PwoiKQYAG4CaqbSOF0Zmi9ShOBydinPmk1MbV5CLcRVLY4hFjBFZRHiwgXm0Rrgz6hHv7wJNg5JKvD4ZxzLBrlNCtsAkK4kn8CfVQUjdoc89GzwKIxVq4A1JI1T_S-2JmPD1v6klx76UwSSckbKPa8pO1o7vnuA1jejN2JJ-gLJTwx4hCza-hjiOCMF4eywiAKM0ullQ7iC13-IsY54bIpiriRglu4VRm71246J8MDRPDas4Sq7PE-yGX3LLFQe1MPVenKW9J68SktC7INRlF6BIQTwyiKh__vCxIllJQ5KiyANlUyhSKOHIPVFlL5XrxfStGK55id9wfuFuNQyZBP8e8MKRnt0I9GEUzIe2I6HhC8YNCmUtNlCx318O9c_08-JDdrKszATp40mlJY8_Fthj8UP7tD5msJOIx8P5PlPG2I72ZTKJwapxW2BhLNn8ah76J9Qrykwrez0UPy4Arsr0o7TcVjANREgurXklYgtoRLjoimJmtnNW3koy1yU4JQQnMrbjAzGKlafZKwaHe5P2Vqt5WLmsouLUf6MXUszzStG-fl5P2fFXdlc2veZaG7wolGSRGR2uPov8AmXCa7KdKQB-OXUUMTi69FIzrzHnK8ckOtWOHGZdD3gOHu2MrNxcPcfuLfgvQnzoO0YlxBRNzvu9I2cmrXW56wYxeJqngL7YTED6VG7MsYNsxAMaVVKWuwq2PMgQI-KCZznQZkV0yJ1d_44hnW1Qmnornh29muLwvGqoWBcDLjnqhBuXdi_CcJVixJJqCf_lLGpsyJSwkMZyrYZw9GJF6CiAhU7ISj9vI37K8ltDlfGqo8CqDOPmOM0OlTLNJu1COryoZmNTuljazwuDTjmra_i_fCf6G3s_fyzC8BWTj_-i9lZdJUs5zmqU-U3yJZhj3oNh8-mWDCk0Sf55SQ7DlHFjKS4V2tO8W4HyxDqujF-MEnLKt6e1GljDLcmYtuVFEg-jyio8bnpkIYgiaUjatVFsmMO2LGJ62QyxC_qwLV6amCKS0inPMOalliibxnior-9EQxNldScKs_atRH08yJfwRNE3sWT_pXdx_ROoHgM46fhoeBcvbI2c5wLMuwx2c3m0bfx-y0QgB8ol3xHpLJvWlpon0LFPSmRK0-YgNxqykAeQJme8PjezyIb9bfSPuHX1fLKtB1hhEfPTPL6HFJgnAwcd9DguTRqw8dXOYB23OXI6vT2md1g5abUuIK3BGJRNGOwo-Dic_Za75cnZHcTBw-_suxLKurP83lUlMhNEbw1Cx4-CIGgvReBLyMWgFHOT0e5f3itH66JZazWtZYruFqz7jvfDihTCt_RQIg7wJqjxE-nwjdLoblgHAGvj8I4pCX_TOkwRLEZ3qSKH32MD_wVrZHr1T8RFP8i4e1e1iX1sUlIWSU1tfRwzyj6ezfH9lzODKRaojzRCrgFQ9pKk9cIOXwFSGjbthg2MsIT8fXNexYLUBKLqUbS0vnEEKeZR6Q-C3TsoXHpipAMIhXdhBqrTdCqmLUys5noci8KeqVOr2pPxgKWx3yQDCf7wSUjDopuGaZHgYEGCLgdyon-E5-X4IALwWt9Fktq_ZvkYx_3N0sDNOxPDlg5t2HSMG25eo6gR1RLmxIjWrmV6NTVYpbujy2H6tVGflovfnZpn5uC-gxnk-c5mThCTfDFj5RGxvAe56Pm4HreyIKpr3oyM7I5phvhrJdWlJXnAEps6_DQMblTmjcLYrjqap-q2A-Au7hqRxib9eLg-IOBEfA0Vn4Dv&cid=CAQSOwDq26N9A-gflwcmzR0kh6X7ZmgQ1a2fboykrE8KYXZ9bpfVO1U14XtGpyHMapb_JT905JB1DIZQqkQjGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=1&iif=1&cor=253758944722563400&adk=2935317967&idt=86&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
24667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:13:05 GMT
10423555113475628136
s0.2mdn.net/simgad/ Frame 4E15 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10423555113475628136
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkWnl-YGmuQtLG-IANTFNLPYe-2eSgKe2lMDCZbe09DvyXhv6IMfPIgcYj6Gi4NN00l9c9Dz3MuyLZQYAqrFdSPotGsQ&cry=1&dbm_d=AKAmf-AEpG4WMLjZ_0RegVbbq-SiK4LIhoHnW11oN-V4cejjN76BnTg5NxmcpNDNIVXuYDEI9YypVngaJ_qWUiKbm44UY9wfBhcwl3gtEyXZFT5YvxKErP9AQO7wcV3XbMafU8gbC8ZfF_ghPriNNWPf_jylhBhfTWMws7GOjPN9g3kfuAR3Ut3MwqVsItmLXf56doxy6NpckTtpveYx0t2G5TaGurVaKtIZP3nnA3bd4YLbCG0qu7kkU2IXud79vi0L7uR_v9KOqaiHjbO9HsSXI3d6LeDra7toIV5u4wpV4oYWntGEL_DhtMbzkE43lE7h6VfJhHW30BrUMcSLxzlMD1PhkCIRAZFzzNjFmGyEnYGvADrmLejcqu4wUIcB5VGdbofvgVsPEmXPvfyimMg-zWGv0ZjJ8JIzw8mle6-YbRSIWuWjyoFZ77QBNOIDXUIIRqlpHw_5rT-1eIguwZA2lLaPA4EmnBdmNSHQhbDJPnmDLVqoW4bdth3mET37WLQYENjW6iC96HzeqxPILMF4JUQx3FHahPRkjMrv70PPyIVQUkohZ2Z2fQcydAKuzkWj7tTQb4NXyA3idL_qAxyTRVqk21zpfTvUN8-ZZlIttb7lqlOFO9OKiPMesTuJjmK0npPtQ-KMIjV_TFSR5bvBwLPbsW2nmr-wX41VKhN_J-YptMwx-hDK2sv9N4mb6JLw5r2DEXU5q1qAXl3GaADO-PSg2K3dvuaLctCuCZ2SXXwN2bl4ziw8xhh2c-gjHGhEB62s4Ycr7PgqBJ0fQeyzWz_X_vVY25lFOF8LRWqhwrbkoE0P8LayNQi0ldLRATGOpKFJCgPjXyNBytGImQ36H_sGZR7vLVsdq33tg07PUgFWoam7k68Z5ffc7y4zzpbukKgDL-zWPRZjg_fiC8wp1zUfSbpFet8H5M3Gcu45D8wBf5fHg0LMa_1F-OQ2cuh7AeseWjrGdHgUu_gQ7QZLw9jd-sRNA1ymQfjbH95AleO0w4tMhC9H0i5lFx1c2bJONPqyFDyqrVWeIcYSi2OtH4g1_PpSD0ijj16FlS5wUHymWxUh10QoYPgfJwCHK_PHK9ps5KwfVAw9upFYkeYj8GSUe0GRRgTBzXnugHhqHnRl8qkaexHoT-mpEae5MvMyy-7O4gdNXsaZ4UIE_3rJJjz41iQrKxgzb4j-mRTaoLyhfq4KmOMWdkOhgkjT7LG87RWMWYqbZM0cKGwAXlB1o3OvpZvaB2cXNFP1NC2Lg_IU3eYHqTywRp-AoqQd1m-26ynoW3cpIhOyT3nLzVrT84RcLfiECbx4EnJ7b0C_5r0zfUfbf4CJg9P30PQWGSEVM1TrXYBPGNmvsGY2N4H9hhaDYqMD6C2VH1NIUsZT_CUA_jXJR1rvJpZIJQXMHadzVODTUMzAz7MaWworoYIxIjMjr5J-bJtyIZ-4I98E8kQwjsMhdWfIx10EFUvoToY70hfs9MocVapUxbIgtK836ZX6fqNIw8AYap5b-fGNEBpfw4wtYdmg0D28eNEKikG8xl5SDNPDgqio-IIVLV9uYojc8xLq-nX9_ZA7oRb52eCyrSIDDMNLhep-n1qcrqx0KZl0zIHYUHVvgbm1oaTyMvaVOilDYXnnHTkEBtkFU-Ohk8l03QiFhBk-7epEjUIO092tzXnDTFJWb1v18VMtv7hP9tUAENf8bD-SJtLlJkhd78_o2bOqD8uRVUzI5BUbhVwwfhHkct9GApseS8h2Ei0c9WYLx38ZNmr3w_DHrGqizlLfluCNp5Ax3B9hhWiD41rfHyRD_t35-rxLCcBUWKiCqJr7PwoiKQYAG4CaqbSOF0Zmi9ShOBydinPmk1MbV5CLcRVLY4hFjBFZRHiwgXm0Rrgz6hHv7wJNg5JKvD4ZxzLBrlNCtsAkK4kn8CfVQUjdoc89GzwKIxVq4A1JI1T_S-2JmPD1v6klx76UwSSckbKPa8pO1o7vnuA1jejN2JJ-gLJTwx4hCza-hjiOCMF4eywiAKM0ullQ7iC13-IsY54bIpiriRglu4VRm71246J8MDRPDas4Sq7PE-yGX3LLFQe1MPVenKW9J68SktC7INRlF6BIQTwyiKh__vCxIllJQ5KiyANlUyhSKOHIPVFlL5XrxfStGK55id9wfuFuNQyZBP8e8MKRnt0I9GEUzIe2I6HhC8YNCmUtNlCx318O9c_08-JDdrKszATp40mlJY8_Fthj8UP7tD5msJOIx8P5PlPG2I72ZTKJwapxW2BhLNn8ah76J9Qrykwrez0UPy4Arsr0o7TcVjANREgurXklYgtoRLjoimJmtnNW3koy1yU4JQQnMrbjAzGKlafZKwaHe5P2Vqt5WLmsouLUf6MXUszzStG-fl5P2fFXdlc2veZaG7wolGSRGR2uPov8AmXCa7KdKQB-OXUUMTi69FIzrzHnK8ckOtWOHGZdD3gOHu2MrNxcPcfuLfgvQnzoO0YlxBRNzvu9I2cmrXW56wYxeJqngL7YTED6VG7MsYNsxAMaVVKWuwq2PMgQI-KCZznQZkV0yJ1d_44hnW1Qmnornh29muLwvGqoWBcDLjnqhBuXdi_CcJVixJJqCf_lLGpsyJSwkMZyrYZw9GJF6CiAhU7ISj9vI37K8ltDlfGqo8CqDOPmOM0OlTLNJu1COryoZmNTuljazwuDTjmra_i_fCf6G3s_fyzC8BWTj_-i9lZdJUs5zmqU-U3yJZhj3oNh8-mWDCk0Sf55SQ7DlHFjKS4V2tO8W4HyxDqujF-MEnLKt6e1GljDLcmYtuVFEg-jyio8bnpkIYgiaUjatVFsmMO2LGJ62QyxC_qwLV6amCKS0inPMOalliibxnior-9EQxNldScKs_atRH08yJfwRNE3sWT_pXdx_ROoHgM46fhoeBcvbI2c5wLMuwx2c3m0bfx-y0QgB8ol3xHpLJvWlpon0LFPSmRK0-YgNxqykAeQJme8PjezyIb9bfSPuHX1fLKtB1hhEfPTPL6HFJgnAwcd9DguTRqw8dXOYB23OXI6vT2md1g5abUuIK3BGJRNGOwo-Dic_Za75cnZHcTBw-_suxLKurP83lUlMhNEbw1Cx4-CIGgvReBLyMWgFHOT0e5f3itH66JZazWtZYruFqz7jvfDihTCt_RQIg7wJqjxE-nwjdLoblgHAGvj8I4pCX_TOkwRLEZ3qSKH32MD_wVrZHr1T8RFP8i4e1e1iX1sUlIWSU1tfRwzyj6ezfH9lzODKRaojzRCrgFQ9pKk9cIOXwFSGjbthg2MsIT8fXNexYLUBKLqUbS0vnEEKeZR6Q-C3TsoXHpipAMIhXdhBqrTdCqmLUys5noci8KeqVOr2pPxgKWx3yQDCf7wSUjDopuGaZHgYEGCLgdyon-E5-X4IALwWt9Fktq_ZvkYx_3N0sDNOxPDlg5t2HSMG25eo6gR1RLmxIjWrmV6NTVYpbujy2H6tVGflovfnZpn5uC-gxnk-c5mThCTfDFj5RGxvAe56Pm4HreyIKpr3oyM7I5phvhrJdWlJXnAEps6_DQMblTmjcLYrjqap-q2A-Au7hqRxib9eLg-IOBEfA0Vn4Dv&cid=CAQSOwDq26N9A-gflwcmzR0kh6X7ZmgQ1a2fboykrE8KYXZ9bpfVO1U14XtGpyHMapb_JT905JB1DIZQqkQjGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=1&iif=1&cor=253758944722563400&adk=2935317967&idt=86&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c920ac2b555f154391dff84dc42ef4599ada15b7ddfe9a0e6d0cc8d2a4b57a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 06:39:01 GMT
x-content-type-options
nosniff
age
411911
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
362388
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 02:44:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 06:39:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 4E15 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkWnl-YGmuQtLG-IANTFNLPYe-2eSgKe2lMDCZbe09DvyXhv6IMfPIgcYj6Gi4NN00l9c9Dz3MuyLZQYAqrFdSPotGsQ&cry=1&dbm_d=AKAmf-AEpG4WMLjZ_0RegVbbq-SiK4LIhoHnW11oN-V4cejjN76BnTg5NxmcpNDNIVXuYDEI9YypVngaJ_qWUiKbm44UY9wfBhcwl3gtEyXZFT5YvxKErP9AQO7wcV3XbMafU8gbC8ZfF_ghPriNNWPf_jylhBhfTWMws7GOjPN9g3kfuAR3Ut3MwqVsItmLXf56doxy6NpckTtpveYx0t2G5TaGurVaKtIZP3nnA3bd4YLbCG0qu7kkU2IXud79vi0L7uR_v9KOqaiHjbO9HsSXI3d6LeDra7toIV5u4wpV4oYWntGEL_DhtMbzkE43lE7h6VfJhHW30BrUMcSLxzlMD1PhkCIRAZFzzNjFmGyEnYGvADrmLejcqu4wUIcB5VGdbofvgVsPEmXPvfyimMg-zWGv0ZjJ8JIzw8mle6-YbRSIWuWjyoFZ77QBNOIDXUIIRqlpHw_5rT-1eIguwZA2lLaPA4EmnBdmNSHQhbDJPnmDLVqoW4bdth3mET37WLQYENjW6iC96HzeqxPILMF4JUQx3FHahPRkjMrv70PPyIVQUkohZ2Z2fQcydAKuzkWj7tTQb4NXyA3idL_qAxyTRVqk21zpfTvUN8-ZZlIttb7lqlOFO9OKiPMesTuJjmK0npPtQ-KMIjV_TFSR5bvBwLPbsW2nmr-wX41VKhN_J-YptMwx-hDK2sv9N4mb6JLw5r2DEXU5q1qAXl3GaADO-PSg2K3dvuaLctCuCZ2SXXwN2bl4ziw8xhh2c-gjHGhEB62s4Ycr7PgqBJ0fQeyzWz_X_vVY25lFOF8LRWqhwrbkoE0P8LayNQi0ldLRATGOpKFJCgPjXyNBytGImQ36H_sGZR7vLVsdq33tg07PUgFWoam7k68Z5ffc7y4zzpbukKgDL-zWPRZjg_fiC8wp1zUfSbpFet8H5M3Gcu45D8wBf5fHg0LMa_1F-OQ2cuh7AeseWjrGdHgUu_gQ7QZLw9jd-sRNA1ymQfjbH95AleO0w4tMhC9H0i5lFx1c2bJONPqyFDyqrVWeIcYSi2OtH4g1_PpSD0ijj16FlS5wUHymWxUh10QoYPgfJwCHK_PHK9ps5KwfVAw9upFYkeYj8GSUe0GRRgTBzXnugHhqHnRl8qkaexHoT-mpEae5MvMyy-7O4gdNXsaZ4UIE_3rJJjz41iQrKxgzb4j-mRTaoLyhfq4KmOMWdkOhgkjT7LG87RWMWYqbZM0cKGwAXlB1o3OvpZvaB2cXNFP1NC2Lg_IU3eYHqTywRp-AoqQd1m-26ynoW3cpIhOyT3nLzVrT84RcLfiECbx4EnJ7b0C_5r0zfUfbf4CJg9P30PQWGSEVM1TrXYBPGNmvsGY2N4H9hhaDYqMD6C2VH1NIUsZT_CUA_jXJR1rvJpZIJQXMHadzVODTUMzAz7MaWworoYIxIjMjr5J-bJtyIZ-4I98E8kQwjsMhdWfIx10EFUvoToY70hfs9MocVapUxbIgtK836ZX6fqNIw8AYap5b-fGNEBpfw4wtYdmg0D28eNEKikG8xl5SDNPDgqio-IIVLV9uYojc8xLq-nX9_ZA7oRb52eCyrSIDDMNLhep-n1qcrqx0KZl0zIHYUHVvgbm1oaTyMvaVOilDYXnnHTkEBtkFU-Ohk8l03QiFhBk-7epEjUIO092tzXnDTFJWb1v18VMtv7hP9tUAENf8bD-SJtLlJkhd78_o2bOqD8uRVUzI5BUbhVwwfhHkct9GApseS8h2Ei0c9WYLx38ZNmr3w_DHrGqizlLfluCNp5Ax3B9hhWiD41rfHyRD_t35-rxLCcBUWKiCqJr7PwoiKQYAG4CaqbSOF0Zmi9ShOBydinPmk1MbV5CLcRVLY4hFjBFZRHiwgXm0Rrgz6hHv7wJNg5JKvD4ZxzLBrlNCtsAkK4kn8CfVQUjdoc89GzwKIxVq4A1JI1T_S-2JmPD1v6klx76UwSSckbKPa8pO1o7vnuA1jejN2JJ-gLJTwx4hCza-hjiOCMF4eywiAKM0ullQ7iC13-IsY54bIpiriRglu4VRm71246J8MDRPDas4Sq7PE-yGX3LLFQe1MPVenKW9J68SktC7INRlF6BIQTwyiKh__vCxIllJQ5KiyANlUyhSKOHIPVFlL5XrxfStGK55id9wfuFuNQyZBP8e8MKRnt0I9GEUzIe2I6HhC8YNCmUtNlCx318O9c_08-JDdrKszATp40mlJY8_Fthj8UP7tD5msJOIx8P5PlPG2I72ZTKJwapxW2BhLNn8ah76J9Qrykwrez0UPy4Arsr0o7TcVjANREgurXklYgtoRLjoimJmtnNW3koy1yU4JQQnMrbjAzGKlafZKwaHe5P2Vqt5WLmsouLUf6MXUszzStG-fl5P2fFXdlc2veZaG7wolGSRGR2uPov8AmXCa7KdKQB-OXUUMTi69FIzrzHnK8ckOtWOHGZdD3gOHu2MrNxcPcfuLfgvQnzoO0YlxBRNzvu9I2cmrXW56wYxeJqngL7YTED6VG7MsYNsxAMaVVKWuwq2PMgQI-KCZznQZkV0yJ1d_44hnW1Qmnornh29muLwvGqoWBcDLjnqhBuXdi_CcJVixJJqCf_lLGpsyJSwkMZyrYZw9GJF6CiAhU7ISj9vI37K8ltDlfGqo8CqDOPmOM0OlTLNJu1COryoZmNTuljazwuDTjmra_i_fCf6G3s_fyzC8BWTj_-i9lZdJUs5zmqU-U3yJZhj3oNh8-mWDCk0Sf55SQ7DlHFjKS4V2tO8W4HyxDqujF-MEnLKt6e1GljDLcmYtuVFEg-jyio8bnpkIYgiaUjatVFsmMO2LGJ62QyxC_qwLV6amCKS0inPMOalliibxnior-9EQxNldScKs_atRH08yJfwRNE3sWT_pXdx_ROoHgM46fhoeBcvbI2c5wLMuwx2c3m0bfx-y0QgB8ol3xHpLJvWlpon0LFPSmRK0-YgNxqykAeQJme8PjezyIb9bfSPuHX1fLKtB1hhEfPTPL6HFJgnAwcd9DguTRqw8dXOYB23OXI6vT2md1g5abUuIK3BGJRNGOwo-Dic_Za75cnZHcTBw-_suxLKurP83lUlMhNEbw1Cx4-CIGgvReBLyMWgFHOT0e5f3itH66JZazWtZYruFqz7jvfDihTCt_RQIg7wJqjxE-nwjdLoblgHAGvj8I4pCX_TOkwRLEZ3qSKH32MD_wVrZHr1T8RFP8i4e1e1iX1sUlIWSU1tfRwzyj6ezfH9lzODKRaojzRCrgFQ9pKk9cIOXwFSGjbthg2MsIT8fXNexYLUBKLqUbS0vnEEKeZR6Q-C3TsoXHpipAMIhXdhBqrTdCqmLUys5noci8KeqVOr2pPxgKWx3yQDCf7wSUjDopuGaZHgYEGCLgdyon-E5-X4IALwWt9Fktq_ZvkYx_3N0sDNOxPDlg5t2HSMG25eo6gR1RLmxIjWrmV6NTVYpbujy2H6tVGflovfnZpn5uC-gxnk-c5mThCTfDFj5RGxvAe56Pm4HreyIKpr3oyM7I5phvhrJdWlJXnAEps6_DQMblTmjcLYrjqap-q2A-Au7hqRxib9eLg-IOBEfA0Vn4Dv&cid=CAQSOwDq26N9A-gflwcmzR0kh6X7ZmgQ1a2fboykrE8KYXZ9bpfVO1U14XtGpyHMapb_JT905JB1DIZQqkQjGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=1&iif=1&cor=253758944722563400&adk=2935317967&idt=86&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
21953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:58:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4E15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCYzB3Joa6kudWK6do8NZr6c7HFWXg1BVIxIIffeZlebCeomJePA8g-thy4S-NZhyltQkZ3Mgh-9RVKM0JgACKvqqVDZzuUawB9fq4K4zLgkQwNfKr-ZAIjFt_myE-LeUiQRrwE8_IzchWkM9KJtwEns2gl9fl5af1p0agE4-Dqg-892cY97fzBX-QNYraCwKil7a1vqaNnAd5um9vDPPcopFgyeeJN9a1LLRE1O1v0K7GgJpm5hkkki1G2O8AO7V9lIZZNAn75quwoIoLcoJg7mARSFcuiR4MRzh5LFht328KqpV7F1PHwDWlBFcxiHL5cwpj1j6EGsJc8UCrDkdN4FoVBn3lJ0GgNQJJTMB3i-CsTANkHodl6EfPruhzmaMOvVD4LjqxB6MH9AtgRUm0kO3Gr8ZDamalUCGoO5X3W1pJJZQ2PF_DCcbhvFyAjoA_bMiLndYmm_fOrcK5u72hOH9FLtz7TzyAi0EB7NjxnvBigg1s6KsGE3ScBOpobpmioDAJINz8pzo4qGKVusw_k1JmoEOaYolzVwhZnafjt0rhEAxBDvdkMdE7ONHI6Sb8W_27CHqIW8uoAfulYNEzBTqcXp6Sjr1KMKetbG53w7wyBywA3NFIPvT-Ck5tF9-0sMsvK4BVhph__hTqdkaCOa-oIOZZCivhRbuV5NnMKKYqjr_5HgBDRJbAcbE0xZWKohmv0Il8EqGgpSjQaTXSj52jl6VKkM-7VMU6Yhg9o8oRoxJqsZYm8EeikH1rOM7ycygXc5EmimA9QLIC6bISUQASDLsdjmEuxcLRh7NQ0In6nz7ROrqM5eIDAB87_ZKWDjH-0_JOIWh3ruEVn5Fj8bGeazc5ugFreKFoaCuT2JcbLy2Uv7WeK0LrsJT-qZUe-JlzEwlL8INvdv8UXFwS6OeNzduS-1zzpWX2or3TqP-OGm-IIPgJYnKMlfFT20cS_pbQ0qe7RMH_vlxIjHHTobNUqAAAkJU0qzmwgzXI0ML7V8qy_437pLYruLVLAotFu8-H-xd0k7nL2pZBWIvig4t2ACBqBtkHsRJ_SPnNJyZdMcf8BS9Q7Jn_Do-ueBya-wzrr6QDRgMfmu8YxxHHugYhHtMeNOZIiuJYyVJDBcZ9fUWMA_MYvw_4VXnMfQQfn1aBTxLSYRkT9HJRTquGEm42RshWG-wrj7rIwZk0G88pfvia6_0MO85a9H9UxCPRqaVfUJGyf1P3-8mBTjRDyrkK5apqGsRVA8GdkwWCNbnin_z9hh7j4PWu3rfPQltCjoVBPs8jPou23drLLrNhLnX-wgrWwRpZQlWzR4YsdbGK_RuyBo7VMM413EOEsT4i3PKo_6uyJ1aKU7Bh0IhL1Qk&sai=AMfl-YRiuzcv88n7BQtuXHWyD2D-3y-lL_atuD7HiPcVtGl-eDkzeHnOTtpNIPgXhUZ9BkdgziC5mzKJCt0yncIqd4vzlU7q1mKG6DXiPSjLdvYKe5L5KFtW_MXa47GGxARAe3ErWq45VH3OIlL8ypAHnVn5X5DMxOzW6HE46AvysaDZ4gk8UI-nTBJ0h213_amLpLESa6JNqq308OrmTh0Vwz4vgcoWv2Yu3gvyK3wypwAcKCj0WyV541k5TlRyTEDxkUIgvyUBZ_QBXyX0EAa8-PDqmQHqY8dRO0nV&sig=Cg0ArKJSzM45kp-hiMdpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221206.07491&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkWnl-YGmuQtLG-IANTFNLPYe-2eSgKe2lMDCZbe09DvyXhv6IMfPIgcYj6Gi4NN00l9c9Dz3MuyLZQYAqrFdSPotGsQ&cry=1&dbm_d=AKAmf-AEpG4WMLjZ_0RegVbbq-SiK4LIhoHnW11oN-V4cejjN76BnTg5NxmcpNDNIVXuYDEI9YypVngaJ_qWUiKbm44UY9wfBhcwl3gtEyXZFT5YvxKErP9AQO7wcV3XbMafU8gbC8ZfF_ghPriNNWPf_jylhBhfTWMws7GOjPN9g3kfuAR3Ut3MwqVsItmLXf56doxy6NpckTtpveYx0t2G5TaGurVaKtIZP3nnA3bd4YLbCG0qu7kkU2IXud79vi0L7uR_v9KOqaiHjbO9HsSXI3d6LeDra7toIV5u4wpV4oYWntGEL_DhtMbzkE43lE7h6VfJhHW30BrUMcSLxzlMD1PhkCIRAZFzzNjFmGyEnYGvADrmLejcqu4wUIcB5VGdbofvgVsPEmXPvfyimMg-zWGv0ZjJ8JIzw8mle6-YbRSIWuWjyoFZ77QBNOIDXUIIRqlpHw_5rT-1eIguwZA2lLaPA4EmnBdmNSHQhbDJPnmDLVqoW4bdth3mET37WLQYENjW6iC96HzeqxPILMF4JUQx3FHahPRkjMrv70PPyIVQUkohZ2Z2fQcydAKuzkWj7tTQb4NXyA3idL_qAxyTRVqk21zpfTvUN8-ZZlIttb7lqlOFO9OKiPMesTuJjmK0npPtQ-KMIjV_TFSR5bvBwLPbsW2nmr-wX41VKhN_J-YptMwx-hDK2sv9N4mb6JLw5r2DEXU5q1qAXl3GaADO-PSg2K3dvuaLctCuCZ2SXXwN2bl4ziw8xhh2c-gjHGhEB62s4Ycr7PgqBJ0fQeyzWz_X_vVY25lFOF8LRWqhwrbkoE0P8LayNQi0ldLRATGOpKFJCgPjXyNBytGImQ36H_sGZR7vLVsdq33tg07PUgFWoam7k68Z5ffc7y4zzpbukKgDL-zWPRZjg_fiC8wp1zUfSbpFet8H5M3Gcu45D8wBf5fHg0LMa_1F-OQ2cuh7AeseWjrGdHgUu_gQ7QZLw9jd-sRNA1ymQfjbH95AleO0w4tMhC9H0i5lFx1c2bJONPqyFDyqrVWeIcYSi2OtH4g1_PpSD0ijj16FlS5wUHymWxUh10QoYPgfJwCHK_PHK9ps5KwfVAw9upFYkeYj8GSUe0GRRgTBzXnugHhqHnRl8qkaexHoT-mpEae5MvMyy-7O4gdNXsaZ4UIE_3rJJjz41iQrKxgzb4j-mRTaoLyhfq4KmOMWdkOhgkjT7LG87RWMWYqbZM0cKGwAXlB1o3OvpZvaB2cXNFP1NC2Lg_IU3eYHqTywRp-AoqQd1m-26ynoW3cpIhOyT3nLzVrT84RcLfiECbx4EnJ7b0C_5r0zfUfbf4CJg9P30PQWGSEVM1TrXYBPGNmvsGY2N4H9hhaDYqMD6C2VH1NIUsZT_CUA_jXJR1rvJpZIJQXMHadzVODTUMzAz7MaWworoYIxIjMjr5J-bJtyIZ-4I98E8kQwjsMhdWfIx10EFUvoToY70hfs9MocVapUxbIgtK836ZX6fqNIw8AYap5b-fGNEBpfw4wtYdmg0D28eNEKikG8xl5SDNPDgqio-IIVLV9uYojc8xLq-nX9_ZA7oRb52eCyrSIDDMNLhep-n1qcrqx0KZl0zIHYUHVvgbm1oaTyMvaVOilDYXnnHTkEBtkFU-Ohk8l03QiFhBk-7epEjUIO092tzXnDTFJWb1v18VMtv7hP9tUAENf8bD-SJtLlJkhd78_o2bOqD8uRVUzI5BUbhVwwfhHkct9GApseS8h2Ei0c9WYLx38ZNmr3w_DHrGqizlLfluCNp5Ax3B9hhWiD41rfHyRD_t35-rxLCcBUWKiCqJr7PwoiKQYAG4CaqbSOF0Zmi9ShOBydinPmk1MbV5CLcRVLY4hFjBFZRHiwgXm0Rrgz6hHv7wJNg5JKvD4ZxzLBrlNCtsAkK4kn8CfVQUjdoc89GzwKIxVq4A1JI1T_S-2JmPD1v6klx76UwSSckbKPa8pO1o7vnuA1jejN2JJ-gLJTwx4hCza-hjiOCMF4eywiAKM0ullQ7iC13-IsY54bIpiriRglu4VRm71246J8MDRPDas4Sq7PE-yGX3LLFQe1MPVenKW9J68SktC7INRlF6BIQTwyiKh__vCxIllJQ5KiyANlUyhSKOHIPVFlL5XrxfStGK55id9wfuFuNQyZBP8e8MKRnt0I9GEUzIe2I6HhC8YNCmUtNlCx318O9c_08-JDdrKszATp40mlJY8_Fthj8UP7tD5msJOIx8P5PlPG2I72ZTKJwapxW2BhLNn8ah76J9Qrykwrez0UPy4Arsr0o7TcVjANREgurXklYgtoRLjoimJmtnNW3koy1yU4JQQnMrbjAzGKlafZKwaHe5P2Vqt5WLmsouLUf6MXUszzStG-fl5P2fFXdlc2veZaG7wolGSRGR2uPov8AmXCa7KdKQB-OXUUMTi69FIzrzHnK8ckOtWOHGZdD3gOHu2MrNxcPcfuLfgvQnzoO0YlxBRNzvu9I2cmrXW56wYxeJqngL7YTED6VG7MsYNsxAMaVVKWuwq2PMgQI-KCZznQZkV0yJ1d_44hnW1Qmnornh29muLwvGqoWBcDLjnqhBuXdi_CcJVixJJqCf_lLGpsyJSwkMZyrYZw9GJF6CiAhU7ISj9vI37K8ltDlfGqo8CqDOPmOM0OlTLNJu1COryoZmNTuljazwuDTjmra_i_fCf6G3s_fyzC8BWTj_-i9lZdJUs5zmqU-U3yJZhj3oNh8-mWDCk0Sf55SQ7DlHFjKS4V2tO8W4HyxDqujF-MEnLKt6e1GljDLcmYtuVFEg-jyio8bnpkIYgiaUjatVFsmMO2LGJ62QyxC_qwLV6amCKS0inPMOalliibxnior-9EQxNldScKs_atRH08yJfwRNE3sWT_pXdx_ROoHgM46fhoeBcvbI2c5wLMuwx2c3m0bfx-y0QgB8ol3xHpLJvWlpon0LFPSmRK0-YgNxqykAeQJme8PjezyIb9bfSPuHX1fLKtB1hhEfPTPL6HFJgnAwcd9DguTRqw8dXOYB23OXI6vT2md1g5abUuIK3BGJRNGOwo-Dic_Za75cnZHcTBw-_suxLKurP83lUlMhNEbw1Cx4-CIGgvReBLyMWgFHOT0e5f3itH66JZazWtZYruFqz7jvfDihTCt_RQIg7wJqjxE-nwjdLoblgHAGvj8I4pCX_TOkwRLEZ3qSKH32MD_wVrZHr1T8RFP8i4e1e1iX1sUlIWSU1tfRwzyj6ezfH9lzODKRaojzRCrgFQ9pKk9cIOXwFSGjbthg2MsIT8fXNexYLUBKLqUbS0vnEEKeZR6Q-C3TsoXHpipAMIhXdhBqrTdCqmLUys5noci8KeqVOr2pPxgKWx3yQDCf7wSUjDopuGaZHgYEGCLgdyon-E5-X4IALwWt9Fktq_ZvkYx_3N0sDNOxPDlg5t2HSMG25eo6gR1RLmxIjWrmV6NTVYpbujy2H6tVGflovfnZpn5uC-gxnk-c5mThCTfDFj5RGxvAe56Pm4HreyIKpr3oyM7I5phvhrJdWlJXnAEps6_DQMblTmjcLYrjqap-q2A-Au7hqRxib9eLg-IOBEfA0Vn4Dv&cid=CAQSOwDq26N9A-gflwcmzR0kh6X7ZmgQ1a2fboykrE8KYXZ9bpfVO1U14XtGpyHMapb_JT905JB1DIZQqkQjGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=1&iif=1&cor=253758944722563400&adk=2935317967&idt=86&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4E15 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkWnl-YGmuQtLG-IANTFNLPYe-2eSgKe2lMDCZbe09DvyXhv6IMfPIgcYj6Gi4NN00l9c9Dz3MuyLZQYAqrFdSPotGsQ&cry=1&dbm_d=AKAmf-AEpG4WMLjZ_0RegVbbq-SiK4LIhoHnW11oN-V4cejjN76BnTg5NxmcpNDNIVXuYDEI9YypVngaJ_qWUiKbm44UY9wfBhcwl3gtEyXZFT5YvxKErP9AQO7wcV3XbMafU8gbC8ZfF_ghPriNNWPf_jylhBhfTWMws7GOjPN9g3kfuAR3Ut3MwqVsItmLXf56doxy6NpckTtpveYx0t2G5TaGurVaKtIZP3nnA3bd4YLbCG0qu7kkU2IXud79vi0L7uR_v9KOqaiHjbO9HsSXI3d6LeDra7toIV5u4wpV4oYWntGEL_DhtMbzkE43lE7h6VfJhHW30BrUMcSLxzlMD1PhkCIRAZFzzNjFmGyEnYGvADrmLejcqu4wUIcB5VGdbofvgVsPEmXPvfyimMg-zWGv0ZjJ8JIzw8mle6-YbRSIWuWjyoFZ77QBNOIDXUIIRqlpHw_5rT-1eIguwZA2lLaPA4EmnBdmNSHQhbDJPnmDLVqoW4bdth3mET37WLQYENjW6iC96HzeqxPILMF4JUQx3FHahPRkjMrv70PPyIVQUkohZ2Z2fQcydAKuzkWj7tTQb4NXyA3idL_qAxyTRVqk21zpfTvUN8-ZZlIttb7lqlOFO9OKiPMesTuJjmK0npPtQ-KMIjV_TFSR5bvBwLPbsW2nmr-wX41VKhN_J-YptMwx-hDK2sv9N4mb6JLw5r2DEXU5q1qAXl3GaADO-PSg2K3dvuaLctCuCZ2SXXwN2bl4ziw8xhh2c-gjHGhEB62s4Ycr7PgqBJ0fQeyzWz_X_vVY25lFOF8LRWqhwrbkoE0P8LayNQi0ldLRATGOpKFJCgPjXyNBytGImQ36H_sGZR7vLVsdq33tg07PUgFWoam7k68Z5ffc7y4zzpbukKgDL-zWPRZjg_fiC8wp1zUfSbpFet8H5M3Gcu45D8wBf5fHg0LMa_1F-OQ2cuh7AeseWjrGdHgUu_gQ7QZLw9jd-sRNA1ymQfjbH95AleO0w4tMhC9H0i5lFx1c2bJONPqyFDyqrVWeIcYSi2OtH4g1_PpSD0ijj16FlS5wUHymWxUh10QoYPgfJwCHK_PHK9ps5KwfVAw9upFYkeYj8GSUe0GRRgTBzXnugHhqHnRl8qkaexHoT-mpEae5MvMyy-7O4gdNXsaZ4UIE_3rJJjz41iQrKxgzb4j-mRTaoLyhfq4KmOMWdkOhgkjT7LG87RWMWYqbZM0cKGwAXlB1o3OvpZvaB2cXNFP1NC2Lg_IU3eYHqTywRp-AoqQd1m-26ynoW3cpIhOyT3nLzVrT84RcLfiECbx4EnJ7b0C_5r0zfUfbf4CJg9P30PQWGSEVM1TrXYBPGNmvsGY2N4H9hhaDYqMD6C2VH1NIUsZT_CUA_jXJR1rvJpZIJQXMHadzVODTUMzAz7MaWworoYIxIjMjr5J-bJtyIZ-4I98E8kQwjsMhdWfIx10EFUvoToY70hfs9MocVapUxbIgtK836ZX6fqNIw8AYap5b-fGNEBpfw4wtYdmg0D28eNEKikG8xl5SDNPDgqio-IIVLV9uYojc8xLq-nX9_ZA7oRb52eCyrSIDDMNLhep-n1qcrqx0KZl0zIHYUHVvgbm1oaTyMvaVOilDYXnnHTkEBtkFU-Ohk8l03QiFhBk-7epEjUIO092tzXnDTFJWb1v18VMtv7hP9tUAENf8bD-SJtLlJkhd78_o2bOqD8uRVUzI5BUbhVwwfhHkct9GApseS8h2Ei0c9WYLx38ZNmr3w_DHrGqizlLfluCNp5Ax3B9hhWiD41rfHyRD_t35-rxLCcBUWKiCqJr7PwoiKQYAG4CaqbSOF0Zmi9ShOBydinPmk1MbV5CLcRVLY4hFjBFZRHiwgXm0Rrgz6hHv7wJNg5JKvD4ZxzLBrlNCtsAkK4kn8CfVQUjdoc89GzwKIxVq4A1JI1T_S-2JmPD1v6klx76UwSSckbKPa8pO1o7vnuA1jejN2JJ-gLJTwx4hCza-hjiOCMF4eywiAKM0ullQ7iC13-IsY54bIpiriRglu4VRm71246J8MDRPDas4Sq7PE-yGX3LLFQe1MPVenKW9J68SktC7INRlF6BIQTwyiKh__vCxIllJQ5KiyANlUyhSKOHIPVFlL5XrxfStGK55id9wfuFuNQyZBP8e8MKRnt0I9GEUzIe2I6HhC8YNCmUtNlCx318O9c_08-JDdrKszATp40mlJY8_Fthj8UP7tD5msJOIx8P5PlPG2I72ZTKJwapxW2BhLNn8ah76J9Qrykwrez0UPy4Arsr0o7TcVjANREgurXklYgtoRLjoimJmtnNW3koy1yU4JQQnMrbjAzGKlafZKwaHe5P2Vqt5WLmsouLUf6MXUszzStG-fl5P2fFXdlc2veZaG7wolGSRGR2uPov8AmXCa7KdKQB-OXUUMTi69FIzrzHnK8ckOtWOHGZdD3gOHu2MrNxcPcfuLfgvQnzoO0YlxBRNzvu9I2cmrXW56wYxeJqngL7YTED6VG7MsYNsxAMaVVKWuwq2PMgQI-KCZznQZkV0yJ1d_44hnW1Qmnornh29muLwvGqoWBcDLjnqhBuXdi_CcJVixJJqCf_lLGpsyJSwkMZyrYZw9GJF6CiAhU7ISj9vI37K8ltDlfGqo8CqDOPmOM0OlTLNJu1COryoZmNTuljazwuDTjmra_i_fCf6G3s_fyzC8BWTj_-i9lZdJUs5zmqU-U3yJZhj3oNh8-mWDCk0Sf55SQ7DlHFjKS4V2tO8W4HyxDqujF-MEnLKt6e1GljDLcmYtuVFEg-jyio8bnpkIYgiaUjatVFsmMO2LGJ62QyxC_qwLV6amCKS0inPMOalliibxnior-9EQxNldScKs_atRH08yJfwRNE3sWT_pXdx_ROoHgM46fhoeBcvbI2c5wLMuwx2c3m0bfx-y0QgB8ol3xHpLJvWlpon0LFPSmRK0-YgNxqykAeQJme8PjezyIb9bfSPuHX1fLKtB1hhEfPTPL6HFJgnAwcd9DguTRqw8dXOYB23OXI6vT2md1g5abUuIK3BGJRNGOwo-Dic_Za75cnZHcTBw-_suxLKurP83lUlMhNEbw1Cx4-CIGgvReBLyMWgFHOT0e5f3itH66JZazWtZYruFqz7jvfDihTCt_RQIg7wJqjxE-nwjdLoblgHAGvj8I4pCX_TOkwRLEZ3qSKH32MD_wVrZHr1T8RFP8i4e1e1iX1sUlIWSU1tfRwzyj6ezfH9lzODKRaojzRCrgFQ9pKk9cIOXwFSGjbthg2MsIT8fXNexYLUBKLqUbS0vnEEKeZR6Q-C3TsoXHpipAMIhXdhBqrTdCqmLUys5noci8KeqVOr2pPxgKWx3yQDCf7wSUjDopuGaZHgYEGCLgdyon-E5-X4IALwWt9Fktq_ZvkYx_3N0sDNOxPDlg5t2HSMG25eo6gR1RLmxIjWrmV6NTVYpbujy2H6tVGflovfnZpn5uC-gxnk-c5mThCTfDFj5RGxvAe56Pm4HreyIKpr3oyM7I5phvhrJdWlJXnAEps6_DQMblTmjcLYrjqap-q2A-Au7hqRxib9eLg-IOBEfA0Vn4Dv&cid=CAQSOwDq26N9A-gflwcmzR0kh6X7ZmgQ1a2fboykrE8KYXZ9bpfVO1U14XtGpyHMapb_JT905JB1DIZQqkQjGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=1&iif=1&cor=253758944722563400&adk=2935317967&idt=86&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 07:06:25 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5C55 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
537890
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 19:39:22 GMT
expires
Sun, 03 Dec 2023 19:39:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame BB65 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:07:49 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame EE3C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:07:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4640 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvdjB0o0LmcX8WdBtErCpPIrMbpAWpedmWDgU7GWSbe-XLPTaopHI-eSaxE4HO3FyVSCLJQa2B3epMt6tKu5vx5TfjY0OvdXLohzyzqxqshhC9SdNlqStdCz3DX8fWTXzQv7HMn6kMWIs1ewRYoffY3tPN5KHF9K_DREsUmti_yIMQitbDOWizZBQgveKXZNgKxUtC7noSoYBLVyPotFmSlNWZRw5JcCQGD_1PvUmCbgW8swE1SFGt2VSOCfbAb2pTEIkgWnzZ3b3sdbcWEkvW8JqTy9-PzQ8jMYrZNZ_PZtCsEVI97NIzuz3B0EGd5jc_mB0fPZYOmLD_61bIaZ_cBBI8gf84k2Nwc-MqQ-H9UeWy6qJbaijeWJeSLTjX0ncCikxR0knph4KOA27W54T-VEIDvgvEkfgzMcTpgCoEd7nd9LhYrudynZ6Z7UAPf6DNCeR-6CODMI09KwZae41KUub05Bgsd0MjTl5ChG6ZEUUHb5AH_VRwgI6zYIYuRksWut2qP8djtIK3Hu3JhXctiddnHhqDX2JjiWlhfbj1fk_mEYk1rFdX6rohmb0_FCauC3BWGbpX8tTiblLTCTi5DXQbGjxJqTCALC9isuzrd8NxBD0y5hMoR4lclmd8d_-Kpun7A_81lUHvZtrN8OBDfWRuvNXnDZEUB-6xaUWWB0w6EaJEGcNfwGa3YkDBwQ32sh4I5qj6-TjHikkBJKiu1NoOnNHTLw0qc0WgeXTP1oa2kN90R3ZD0WWPbN1lJlVxBkbsbhN0ZaGxhdol8f4iyKOc9KpnReXvCqcgrD5VWwSpF5KmGT66AbMEh0Qpds2IHLGu74p_NtnXkAOhC3LXDIaqqwFPlnv-WMaV28N7PY5sbjbiY9IYFm-S0HDpuuc8PeVFM8NV0kMecP-xDZM_-Q1rV2NaL5srGEGkrFNfid9_l47tkT1sI4BEWVek1jiJMxt38dtfokksCWJDk2phk-aTCJRiT7ehYdv2LKExlEKERXIzO6SI8L4IxbYqEhl2iRKvNIWgXbCu0jloWnoR7BW21AsUkHUMzjWfFFXVM6CvD8QYba5zcc4PcFYSNxu6zTt3m9NQkl9SHSKsdX6tw-tI6YJ-NKGPzSwyW38WLkDjoudGm62wtih2c0WYKVdFrU1TMTrew035qG5IIiiSbjaBStDHIufA4Fak2qsz8PwrpcSC68MxJe0ITeLa31k&sai=AMfl-YRrVLZr5cY6x22EvE_XKASSp48YbDwrrN7jz8xYb7q2XVvav8kQ8kFtKSXOL_k2bu3pID59YJIQT3zTJn4fz66gYxYagEIiCvVEPAgkpf2lcoLtpaEIjy-uR8vttk4O033OMUbPnQ&sig=Cg0ArKJSzL76dboWqDlDEAE&uach_m=[UACH]&pr=8:D2AA1ED61C52301E&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&vt=11&dtpt=273&dett=2&cstd=0&cisv=r20221206.39579&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcrFq-kBD8GY52spX3smPHYVAMjp1_kRDDPHgw7ByEgCSk_am1PECyABtgqWS5SI99B53XgOdJYZUdz5XUYnJEWiGJaomh_gU8Bl0PVoFI1T10MahWDZ7bn4sR-Kxw6w0dUS77c2qWRpgiZ6neYUrB2QazmzshqPl-lXmZwdZJE5LJfQk&dbm_d=AKAmf-Bh369kROoCp4WGjJT6R9EFQg6ozjeObgBBTwuTXZZpT51HESni_fWKL3ivoVLcFKBlKcyg7eikvbHmziVUr3Q70tNJhSKrsgNxaaLuBX5ZByp5D9HzPzIIG2sqmZJc0aWG1zU4QBcdtMOd2dw-rgowSsJZURxe_-cdTkF_PWAQAEvxpdLMpLdV9jAuc_jWQCp9acNtywF6hJLVnFRbPSLpBeX8WICAvdB-AqF9msHBXCCPHpDP5fy-ETlsR9iUdgbTxebbaDMiiRBpLqBfeQQSa_IiZ_SsYSj-SLyaSHcJnyCDc3ArDVGXqJW3clFB606XJYtFa8ndZTgGteZ4XKIxOz8LfG6sNKFpe63VuUVu5Urr0oo0uOBDTrUsOgOrAhlFxBFO-ZcZDMLClVa4fNSHoOTbL_fKkXo65M4QkZMbQNV6IyW7LRaLJzRdLcvCMQWhG-QwdxPsd3AFHhNXVyMae2OmtvtIGwPulGCiDRPwTKE0mj9Nrll_vtnF8tJemUpGv5DQiTNxvMtJtZLbjqEkD_HXy7Ipmeytvh6rgkbUYPN7Ua9OGvmoqyvpLOyq6HyAOpu4C8lwad08z8LpeLaiGR2UJsywSjjxoAkupXuwjinYoY0xTDqD-iSNaiuq4PE9d4FdTMUcQ1Kauh_VqDraaI9LLy6Z_VLMJvwq1YqPnD0jx6MP-4lQ9vQvP-rna5qlsE63fLRiUN4Ci9SxcOu8haMH_2yol7Tf2NLVN2btYaQ15FzkXw3I1GZEuvb4OF01hDlEh6yNiqFb3iQcyC79PAQcvh9Xy1M_dRF9uwYw1xF7o6Og4SMzuTfKKyrZOoaROs_x0w7Ml7IWOPkAzd1ldYGWZ4EOzm6ZgJR468qW_4H9NuUQ37Nrtpo0Gial0u1BRpNCzMFJ22la0FKmtC0J-aS7JLQeNdu3s6Hu5dGnLfwPunkGmTYQNK0nvP8oQoHEl_lguwna6QGePgVIUc47VRs6SYmwLYVFnpe5MeUOs_lplqDSnk09j63dgnND17brpT_B7iFBYeI9pRJk-umXH7t6hzDyBkqCBW8j65hMR8eXqUHn6exrrBzfhwj4UQ5kPHTQb7vWC68HtC1wV3lXA3weWHuVsa6Nrl3CWELBWyeieI1WOjK7Q0KBj_uWS_Oryu1kuUdoNFFTp7sCryWf204Wph36aON_8frWUm1B4ZuuoG1c7bDhqE5qPfY77m5frI1OKtIgHeAHGk-wBychfuSOVB2J7PllsMM4j5CtQAfxKFTYzCh-uVHgvWhV52m9-03FJ9glfiwhQosL0D2Crwk0o9Wvx4HgCFWZqGt5plOicJ4mGTG3SaQ56TQ7kEIlY_BtnkpuLuk9a0qUem8oKH3ZCTWp0vydDITFCwLnXdz68gH5PaLqrwn8xfqTMNsgEWotwP2AAVCjn8wL0ECV0v2aDJUzDzfIERxdmVr9su4fEgGEEqpo3_NhV37cOexj0YTjbgZ-YLMud5ve8UPl1MaYpp_vHLhTaidGlib2_BFtw4hLmoVICWb-iTDd9lOgTmsXYE3L3oIfUloqsYuNc5fPzdp3qK3tCrtAyUqDFfSNlRwexomJ9MRmZ9OSLSOsTD1JNmIl6A0xZySw-rG4FHMtjjmaJFRJ-ONIq7M1r7gZtcQfMlYz5C8xjnEz17-aeWnlAaDNscUIlwAHarLsbiEYVel9zLIUb_Y6nMZ3LwAOxDiO9G3jlWFEuDG0lqRK8_DSn0ANQyA6Wu6w7SQC7Zqsta3g2hFHU2t0WsMAuW9LOrdwum_uh9P1aCr113tM4alFWAyTe9giQGqh8LKsbkOSbxIjPTipynZj7uRkxPm53WUTjyYEn--rZ0J8mPCPRs0QIAN8VJZMyCWYtxrgle8lIXY0dSpvINmbrXqGOTnARYK0tMUg_FvRzaaDjVrqbxIsNF4Q5Flt7Ojlb63REHeay8lXrRPWsr7LX8MddTpUoO9-LjfXi2WynFcVsVdmFPxXJV5TLcqoIXCgbQZqg23QfD_lsdzxVQyvdowIsUSubIgVAWx6q_-D9LlyNob5lOjaL-k4vJPAIbbbptX9s2-d8g43a0URxSsypkcwUjUvhbYS6-LbOz-5y4lVjwjQmw3R01-OyRpvLbYz3DefuWKYUxB3rMqgIqhqi0Xje67y44UkiH2hoayb4JFOioRrHK0xliyOSx9VZiV4LRZ45mwbfe-QFARua1czVjNDXcp80I8oLxIR9-HKVGQ9jsYsK6ElPST7Y_-KQZ3LlhHl5aiRuGJou9_Fyrwk2EEymfduU7Xm18A3G99xQHErK6C47ZXJo0l20ZOONAmMScY9b0HHDf2gTklAzdSK7x2gEseNCa0PKvVANpV_EVKelQcdUhHfTWQkU-KRRgfPSAdteHVZ-iKiQvUHRfJ82ajGv0OE61I4_QSkKBiMRAxbT5ZkYRM6xU4Y1eAmp9320QBjGIwXdmuXLLJUvUUN08b8-JuKdu3P7AzXdPR_KAPtIETThc2CMkSJ7tDmy0dSStH4SJ3bvTv_MPxWjqGZf6xXmOsHHvf7v11-nLNJ39nF8Ukgwwse_vZfWwfmGOP00PFKqaX0V5Via7IPS_tSOmpytY0wcGA0yfY4Dy94er871Dc6hAHzNY-Ro7CHg9NviSv7tV_b6ncvDAoEKQcikz2zfu6UaMtGXr1f2ZrvKCYgGfbLnKbCz3EF8-m6VosVuJItm5Y1PpTLPsvKqo7dMkHYxtDxWf0qP9oDZg4dJJVv37I4EhJv4Kp_Bq8X63mhuVrQOp2uhDy2RaboYWOm8PUPAlaHmIQIMK_rdMphal3LYuxBsOvyQxYCFm6Y5ltajzuTiXNLTEeP3OHxdVTzzkk0_s2x2E6p_MTiFJTuV2RM3vycECUAK8dFTI3m-eRTjxcvfS2A5j-Im5e7S7TXhgngZZqYkrDnhOhSvQFtlwG7HQST2sgW3bv1Q1-F6zNv84zreGqs9U88OWO2VMUD8EaksRhZ-_zEFwdEGk2mILE6QKc-e-906B6LP7F29iJtTJ8XEreIuVpUh-XdHAj0msOL0oGYtMXLANSZf76f6lmepSnLhRscco5fGxHP0CgwfgPRHT1H1tOOiZiNLQRQIMUPlMkqOLZO3XnhKUj8vHytpIH1XyS8XmYo8bXu_RK2gqsKrX1TTA&pr=8%3AD2AA1ED61C52301E&cid=CAASBORo7Yg&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=0&iif=1&cor=6614179299645162000&adk=4144141728&idt=89&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4640 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf_2fCwSRBRS_os9shBp7-jsmG-6M-I8372ZfwHDmbd0aHeBjh37WNlvWLCYXHO2uVeijX3kc33Ty9zkfKXPpfjjOOa5G-XP_eTU6eBWHMQTatUk0KbGQ6AYoPYyIG-ZEY8uw5noaC1acNbQcmin9Wv724bez0SG9hPkRANnFYxZpUOS4Sv8mNwwfxg_QfwDwyUFDWX3hJH9P0ZY9slZ5104ab-3wh1Uhw-AHlzxo73G23Twg7RJFS9UjUBlRmCMLW43BzBPHOeRmPl0F_a4YTND90dIVgssecSQ2pOaW7Trjx7HTdEOeqC9nP0GZ5T1mtP1ynE9RjPVIkx5pYGNKF7DgMXxg&sai=AMfl-YTopEwD0tIOSZjcwwCY_BCV6s6pcuTwR2uOwWDfvSZj3kGhW4kKuzVrfHYFIQ3YH56zKmO0vaTLNzFZsgwOsRO2YSgxR7uDHYcWqtY4dVrj_WSlxVsyXt4lrqKxY7RG&sig=Cg0ArKJSzEfhfXglR8tuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
usync.js
eus.rubiconproject.com/ Frame FC61 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5afced3981fb228b9b567a256dbef013cdab39f40c8b929e3c0409bda2f91e7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2022 03:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9209
Connection
keep-alive
Content-Length
10067
Expires
Sat, 10 Dec 2022 03:37:41 GMT
usync.js
eus.rubiconproject.com/ Frame 0520 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5afced3981fb228b9b567a256dbef013cdab39f40c8b929e3c0409bda2f91e7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2022 03:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9209
Connection
keep-alive
Content-Length
10067
Expires
Sat, 10 Dec 2022 03:37:41 GMT
usync.js
eus.rubiconproject.com/ Frame CBB5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5afced3981fb228b9b567a256dbef013cdab39f40c8b929e3c0409bda2f91e7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2022 03:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9209
Connection
keep-alive
Content-Length
10067
Expires
Sat, 10 Dec 2022 03:37:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4B73 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
URL: https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
40732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 13:45:20 GMT
etag
48472445140208031
expires
Sat, 10 Dec 2022 13:45:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4E15 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5e702aabcb6a68a102ac86060ab9d0a6ba6d23e8145de4792758813f4c76cd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 3BE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstBio8NYgJwgpUjEltdchsH8d1Aeyw36jn3Uzgnq_XUxMHpBsLmUfmslZwNM3ou14fwKSnlsTh5ApAA3XBT87CDSOj0VamWedy2kHHhQ20Pklxkp4kyhnm27P2MKgiQyRr-BIRXIt2nljkRVTGUrMihV-M4IapLcEq_BW_0-ewDsWzfr4ni0jnXNbphOvFMBx9zlDEOIKSsNH9MI23G_Gz-4AS3qd9rgEobCi8_87r5SEzEYCqUGlL2-owZqM9tRlEb1TvCrY-RWHjiVXsnQlNWVC6eK7-4ASdbp9GtSnV6oeX8cmVpCSOYhv61VET6drU4NMWrS57NE3kH7PVHI-OPMFG18AUpU9zxjFGoELBBieCQXX8ZCFXMFk4IFUe4ykpQc6L9JPL9bbT1J1R8QzbgZFvEU9TPxxf_Akf8cu7HpLTTVNu3XUEDPAWGgB4FgiOUPUwa_G_cxpFAYTrjDnnhC-kbYQ7t1wlQAqIDG_wa2e4c1FoKdswo8hKATL95ZojgzHXGli4ym9YyGnPELkiZQEAayRcXnJqJW0K6y26lWktU0IBBIKK2WM5lRANdMfG94eW5XtdgEoEJ_HyFbj0sZRryZ_UrwPzoWmGEJELqtpzzpHDI5MIHzPilz80kVx3tI-N-GZqKi3_Ck0T8ph34t2DwbGGkf9lSN5yy844ANeeQ-d-1tJDkuhLgcINIkzdR70GryK5_N_Qh5UXcRw68JM6L9Ti392Fv3DV-8d7Z0GD-oThaBH-0X1o6Nj00oO1SxG8tpsGbMsdXpUC4s9lCzH6BLG4gAHNGL3Gr8VDRMHsZrjZAkd3bX8GoihbkmF0natMG8v_YJC7miVzR3taLZ17WQHavSQJJakxASpNCslhmZgoGQk0obnpRztsYVExaEytnLny86ZhuOOd-8EqJ07spy1o3TDxu9fa2FoGtV50AgsTuYoHYk2UIcBL8YlHZ1tMft5EAt1R24aLShYF1fa75iWRGL3FxNK3AXqKelmI-wgeh_g9Y3kc6WucDiv-Tqinb_0w8FyPaE1PtmCuv757kggtjRFJVTUhkKsSN0PHeTya8jm94UTIKVO77DlJylQzSNEIhywxxTLjlPq9qEZbw7E_hjGCwkgXi_w8ksV1IBCJ7hZPPLoWI6KmFkYKJWuzPmpAo64pzlR2cKOXNFTSbZAck7123q6AQijYVDYXkr5X84_hzpgnKVRxUFRn7WYoWsUEKE2mkdwGTnDNhnqZv35T2o8-1MbORwIQXK7M1GjgW-Uf1yF3o3jq_n_k18k1nerKJn8wpSH6YIFrAIctwCQ&sai=AMfl-YQag-K8I7SvKIq8tlAZ2NzIlRlKdJ1GD83TRCl9BNK_Tc17blEWxRLjLd3qz0oQeama-dlvsZHE3IJzdSmDtrnNekqc8b31OL7wjy7qSV74HZSP1rp1lzDI8ko1y016R7XrDEFN_Sq75i-o80xapoi11AIgPzMiXcZuJxU5_l2rNU5-rNPdDB_kzz70V5tgSaallNoGjkukY67a5qBBNTeHPwED70tQTXTDv5wHgOK-VXYXCQlpiwfNzCjW&sig=Cg0ArKJSzL0mrRspMffuEAE&uach_m=[UACH]&pr=8:FB7095CCCA75C253&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=395&vt=11&dtpt=394&dett=2&cstd=0&cisv=r20221206.25924&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbNyi4va2sCWWMnXV9xfkGWycgsYdI2G903ggP1jNDyN9XzG5kNRk1W5iPn6plIbuij9GrLxDz4UvnOueLpW46tsy17Bnx_YsxWYcbYbItlC3PEt7qjnq0irzt_1nfG8Z_dL0lmVm7KZCNDIGKdv-SLzj23vhiK8C0WoEhA4q2oVsDzc&dbm_d=AKAmf-C0rZMEBvAVtueukCDK05WunAyXsn_6iIkaiHYtT5Oemn1JYjmkla1QiRTMY0oG6AIPn7mNpZ-vPVUxL-PwfdBErZ0rigI0rDp5NezpK8Mg-0Rt4r1yoW0Hqg74PXy-c1YCZicU38husFErYoRoLqKbaESE1w30S0T0uZvUMUn50v9kwemSB7-0jTL-Kx3gewyvhWsUm76mQV19bVJSLSqnp5WwuWN0szSn7AglB_NOxNzNLg5Pd5kgmRWjEJK0c3inaLm9IdkCE5Pt_PfXo1oIA1RRXWkZ_bb_hkOFlinDSIZZkurY7HPCXEUPCtZyw5K11Zs5dtTqsWftD__mVIqhbxAmF2V0kaBmE4UJLcOY6qyvdiJmc0MzdanBd7VUtRvO30yrU9Bn5RZm6YPXHFtEDBb8mk2-bOiIxs7FNtc3VMoGUUxRl7CPCpf3rrVmrGeIagxUF-lF6Be8-nkm0S1Le045sC7BRKNy15nwJn-2YHfbiQCqaH4nscOECLv7CzdgDvxvVDLLugATq9hp-s4qyEedfhG2HUYURHq-DzvwQqqVUoO_teDe811dsebTjJ_9yhSoZSKMWr6V6kyR9ImWLJgDBX8xANi9z2GptVbEo3Xpd8rQDl7GjJ8alL7cKljCkYxqYAPPweB6K4mhoR2BtxuyzEzVe3rYTQR40wLfClA5gn0qkE6pkphjUqIiJSTl9rIeGwCRGet5LOnS7_36I6OxiKbYjPLI5YYlKT0VDDOgs7CzKt3EYEJ9pX3ig6n6jJ9hNxOhuFTKu0Hfyu2lxlqUmvWLVAWhW11ULTOF4uwRW2SCtlyupGSObP33q4TaiivkHO9a929ZvBhgaLzJHgH3i8URWk1G2tgZoRHtPS6McWngek6NVJUf5xFcJRnkVrAlWUB3_wjyAEzgkPKvt5MIxHXPADKT-RvuD1VK3pGwwvWuw5sw5iGP7hI1JWLu0W_t_n5J1FMd87w74Y5k5aqgVql33FSsJ-YiJ6Qdtv0hk2OddHxJT-oMQJjERCW7k3s4PpVZFadn53Ni0F5Fgo3DIhM_XmeBfCUF7VemLskJDcwY5rnXpBvO0M9sSwSTOF3PcGO6dN-IUJiGFetfJqOObFmxH8tIcelF1oy6A_UY_pLV-CaURy_DUBgYxZi_zHheIxqMpVRfys5V28R08Lq71O6JHcfDqL2NLvklMAx5pcLrCfGDY9r6RuoRI-NqErSgpQs_5buEDRVHLmTiwtvl9b8Io0LLSKHvRGi1hl8rdm95JigoCvnGLNNW18lqMOS4pSfD0IzPkbc2EkR0UOMRvbo3qjK5igYXZmq6ZfoHImNSAmhgQUVsSo5R-mexKEYmmeds9zCawtytujIQwzc3s7YBceGjRKps99Tj_Zhj3YtRlvLc0HWz1Qk0qRbu7Chf_aiRxhyXOCuT23HM-UeQLNO3GQO9VA5sUZMdTwO815ypxcW-XhCf7GMrQdIT_Tj51R6BDSEJdMmKEHhw3jsa_VIXFXnN5njEK01ORllx3ly_8gIZSEZdkzg1sm3djqZcb5E7PNyOWTnrDg4M8gD-fcjKbnkU7-7M6wkBkHeedUU9IiSt23-y2Z8A7lsSe2ZR_IVxHWrytK94MnfHpreGb3sFKppVaKYhX9yyRb5g9Hx2o8q4UjMY9FSZuEr1gHF4AukHq-xbX1mbaiLx-WJA1CpKXMqHi1u18s0lzraXEp9GObqlnlzB3tz99o8gjAeQT8OscR9WR-Be3Ap2WE47g_iwbpeMmJQW7NCb3gOgSNao3-QmnjjDfkwfBOH8yu_pqf2Iz14LhYsaDUVAu3prwTd4HJgLEIVyv9SfMjfMrdcQtcAroJA7gjJcJdgU5jcWa4QvIA-GL0zEayB2VGVOLd8-pYqBN1qyv2mGHSeYVIZl4D9UOStKxoM0KnGvISFcmYB9bzMsEeCXTpG6sXuD6wmqgPrtQhxyRdQBOCU8nqKBUMi-S91_P8u0pBKYD_wMxrF1mTMEhkR9P9DryIc2B99LYleuRhsWtIFpgbggDdUve49SVBQBkUayzzW7zlXijVqooleeYTafcYFhzCO2UH7VscQJ5P548gfy1C1AmXB8c4oQdrGSxblb226lyKh9BXdMnyiuk-JrKQP2E44ZRJax5im0b4i-CKegTudA2sSKBNICeWcCfjQbecA-iiDMObCjS4yFJ4x-_YpwxEzxAJkXHQCTXMLk6GqKgrkiI2HOQxbpZsYwgfrXYH1X0x2bxryD9cJBJtqz1-hg63FLJl2SE-VRf2GYyD5SjarKPhL7dLaximIj05pawsTEb-Jwpxu5I1ra3Z4Mj9eEWrTtEUrzpb_4BpAqnoZHNDaZlY-8l8fo4IS2qg17mDtUukxRwwjC3uiOrU-daLkCElfyDFFxFFlpNvUhyOTIbnWDF6i9sYK7kdMCCC747Ty58MZpIAefD7iAoJtyj5MpnJRY8H5NqSZNQZDVPixYi_6o4JInVUsa55HBSIXojcYQQLZogdk03CPWKfsuszTCIg9IpYsWhQmFKMNdZWdZ20vgjnMl9wbsuCVas52D-5JPNG-hargYQKVYOrS0EJt6SZgSlQZ25RlRarssJ4sGcvLxXVgJNHejBp-CQfzXtKFYaCuQIJdFgfd6VDogUZCIHJI_m0gRvQ7P9uhpXa0R5UwQKciErGkz6MEkpJZReUs99Q_OuZ7issmExiVO4N6876CQVhdKMmM-WRWN39hqbaZQfyVR20X98EkRjvzcpH85lJwUdnRtHEZax5MAu88soqNXVZ4zmJ_1YL-b_5XbVvgUncTMwznUHaVkSzwUoGDEriDI2wzr4GU2lDyMCvhQycTBs__STAKeDaBukMIlruYG8mG8GBnW6DQq77bsRQ3paxBdPmcX6k8OeqwsjQ-e6BAn6M7mQ-h_-H5VrY7Nkj2e7_phqggb1KqXrteUtL56-A82NKrO10lxKcLhjFZJoKa7EGzzrWnwzs33rlcGsMCzvfF2UrR5YIRXRes1KOOfwsNKB_kqvj13fsYgnjizKZzgCyGT5jr4p1rvw7UibYpZYkpd4khdTcKIXM8-oTUJqc8vMl83ZH0-fwVhQpyicm_FPYlpDAsKA9PV85-1BN3U-ymNs2eLm-SGnTVUhSVyRrV3UxZuIsG3u22pN1spYDEI8rrdNieBud46T3bNPDPC6P2p-OvsShfzKShbNQNqTqijyUWFdmw2p_Dipt5vTprj8upOn0AmZh5tiooDaKTkhAGCuDsX4NETAkJIHFjqvUeK9vtcTeo6g8PaS5AvjmcMDK7r8L08Dpp2ozBQtNj9GOHEF_EAVeea--N7Byxpn_eDIO4WwpbLRnkZk4dOCVYAsOUo4NBXGpp7cIbQZ7mkBqw&pr=8:FB7095CCCA75C253&cid=CAQSMgDq26N9GKj3KwgrQObBd4WzdpUY6fEB7WdsSMYVBPSLiiHcNGImrWwC9Xlald-fpia1GAEgCg&rfl=1%2Chttps%253A%252F%252Fbuhgalter.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3BE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto0w-zrsGSQk4xFBcoaQMGt3F9wZbnU8K7cQtGZeTY2a9YSGAPMnr7_4szNyV8XvIX75go3BgaSWF0V61FLhTTFLJpmmNC3zZvGM7zh547wWn_k4lbkqDzgxIVoVSGmA__RfAftdfg2l0mKt99nq-zY30IgYNFxvqV4Sfn445tycbVhC7jVjNa1HYEmlEJVQ2i2retF3IlPSIMj17FryanysjkNlA56BlfoXbw6fz1YfIyvH50PFWi1LW7OBF8Bs_Y5imFsjTHgYYIWixASE_blvEUTdXE0Oamp_ueE0QH9eVdaeIGZmXwPCHKrqy-WfQvjzkqwNParECCvTBWAxt9aO8V&sai=AMfl-YQcyk3u-pmazkd2x9tMZA_1Zuz8N-Bu0BM60d4Ad4ABkSVFaEDBcPpgoL4DtCtwbVbHeRp2Jkaae4RilvaJz1t6Ft3ypge4_8iIauyXwbx13gVmhB0ojgiqdFPH0Cac&sig=Cg0ArKJSzKYbULSTjHSSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9EA4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
537890
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 19:39:22 GMT
expires
Sun, 03 Dec 2023 19:39:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5493b50484546f15a91733027087c94abf47e272b42eec326e2c0b85af7c125f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3914
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:12 GMT
expires
Sun, 10 Dec 2023 01:04:12 GMT
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C63C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsMeW_Pu7DFxac2-LWMAgPSHc0Aoc5AJdlyD2K0Gf_iLI6BCL0WUIwHTexSxedxJZBqbAnN2ZI1jL-70bHe9KQSD513w9BD9lyDyi9bVQurLKJwSndI2F-T0xRpU4AyQpbtLU87rt9VLi9wRTb8IKBNhE342rwiz9u42qD-ocNtu59TYPvcrdUpKYfMF6B-3wtspBgMAG_nhIuVhH-cXGHEMBra-E3rObs0Ms8BTZm1QpoFj7hD9rYWpfKOWB4Hs7IBW-BXVfQTXXgA-TIPmcDo4_Hz48gTbTbK3z2d0kcvuXWv-492IsxKD6eurGUU69YSQGCJYorJmlhgC1yEwyDLwSVjpAItadwozhnZW1c8g9ZoBnfIYEssgJZhUnns__CBnh3R39lpIXH4MutF459dmopriom2Hptsl40ReWQyebe3xNjwBVvApIDhJro7qwqmf4sFa3vbPxVLN0BcPvtoWko4-_GUMCIrRUnF_t8lwLsoeW8Fji0c5T3U6o1DoCox0Wk2i9CaPF7IKi_A320856VasGnRRsoTc3ym_NoMRg0QIHF7hwWtzA_zrgaKOruWVLprknC_Q-YctM4bpEQpjDtR6mBd8yv-8wSp7ueoLGStjsGmwFJxpnxAQvo2F07NsClfXplmSSJh9cIDyOMadBduihVIfr8uKxXNCznzan15tWwpTQM1dIN-fiCWzMtYICPodrxpQ6mqH49DEP_QknTzIIfsuHF6Dm0a9FFSfyJCkmw18Duw-7Zvw34UeEQ6O2sMzh0XDVpWrVOZWe3fM0crVk8u3dodLPxEZGRTs1vzf3NhHfRRZnUSmFg7ZRQy02T6JuruFWo6vcT1qLzBSNTuNdYjyFCNdgdQtUXhp6Ri5voBAA3gdoOAPkygaS8rpirsj-CxkZMpWNfdwL_LUNhiucvzaCs6oySaEiLYiFP3T9dX9Im7mEUYDYxl8nSmVJJX_JhtHhyjYa566weLbPAXOSlyq8OFEVWCueaoJGpl30il9dp38oxdpqYNUhD_MoOvx-TSQyNJZcXZ-bm1MnAX-v-IqOesiwuBgpYEKyB-20wXi0MMSxEc3eO_vGbwVPfGNBF75xNXRbZexvjKCtpEo88nrNbWNko251t5qWWXT0KfGx0u-koZKH3-SQoW8sMlL1B32x5z9aoZLVsGW-k2g7BGr1Oh2gxJC7NXjz1XekX62Df12OyoxuJQu3GN4wshncNWzVQT6xVaS8QdZvzd1CvIhEOd45Md45yg5Fy_9YZsd_4Uzr-e7gWbSO6IZBLO4R0Gy2sUzyBWGzCPSKpNrM&sai=AMfl-YQTZKg2wOsRotRsFbk7glKZ2ybfvHsSeuVqE-O35QLNdyZ5TL9Hsi1VrcQtoept7LgDZnfpISVrwX5g9vC-e4Fk0ioxxzYQ6thjtqz5ssKUjL1LGLQxoMb6UqruUjX2Cw7PhVQkHNY5noP_Eu85zCdWd-paqLoGSrcJMibPCDUziYWwkLk0CgGYp93YO-Tr62rZzjbbpk2pu4TAZ-lNOTWNPLgP-AufwZIqw92drGFnNotYoBx6ljmR4tssnw&sig=Cg0ArKJSzP4YfCmCBiwNEAE&uach_m=[UACH]&pr=8:342EFD77EE6CFDBD&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=287&cbvp=1&cstd=280&cisv=r20221206.91809&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 5C55 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:07:49 GMT
adlib.css
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b62002b3aa74ee137d19b391dca8654b56dae86142648176149bc0d7b823c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1976
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:09 GMT
adStyle.css
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		5 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67aabe986491a87b3c73d96b8546ebc1992ce2da06d7582c69166d409cbd3bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
803
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:09 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 83E5 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 06:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Dec 2022 06:28:55 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 83E5 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Dec 2022 01:04:12 GMT
Line1.png
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		90 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/Line1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26257f526f756a7a174e3594f12fbfaaa9433dad761332a05f24e61af3e86269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:09 GMT
x-content-type-options
nosniff
age
225003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:09 GMT
Line2.png
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		90 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/Line2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26257f526f756a7a174e3594f12fbfaaa9433dad761332a05f24e61af3e86269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:09 GMT
x-content-type-options
nosniff
age
225003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:09 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10657
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:09 GMT
animation.js
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6c5c4d0e28b468e836a67f966c07ac27215c268525bc9fae530d983ae25fa9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1319
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:09 GMT
setuid
px.ads.linkedin.com/ Frame FC61
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBH8HXUM-1P-M3AB&gdpr=0
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBH8HXUM-1P-M3AB&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 76088366F5EC4CB2A0BBA9B77F11E199 Ref B: LON21EDGE1022 Ref C: 2022-12-10T01:04:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvbtkv4l2fu37aLDSJ5A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBH8HXUM-1P-M3AB&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame FC61
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4kDbcsEhRzGBSjbzQk2jlw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4kDbcsEhRzGBSjbzQk2jlw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4kDbcsEhRzGBSjbzQk2jlw&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GWRCE5QDB8G081D3QJK1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4kDbcsEhRzGBSjbzQk2jlw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FC61
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_LEHOJ94TwSiIYTVQhfcIA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_LEHOJ94TwSiIYTVQhfcIA&gdpr=0
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_LEHOJ94TwSiIYTVQhfcIA&gdpr=0
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6HQV20ZQWD2YZ0TPY7XP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_LEHOJ94TwSiIYTVQhfcIA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FC61
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bWb0KtYl3qqhF29---44Xcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wAlmIQRE2oLXtC7aVOhkRkwVmD_cp0rvEh2YNA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wAlmIQRE2oLXtC7aVOhkRkwVmD_cp0rvEh2YNA--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 10 Dec 2022 01:04:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wAlmIQRE2oLXtC7aVOhkRkwVmD_cp0rvEh2YNA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame FC61
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGFiZmQzOTI3ZWNiNDcwNDBmNGExOTRlNzg4Mjc1NGVjNGY4OWNkZg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGFiZmQzOTI3ZWNiNDcwNDBmNGExOTRlNzg4Mjc1NGVjNGY4OWNkZg&gdpr=0
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGFiZmQzOTI3ZWNiNDcwNDBmNGExOTRlNzg4Mjc1NGVjNGY4OWNkZg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FC61
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEH7kyHaNisHvNZfJyGSGtGg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEH7kyHaNisHvNZfJyGSGtGg&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEH7kyHaNisHvNZfJyGSGtGg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC61
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJIOEhYVU0tMVAtTTNBQg==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJIOEhYVU0tMVAtTTNBQg==&gdpr=0
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJIOEhYVU0tMVAtTTNBQg==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame FC61 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4B73
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOYtsJ5X_Fu5_EZoC067LDI&google_cver=1&google_push=ASkJ3FZ7ryMLJ5pb3wZhhNG-HKZGX0KzndLjNSkE1DPosmxGF51btgz2vW5dA0XjTFkKpj68EhoWxZQdS_CuT5EiRwAiR5Ifh0Rvvw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyNjkwNjIxMTA2MDg3NzA1NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOYtsJ5X_Fu5_EZoC067LDI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOYtsJ5X_Fu5_EZoC067LDI&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOYtsJ5X_Fu5_EZoC067LDI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 4B73 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHvu1eva6aQavXLwjDROf0Y&google_cver=1&google_push=ASkJ3FZi_onxKnNpXUNqvv57XM-5tzLCRyAduRp1jV2GFxvrlQ9XUAjVja-Q3cwLAbmdmYG6UXUssz0wtDdcMTS0VShmeSceA_apZg
Requested by
Host: 3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
URL: https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 4B73 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECYXZf3tW4zOnHRAIH6jKdI&google_cver=1&google_push=ASkJ3FaDQLTSyhgU8u8Xa7gUgQJC_ZqeW1H6CuTXQyYd_jz-QQnOX_5V_HQPtAz2eWvAvIO86MQvZ0IJcMKuaV-OBLr-9NKUbJ_Uuw
Requested by
Host: 3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
URL: https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 4B73
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOY84v3ReJ48L2Jtq07Ih-4&google_cver=1&google_push=ASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOY84v3ReJ48L2Jtq07Ih-4&google_cver=1&google_push=ASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0Uc...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOY84v3ReJ48L2Jtq07Ih-4&google_cver=1&google_push=ASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
777210af8e84dcc3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
75
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOY84v3ReJ48L2Jtq07Ih-4&google_cver=1&google_push=ASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa_YXKGlOFOr-0ILmfp_CMbbUnR4v7XdqH_-5f1M7l-ZHasqAqbG1T-W5EqX7pcQswnGt6kYZcGCgqs8JdRTdGeGvGM0UcG5Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
777210ae3d81dcc3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4B73
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPVl1hoaZRRSoZByXxOZ768&google_cver=1&google_push=ASkJ3FZeRHrDg40Sf--Ki0plmOa-PSZjVc-rvUPAqbSbE1S6x2Bhzy_0OEnDcDFNQIVQ2510cvB_8hex-BQYctp7XWKi8aR...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPVl1hoaZRRSoZByXxOZ768&google_cver=1&google_push=ASkJ3FZeRHrDg40Sf--Ki0plmOa-PSZjVc-rvUPAqbSbE1S6x2Bhzy_0OEnDcDFNQIVQ2510cvB_8hex-BQYctp7XWKi8...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZeRHrDg40Sf--Ki0plmOa-PSZjVc-rvUPAqbSbE1S6x2Bhzy_0OEnDcDFNQIVQ2510cvB_8hex-BQYctp7XWKi8aRsV3fR2w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZeRHrDg40Sf--Ki0plmOa-PSZjVc-rvUPAqbSbE1S6x2Bhzy_0OEnDcDFNQIVQ2510cvB_8hex-BQYctp7XWKi8aRsV3fR2w
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZeRHrDg40Sf--Ki0plmOa-PSZjVc-rvUPAqbSbE1S6x2Bhzy_0OEnDcDFNQIVQ2510cvB_8hex-BQYctp7XWKi8aRsV3fR2w
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4B73
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH6JZB-ZbtHD1kyt8s2eeuM&google_cver=1&google_push=ASkJ3FbWk_RUEcM3QP82-sQ88J6Ooq4f-9rOvZhPrHJISx4AOTduHq-eH573uEulx-2xbehsfsoLPtZX43elCBGbV...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH6JZB-ZbtHD1kyt8s2eeuM&google_cver=1&google_push=ASkJ3FbWk_RUEcM3QP82-sQ88J6Ooq4f-9rOvZhPrHJISx4AOTduHq-eH573uEulx-2xbehsfsoLPtZX43elCBGbV...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbWk_RUEcM3QP82-sQ88J6Ooq4f-9rOvZhPrHJISx4AOTduHq-eH573uEulx-2xbehsfsoLPtZX43elCBGbVUopym-qhckWcA&google_hm=FykArGZH0vqaiJQuTv6e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbWk_RUEcM3QP82-sQ88J6Ooq4f-9rOvZhPrHJISx4AOTduHq-eH573uEulx-2xbehsfsoLPtZX43elCBGbVUopym-qhckWcA&google_hm=FykArGZH0vqaiJQuTv6efENY
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 10 Dec 2022 01:04:12 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbWk_RUEcM3QP82-sQ88J6Ooq4f-9rOvZhPrHJISx4AOTduHq-eH573uEulx-2xbehsfsoLPtZX43elCBGbVUopym-qhckWcA&google_hm=FykArGZH0vqaiJQuTv6efENY
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
report
sync.teads.tv/um/ Frame 4B73
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECwlzGx_VqkJGvhR99ZSf4I&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZJo5kk4dd-8Xx6-fuV9Re2UiEbtu6boW2AGaGqqcrpQneUG17Ee0RPBnsQXxeqHnKE2vBVsBCz3ot4lS4mSTtzwh8M5rTL69s
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.3.109.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-109-122.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Sat, 10 Dec 2022 01:04:12 GMT
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4B73 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAjpjq6Cff2VgHp6sXyE2-n8gvO-HiY3q0LTCxW_zPdfvZnxronC0E7YnD-r_la9pG5pzHog
Requested by
Host: 3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
URL: https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 9EA4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:07:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4E15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCYzB3Joa6kudWK6do8NZr6c7HFWXg1BVIxIIffeZlebCeomJePA8g-thy4S-NZhyltQkZ3Mgh-9RVKM0JgACKvqqVDZzuUawB9fq4K4zLgkQwNfKr-ZAIjFt_myE-LeUiQRrwE8_IzchWkM9KJtwEns2gl9fl5af1p0agE4-Dqg-892cY97fzBX-QNYraCwKil7a1vqaNnAd5um9vDPPcopFgyeeJN9a1LLRE1O1v0K7GgJpm5hkkki1G2O8AO7V9lIZZNAn75quwoIoLcoJg7mARSFcuiR4MRzh5LFht328KqpV7F1PHwDWlBFcxiHL5cwpj1j6EGsJc8UCrDkdN4FoVBn3lJ0GgNQJJTMB3i-CsTANkHodl6EfPruhzmaMOvVD4LjqxB6MH9AtgRUm0kO3Gr8ZDamalUCGoO5X3W1pJJZQ2PF_DCcbhvFyAjoA_bMiLndYmm_fOrcK5u72hOH9FLtz7TzyAi0EB7NjxnvBigg1s6KsGE3ScBOpobpmioDAJINz8pzo4qGKVusw_k1JmoEOaYolzVwhZnafjt0rhEAxBDvdkMdE7ONHI6Sb8W_27CHqIW8uoAfulYNEzBTqcXp6Sjr1KMKetbG53w7wyBywA3NFIPvT-Ck5tF9-0sMsvK4BVhph__hTqdkaCOa-oIOZZCivhRbuV5NnMKKYqjr_5HgBDRJbAcbE0xZWKohmv0Il8EqGgpSjQaTXSj52jl6VKkM-7VMU6Yhg9o8oRoxJqsZYm8EeikH1rOM7ycygXc5EmimA9QLIC6bISUQASDLsdjmEuxcLRh7NQ0In6nz7ROrqM5eIDAB87_ZKWDjH-0_JOIWh3ruEVn5Fj8bGeazc5ugFreKFoaCuT2JcbLy2Uv7WeK0LrsJT-qZUe-JlzEwlL8INvdv8UXFwS6OeNzduS-1zzpWX2or3TqP-OGm-IIPgJYnKMlfFT20cS_pbQ0qe7RMH_vlxIjHHTobNUqAAAkJU0qzmwgzXI0ML7V8qy_437pLYruLVLAotFu8-H-xd0k7nL2pZBWIvig4t2ACBqBtkHsRJ_SPnNJyZdMcf8BS9Q7Jn_Do-ueBya-wzrr6QDRgMfmu8YxxHHugYhHtMeNOZIiuJYyVJDBcZ9fUWMA_MYvw_4VXnMfQQfn1aBTxLSYRkT9HJRTquGEm42RshWG-wrj7rIwZk0G88pfvia6_0MO85a9H9UxCPRqaVfUJGyf1P3-8mBTjRDyrkK5apqGsRVA8GdkwWCNbnin_z9hh7j4PWu3rfPQltCjoVBPs8jPou23drLLrNhLnX-wgrWwRpZQlWzR4YsdbGK_RuyBo7VMM413EOEsT4i3PKo_6uyJ1aKU7Bh0IhL1Qk&sai=AMfl-YRiuzcv88n7BQtuXHWyD2D-3y-lL_atuD7HiPcVtGl-eDkzeHnOTtpNIPgXhUZ9BkdgziC5mzKJCt0yncIqd4vzlU7q1mKG6DXiPSjLdvYKe5L5KFtW_MXa47GGxARAe3ErWq45VH3OIlL8ypAHnVn5X5DMxOzW6HE46AvysaDZ4gk8UI-nTBJ0h213_amLpLESa6JNqq308OrmTh0Vwz4vgcoWv2Yu3gvyK3wypwAcKCj0WyV541k5TlRyTEDxkUIgvyUBZ_QBXyX0EAa8-PDqmQHqY8dRO0nV&sig=Cg0ArKJSzM45kp-hiMdpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=337&vt=11&dtpt=336&dett=2&cstd=0&cisv=r20221206.07491&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkWnl-YGmuQtLG-IANTFNLPYe-2eSgKe2lMDCZbe09DvyXhv6IMfPIgcYj6Gi4NN00l9c9Dz3MuyLZQYAqrFdSPotGsQ&cry=1&dbm_d=AKAmf-AEpG4WMLjZ_0RegVbbq-SiK4LIhoHnW11oN-V4cejjN76BnTg5NxmcpNDNIVXuYDEI9YypVngaJ_qWUiKbm44UY9wfBhcwl3gtEyXZFT5YvxKErP9AQO7wcV3XbMafU8gbC8ZfF_ghPriNNWPf_jylhBhfTWMws7GOjPN9g3kfuAR3Ut3MwqVsItmLXf56doxy6NpckTtpveYx0t2G5TaGurVaKtIZP3nnA3bd4YLbCG0qu7kkU2IXud79vi0L7uR_v9KOqaiHjbO9HsSXI3d6LeDra7toIV5u4wpV4oYWntGEL_DhtMbzkE43lE7h6VfJhHW30BrUMcSLxzlMD1PhkCIRAZFzzNjFmGyEnYGvADrmLejcqu4wUIcB5VGdbofvgVsPEmXPvfyimMg-zWGv0ZjJ8JIzw8mle6-YbRSIWuWjyoFZ77QBNOIDXUIIRqlpHw_5rT-1eIguwZA2lLaPA4EmnBdmNSHQhbDJPnmDLVqoW4bdth3mET37WLQYENjW6iC96HzeqxPILMF4JUQx3FHahPRkjMrv70PPyIVQUkohZ2Z2fQcydAKuzkWj7tTQb4NXyA3idL_qAxyTRVqk21zpfTvUN8-ZZlIttb7lqlOFO9OKiPMesTuJjmK0npPtQ-KMIjV_TFSR5bvBwLPbsW2nmr-wX41VKhN_J-YptMwx-hDK2sv9N4mb6JLw5r2DEXU5q1qAXl3GaADO-PSg2K3dvuaLctCuCZ2SXXwN2bl4ziw8xhh2c-gjHGhEB62s4Ycr7PgqBJ0fQeyzWz_X_vVY25lFOF8LRWqhwrbkoE0P8LayNQi0ldLRATGOpKFJCgPjXyNBytGImQ36H_sGZR7vLVsdq33tg07PUgFWoam7k68Z5ffc7y4zzpbukKgDL-zWPRZjg_fiC8wp1zUfSbpFet8H5M3Gcu45D8wBf5fHg0LMa_1F-OQ2cuh7AeseWjrGdHgUu_gQ7QZLw9jd-sRNA1ymQfjbH95AleO0w4tMhC9H0i5lFx1c2bJONPqyFDyqrVWeIcYSi2OtH4g1_PpSD0ijj16FlS5wUHymWxUh10QoYPgfJwCHK_PHK9ps5KwfVAw9upFYkeYj8GSUe0GRRgTBzXnugHhqHnRl8qkaexHoT-mpEae5MvMyy-7O4gdNXsaZ4UIE_3rJJjz41iQrKxgzb4j-mRTaoLyhfq4KmOMWdkOhgkjT7LG87RWMWYqbZM0cKGwAXlB1o3OvpZvaB2cXNFP1NC2Lg_IU3eYHqTywRp-AoqQd1m-26ynoW3cpIhOyT3nLzVrT84RcLfiECbx4EnJ7b0C_5r0zfUfbf4CJg9P30PQWGSEVM1TrXYBPGNmvsGY2N4H9hhaDYqMD6C2VH1NIUsZT_CUA_jXJR1rvJpZIJQXMHadzVODTUMzAz7MaWworoYIxIjMjr5J-bJtyIZ-4I98E8kQwjsMhdWfIx10EFUvoToY70hfs9MocVapUxbIgtK836ZX6fqNIw8AYap5b-fGNEBpfw4wtYdmg0D28eNEKikG8xl5SDNPDgqio-IIVLV9uYojc8xLq-nX9_ZA7oRb52eCyrSIDDMNLhep-n1qcrqx0KZl0zIHYUHVvgbm1oaTyMvaVOilDYXnnHTkEBtkFU-Ohk8l03QiFhBk-7epEjUIO092tzXnDTFJWb1v18VMtv7hP9tUAENf8bD-SJtLlJkhd78_o2bOqD8uRVUzI5BUbhVwwfhHkct9GApseS8h2Ei0c9WYLx38ZNmr3w_DHrGqizlLfluCNp5Ax3B9hhWiD41rfHyRD_t35-rxLCcBUWKiCqJr7PwoiKQYAG4CaqbSOF0Zmi9ShOBydinPmk1MbV5CLcRVLY4hFjBFZRHiwgXm0Rrgz6hHv7wJNg5JKvD4ZxzLBrlNCtsAkK4kn8CfVQUjdoc89GzwKIxVq4A1JI1T_S-2JmPD1v6klx76UwSSckbKPa8pO1o7vnuA1jejN2JJ-gLJTwx4hCza-hjiOCMF4eywiAKM0ullQ7iC13-IsY54bIpiriRglu4VRm71246J8MDRPDas4Sq7PE-yGX3LLFQe1MPVenKW9J68SktC7INRlF6BIQTwyiKh__vCxIllJQ5KiyANlUyhSKOHIPVFlL5XrxfStGK55id9wfuFuNQyZBP8e8MKRnt0I9GEUzIe2I6HhC8YNCmUtNlCx318O9c_08-JDdrKszATp40mlJY8_Fthj8UP7tD5msJOIx8P5PlPG2I72ZTKJwapxW2BhLNn8ah76J9Qrykwrez0UPy4Arsr0o7TcVjANREgurXklYgtoRLjoimJmtnNW3koy1yU4JQQnMrbjAzGKlafZKwaHe5P2Vqt5WLmsouLUf6MXUszzStG-fl5P2fFXdlc2veZaG7wolGSRGR2uPov8AmXCa7KdKQB-OXUUMTi69FIzrzHnK8ckOtWOHGZdD3gOHu2MrNxcPcfuLfgvQnzoO0YlxBRNzvu9I2cmrXW56wYxeJqngL7YTED6VG7MsYNsxAMaVVKWuwq2PMgQI-KCZznQZkV0yJ1d_44hnW1Qmnornh29muLwvGqoWBcDLjnqhBuXdi_CcJVixJJqCf_lLGpsyJSwkMZyrYZw9GJF6CiAhU7ISj9vI37K8ltDlfGqo8CqDOPmOM0OlTLNJu1COryoZmNTuljazwuDTjmra_i_fCf6G3s_fyzC8BWTj_-i9lZdJUs5zmqU-U3yJZhj3oNh8-mWDCk0Sf55SQ7DlHFjKS4V2tO8W4HyxDqujF-MEnLKt6e1GljDLcmYtuVFEg-jyio8bnpkIYgiaUjatVFsmMO2LGJ62QyxC_qwLV6amCKS0inPMOalliibxnior-9EQxNldScKs_atRH08yJfwRNE3sWT_pXdx_ROoHgM46fhoeBcvbI2c5wLMuwx2c3m0bfx-y0QgB8ol3xHpLJvWlpon0LFPSmRK0-YgNxqykAeQJme8PjezyIb9bfSPuHX1fLKtB1hhEfPTPL6HFJgnAwcd9DguTRqw8dXOYB23OXI6vT2md1g5abUuIK3BGJRNGOwo-Dic_Za75cnZHcTBw-_suxLKurP83lUlMhNEbw1Cx4-CIGgvReBLyMWgFHOT0e5f3itH66JZazWtZYruFqz7jvfDihTCt_RQIg7wJqjxE-nwjdLoblgHAGvj8I4pCX_TOkwRLEZ3qSKH32MD_wVrZHr1T8RFP8i4e1e1iX1sUlIWSU1tfRwzyj6ezfH9lzODKRaojzRCrgFQ9pKk9cIOXwFSGjbthg2MsIT8fXNexYLUBKLqUbS0vnEEKeZR6Q-C3TsoXHpipAMIhXdhBqrTdCqmLUys5noci8KeqVOr2pPxgKWx3yQDCf7wSUjDopuGaZHgYEGCLgdyon-E5-X4IALwWt9Fktq_ZvkYx_3N0sDNOxPDlg5t2HSMG25eo6gR1RLmxIjWrmV6NTVYpbujy2H6tVGflovfnZpn5uC-gxnk-c5mThCTfDFj5RGxvAe56Pm4HreyIKpr3oyM7I5phvhrJdWlJXnAEps6_DQMblTmjcLYrjqap-q2A-Au7hqRxib9eLg-IOBEfA0Vn4Dv&cid=CAQSOwDq26N9A-gflwcmzR0kh6X7ZmgQ1a2fboykrE8KYXZ9bpfVO1U14XtGpyHMapb_JT905JB1DIZQqkQjGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbuhgalter.com.ua%2F&ds=l&xdt=1&iif=1&cor=253758944722563400&adk=2935317967&idt=86&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Dec 2022 01:04:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120701&jk=1265370031501124&bg=!4-Cl4KTNAAYgquz3AKo7ACkAdvg8WoK5SBi-Ce_fo9TrFY4BwGyYTzDFBoZsDUMsi8Ct7swtohfTpQIAAAEvUgAAAANoAQcKAMXH8csf4xsBFHzLxPER-sUHPdddxAO3XdOwb7pK5MBTm2gwFq7ei59MlwBIsswRpE-gCFbA_LkuiusSml8MdyWGF8RIX6R027t-_Xa52UxQEQdGSRpvdzExqXflux0g9BG5JMFFQ0Wpg-Yxw-FsAt_8_JMfkzp2BLJdO8Vs5bwKqyjJFjdDtRAYDVvW6F10SO9yjO7owxBYZidGc5RSQeOfVPYsUtTC4Rv3EutoS-eE2CDgWK0NDxCLmljASRqxx9nSpMpt-pkCogWp7EMmJaFSPFVjX61SLItVE3DyKYP0y7H4czDuRoK5QnfxA9mNLhUa2uNPv08lRTozHWLLeKa359o7bSMrcLvb6PPD2y67vHl9zBOPirYT1HrbtIPJi6nekA2bFriU38FWqqBBWBxATR1URfYPliHCOtfiFzeo9iriJLBCmDvOnzRvzZo4fZGhigN6a-wy9ynyWIU19qg6nQ6KJFGRGNDy6f7-v-tRzLRB5n--Wpd3SoAHq5vA97FIOhxYYAIFt0oizZV7KH5_s49ZNJO7yz4qd6FhwgwwIuB6H3YMDExeZ1bflj5jDyFBAwRCuA23X0un0_ym8jLuekxnCGUK0DEpUvbV8eZzlPghp5DppvG7eSIgBQmUobnRweZt8iR2c8iEg7pgnVHgW-2D2P6ib2QFokaQP4usDqC0PLtfKeCMfxpy8tuwxmj91TCDJIlB43CHOHMsppJfJpviyBlSHmbl0gRckTel35KlBnkPQGG4X-bvAuivLJY2Klr2qSexS2n-abzzuGKjRKuAY5XHzV-YHb1pI135LbKuuaX8wtMv7SLypDCKkE1xABYttbXD7oew8vDPawjEvQyxBh7r16YFRej7uTFvN0RXFfos40YnsRhVonb3rEfH7XuJYOZ9jPebpd0dx1LEkg0qC9nQ6s4eEZZOqEZ6jJyz2rAmC8cvGOd8ixO25lJtOhw8e_mC8Rlp8n1eUiPGSQS8YCvMDcjmDLbcSrS0xy_45aWZXOQ108Tk4iaB3VBCeG5zbN27qLjSGGzpxHFzbEc3S2rkryVhNoQxVub2jPSX6XgYjYgDICxt6Z1G6quQcGd6nvHGSeBaYNr2knQzXRWfnJf8g3ypbf0f5HPDVbS1KQh0tQK2QqU8TxCgS7fYRyc57R6FHXTu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 83E5 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df44d58bf8c6e91eb9cc06976a75862f3dfa2f8c58c2313a7003497bbc8144c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5760
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C63C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsMeW_Pu7DFxac2-LWMAgPSHc0Aoc5AJdlyD2K0Gf_iLI6BCL0WUIwHTexSxedxJZBqbAnN2ZI1jL-70bHe9KQSD513w9BD9lyDyi9bVQurLKJwSndI2F-T0xRpU4AyQpbtLU87rt9VLi9wRTb8IKBNhE342rwiz9u42qD-ocNtu59TYPvcrdUpKYfMF6B-3wtspBgMAG_nhIuVhH-cXGHEMBra-E3rObs0Ms8BTZm1QpoFj7hD9rYWpfKOWB4Hs7IBW-BXVfQTXXgA-TIPmcDo4_Hz48gTbTbK3z2d0kcvuXWv-492IsxKD6eurGUU69YSQGCJYorJmlhgC1yEwyDLwSVjpAItadwozhnZW1c8g9ZoBnfIYEssgJZhUnns__CBnh3R39lpIXH4MutF459dmopriom2Hptsl40ReWQyebe3xNjwBVvApIDhJro7qwqmf4sFa3vbPxVLN0BcPvtoWko4-_GUMCIrRUnF_t8lwLsoeW8Fji0c5T3U6o1DoCox0Wk2i9CaPF7IKi_A320856VasGnRRsoTc3ym_NoMRg0QIHF7hwWtzA_zrgaKOruWVLprknC_Q-YctM4bpEQpjDtR6mBd8yv-8wSp7ueoLGStjsGmwFJxpnxAQvo2F07NsClfXplmSSJh9cIDyOMadBduihVIfr8uKxXNCznzan15tWwpTQM1dIN-fiCWzMtYICPodrxpQ6mqH49DEP_QknTzIIfsuHF6Dm0a9FFSfyJCkmw18Duw-7Zvw34UeEQ6O2sMzh0XDVpWrVOZWe3fM0crVk8u3dodLPxEZGRTs1vzf3NhHfRRZnUSmFg7ZRQy02T6JuruFWo6vcT1qLzBSNTuNdYjyFCNdgdQtUXhp6Ri5voBAA3gdoOAPkygaS8rpirsj-CxkZMpWNfdwL_LUNhiucvzaCs6oySaEiLYiFP3T9dX9Im7mEUYDYxl8nSmVJJX_JhtHhyjYa566weLbPAXOSlyq8OFEVWCueaoJGpl30il9dp38oxdpqYNUhD_MoOvx-TSQyNJZcXZ-bm1MnAX-v-IqOesiwuBgpYEKyB-20wXi0MMSxEc3eO_vGbwVPfGNBF75xNXRbZexvjKCtpEo88nrNbWNko251t5qWWXT0KfGx0u-koZKH3-SQoW8sMlL1B32x5z9aoZLVsGW-k2g7BGr1Oh2gxJC7NXjz1XekX62Df12OyoxuJQu3GN4wshncNWzVQT6xVaS8QdZvzd1CvIhEOd45Md45yg5Fy_9YZsd_4Uzr-e7gWbSO6IZBLO4R0Gy2sUzyBWGzCPSKpNrM&sai=AMfl-YQTZKg2wOsRotRsFbk7glKZ2ybfvHsSeuVqE-O35QLNdyZ5TL9Hsi1VrcQtoept7LgDZnfpISVrwX5g9vC-e4Fk0ioxxzYQ6thjtqz5ssKUjL1LGLQxoMb6UqruUjX2Cw7PhVQkHNY5noP_Eu85zCdWd-paqLoGSrcJMibPCDUziYWwkLk0CgGYp93YO-Tr62rZzjbbpk2pu4TAZ-lNOTWNPLgP-AufwZIqw92drGFnNotYoBx6ljmR4tssnw&sig=Cg0ArKJSzP4YfCmCBiwNEAE&uach_m=[UACH]&pr=8:342EFD77EE6CFDBD&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=672&vt=11&dtpt=385&dett=3&cstd=280&cisv=r20221206.91809&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 01:04:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB65 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqC2vC9uTY4eoKryzx_APsMCOkA4AAAAAOAHgBAI&bg=!FxSlFFDNAAYgquz3AKo7ACkAdvg8Wg_nhbJINyZ1TDCqnvNEJVamaTMrUvXOrB1zl6-pBopE0akPrAIAAAF9UgAAAAJoAQcKAGEZFVW3SlHnsXpLI-WysrIg78oSzqiLUSIb1P5mhznRXowoTyzEewsPZPcuRvRmH0_rO2mwuVhnsjkMdAdZyR1bNDwaKYv5h3gGxz6g6-E-sAm9izxlVuF3Xsd_SzIGqB65mQLA4ca4OWlonyPBSCq75Xd4JogGLR13atZJ1roJaWYux8eStBO9f2QjxaUbm2MeXYgewl2airiPYSDufJ80BeNApfA-k_bCRVQPLMoP9gHRjOH0V9Jq1Ns3Z9E0R1cgIvdwmjW9YpBsCBE6oO-SV37WK4PuzI0T8H91hdBNmAVu1kEgfYKopUZbVFjq9dfc6DtihZnFWGPJi1zVjNogLBK0BOVwGcckVPn0_QGj608kym68Y_1lnm_WFOEYw3QQK7aNNBywd0NJi1sLLDCCs45KQC5NRr05cvrX01nkLtSR01LwDFGgyK3Kdq8Yj5eF4XgRlCiXbfvRbuqc3S7Gn11KXt9eHoHXK4PjCdf1V8GwkG7sm1u875NgxZQeeB9-z_PEZQ7NTW_JrlGveRLOiuMP1AFw3oRBjUkNVoDqu9Y_a8PYEy--6Spm7AZ9jcUph05rE8yuoQORbKviBfNI9sSPKE217CVyzkGmn4wU2UUhIVgIMSatdlWkhx7WRuEvgVeDn5SAyDQNrx5NINthXZUdHZg-8mgV-jTxUoSRAInA31oLMmXHriL4B6QqgHbz088j9vmmJPGC8mLsLZsgxVLu8KUq77wc4GCGVvSnpmJRlMYaCn9fGujorZFXnkKNEKexNb7C-gz-TQCoOauM5COa-Wi4O6kb-o9zEatpgd40Ps1pFY5sTL3aj0IsCUjDINuC_Kd8HdDtomipa5hF5x_htPr9mlQKJ3o8UCH3mTvA8gfgsDcZnG91j5AiYc-1KmfBZuS15SPoiK0bf67Oh0idJQJcq60hb8WwyqkdJruxjA3GniWRCRrJ1OFHgX81arOjrkCvJRufY8ZnHcVounM0a_pQ8pTCa3J0X0qSurHQORBKxnz0mKV-qlPMickRl5g4dQha62dHmdP3f2QC_rNUXDfGvM8XfzcUG2rBIDbkPl0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE3C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNroqC9uTY-a4LNmY-gb-6bzgBQAAAAA4AeAEAg&bg=!vr2lvfnNAAYgquz3AKo7ACkAdvg8WoN4hZn8W7DqfPiuc_NtbAJCPfxJFy-oltuq6af4cYly8cni6wIAAAFwUgAAAAJoAQeZAsLgdwXnqCXRQzQUkBGP9sdXUrhL6AfdQZPJEXNUDCnCQlVt5WNnAybQMt23u4LgkCbFTghrAmNou8L6XJVQZV_lxCHOpvfXgX25aG4SWdCKEsEP6gAWx8-IaPlEEIAfJo1eB6X42dTfqZtLGc9F1Yy9BVH_JJO15AAubHyC5SsX_iiW4HRGlzuqyyfnatbnYFliXZ4KC8Se0J-FFRkE2IpKp0agpEHB6nz1o0snhNGJYYxrBH82PvKyUMNMCx5brSZAZ8CUNzDjFzHIFSpcQXSxDMzCn28_etBTnzXYD3cdYvJi57CmQRRBs5qXGFoYECTEaSWj9IgraWLt6MPSv7fW_TiQxgxH6Trjgh4qzvFQGASXct6EtMPA5BsVHtiDYc8RiJMY5-hcFFmfJEImaR-bWnqwR-g5HSBtK6fMR3jnme0CcX-3JskjUvXRF3A0GKZ7HudrvcfaQeB34dUACQ6YfwwNSkEV-45gnrziq8SMXoldlUH-qqg7Odl70noVnkGo-T-fjI3EPu7D7IZ4j0vq-EurgW7LqjvjqTzlRjKFkif43JQ2RDF_fFptAjRK7s0SrKrlmWq4T9ncdjugMKVx54WLrHImXVAE-6o-hM1fD0RGXBZD5piLHec7zYnmR6MMepk3vijpzLd46VqGAZ5cG96T-ce53un6Yj7JHCK4HATyTGejVrGs-psT9W9OLQk1eg_AGy86TO7apWBLa7upG-sm6RhVFuNJDu_nQMM9_y6-QwTWjq2dMDNR1wn0vDwJ2oi73GDJlKJpOPfoA3TW34iosECfpqHXL7xDqQXG4pCMti4zFt_aH7jMBIyesfSaRltfQunzo_CVW_1oCNWlFNtW62vse27mvouqJ3wNQEq0hOiinyeqsnTxdFc0ac5a_qP_Jj4du0IjUt7xfkPv5hilY9IRbg4RP2GyVREfS8Oo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame FC77 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=buhgalter.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:12 GMT
server
Kestrel
server-processing-duration-in-ticks
833043
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Dec 2022 01:04:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C55 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsNysC9uTY6qsLpSY-ga1gKLgCwAAAAA4AeAEAg&bg=!fX6lfjrNAAYgquz3AKo7ACkAdvg8WqIlZ2KxSe1iArEoNllEosUKifQv3oHFNUMlB69TJcQH9uAstAIAAAD9UgAAAAZoAQcKACLJnty3OfQcONnhQXOA0dDcqhloYBVZrkeO4jrzjGfxWafMmQK85Lt7nBPMXV_H_mT9rOpxvGmZds5BA3peusrsYYYg8glZ1w8aen49S060CX4KfX0g--q0ca1ulMKp3V9LzdxtMuUt8VyfjzGrrwqiIHVrpJ7Q8qqnSElPoJQL4DXI7Nu_VWxXBB6u7gX2ZIbDh-kkWPTojG7i90P7lpGBJoPkbedBVwB9lU82opeUfoo83IwgImLYJWroAa6VguU6elSrrUM7rxeT-8qdmjRBiZCbIth4r5-oQyM2vM6U7k_NzKYgm2BBrkSUJqED1eaqV-nUKAow2z8M_bbxC5b4xTSIIDx7d13LFWh_xEdTDgAU4fJTNRoAA1kfUUdxZbDLhkRKymD_LcpqulPPCYaF2nlGkX7vlGOQCRbPudl8r_Ffed1I55Iyp5PjVErwmuMMJ5L0jz2LL43DmAanyaTnN9XCpAETa_9REO-4i-kHHkRQF2mY8Adf_zWGd1i1mGOvq2_v_kcmmxFNvfgrgFscxgd6WD7pb_h1SPKyMO0iwb4FJnk4shieznZTVt0iwFfsilcuTH56nTfVZXwhYvO37iC66A_CAtLojPCcefqMFmSMHp9RA6cmvqa2V-AOeyBRuwTU_nk8vYlaBTTbQ8MnbTOCIVPKFkWnjSyv80Um5dYbLY64tXvuQaHZvz4zgC_baXwXR-31Ey5OvGKGWmRN-tfCFomeWqqJ9604fA0OZmGyOGF3Ts7fSt-H6JiBL7RACtXmTe7fmvpBQySoOXiUxnSd1RULPCIm0xgRjZ7Ds2ntZ_SSZ9pp7W_98ATc0joJJr13nwcV4n0VSgWAUeUYrpFwkXu3MFYcwAbPwuhJblDC-8265WefJBD3HxdSPUWRDHff5qC-Gtfk3NpdMp6n4o9zNpoay4-U7fp0zz6al8aZLbO8nIXy4Z_rSCFqQ1jRCH7lXeubWRQs59PBbCwpuA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11834_5075_Programmaticbanner_VariousSizes_160x600_Frame1.jpeg_1669900388434_11834_5075_Programmaticbanner_VariousSizes_160x600_Frame1.jpeg
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v3/partners/5f97d957694f690006bb0887/assets/singleFiles/63877412513d867f1d29a315/original/ Frame 83E5 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v3/partners/5f97d957694f690006bb0887/assets/singleFiles/63877412513d867f1d29a315/original/11834_5075_Programmaticbanner_VariousSizes_160x600_Frame1.jpeg_1669900388434_11834_5075_Programmaticbanner_VariousSizes_160x600_Frame1.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6ff9b93f859dee3b1057bcd37675069870c1bf2532c4f06175a4f0e70791f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:29:22 GMT
x-content-type-options
nosniff
age
225290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139343
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:29:22 GMT
11834_5075_Programmaticbanner_VariousSizes_160x600_Frame2.jpeg_1669900388434_11834_5075_Programmaticbanner_VariousSizes_160x600_Frame2.jpeg
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v3/partners/5f97d957694f690006bb0887/assets/singleFiles/63877422513d86934729a564/original/ Frame 83E5 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v3/partners/5f97d957694f690006bb0887/assets/singleFiles/63877422513d86934729a564/original/11834_5075_Programmaticbanner_VariousSizes_160x600_Frame2.jpeg_1669900388434_11834_5075_Programmaticbanner_VariousSizes_160x600_Frame2.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cdcfbfb679d7c159d49557e10cd1ce6041891ba5542973dae56d1d67500d4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:29:22 GMT
x-content-type-options
nosniff
age
225290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129733
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:29:22 GMT
bgGreen.png_1669900388434_bgGreen.png
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/ Frame 83E5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/bgGreen.png_1669900388434_bgGreen.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56ea42e9abee0dee184e17c10be89ce3c54b1c59e5f643a36c76b0bea344deef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:26:23 GMT
x-content-type-options
nosniff
age
225469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2696
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:26:23 GMT
deliverooPresents.png_1669900388434_deliverooPresents.png
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/ Frame 83E5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/deliverooPresents.png_1669900388434_deliverooPresents.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5119cd6572709b118ba42b8a63800d762d60f9a0beb50c0583dbaf4815c4784f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:26:23 GMT
x-content-type-options
nosniff
age
225469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10859
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:26:23 GMT
morrisonsLogo.png_1669900388434_morrisonsLogo.png
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/ Frame 83E5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/morrisonsLogo.png_1669900388434_morrisonsLogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2d5e937f6c5374bb949676c2b77cbfe4c263bbbc16fef2f58f6b0d3fe314dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5023
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:34:10 GMT
waitroseLogo.png_1669900388434_waitroseLogo.png
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/ Frame 83E5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/waitroseLogo.png_1669900388434_waitroseLogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6842aa09453819e001f6e728ab1903111e0d51dfec2cfad3cf37b83934f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3827
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:34:10 GMT
sainsburyLogo.png_1669900388434_sainsburyLogo.png
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/ Frame 83E5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/sainsburyLogo.png_1669900388434_sainsburyLogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b19e3558f61d77fefde0bdf7f62db03dc3ccd78fceea8e1bf89762d1c81127c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4203
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:34:10 GMT
smallLogoGreen.png_1669900388434_smallLogoGreen.png
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/ Frame 83E5 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/smallLogoGreen.png_1669900388434_smallLogoGreen.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
381a124d638ab510f71d09722a1023400d0dce2be6cf0212f29c17eb4dd2255e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1192
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:34:10 GMT
smallLogoWhite.png_1669900388434_smallLogoWhite.png
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/ Frame 83E5 		975 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/smallLogoWhite.png_1669900388434_smallLogoWhite.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed4a74b7635879aa6e90938d83ac7aabb21ebbd258a62c9edbb2661d4c25918
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
975
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:34:10 GMT
engLogo.png_1669900388434_engLogo.png
s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/ Frame 83E5 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11032504/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/63467614c2dff54a7a1bff64/content/engLogo.png_1669900388434_engLogo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35e4f11d5b6195be51a9c7bce166a21287bf6820f3a6e65516f6d3d4217fcf13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=DV8NRZmbKm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6193
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 13:13:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 10:34:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EA4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1m03DNuTY58flZ6AB5S0jhgAAAAAOAHgBAI&bg=!VFelVxPNAAYgquz3AKo7ACkAdvg8WgjINf_4GwUU_Whu_Bsqg16rhMaqK5TrVMs2cvUVZfn-AD-W5AIAAADIUgAAAANoAQcKAE6hKYRhUvR00dDMZ6LTk1bzgm_QZAgoGilZxOfiCqXQT5W09slwYg5cFB4KSY_b6S2jpExMe3yReAYtGo0vzga5uaZ8-iqRJo6eN7MTyYKZAz5uJL2-a1gT33WnaxNg1HJmls2mqmgidVLr6_xPk21ND6VJAjYB4zyEgq2xmu6SGaNq3vhuaq41VaIDhKOQJsT1XRV0N_Cn5uLs2op1T1PGnWAEhIagWhsKols65zvaljCjdV4HLCXmG7NTvI62UiNWrHF98tm3yZo4Zj7vr39mTgPAugDyEr-y08itHPQZ6QU7bodw-EzGWprEaP0j_Y43K9hCdoGLNA_qg8W8M6wcZYbUIgkhLhTi3JSIdW-XkzlfKZd8hvTunk35RFD7erNyQamkDzOsOb8DD2kFcWe63J7r_IWg9tWus3iPzqaq75ZajS94UjEgplZBs5N6_0vhqQ7Jkx1JH-abjSUUJloQ5vhJspf_JCHs8BsTd1PD_qUI1wO_hivZT9T2d4dwuUws3_1QJPIWXlcfgt_DkP7F7rCN8yczKQh8T-KBqBV441xBgHa-QCa1tJJD3im-hHIlK4CCMSuUyJXGSMs3HpeisWyUA_ScVOSxKw1buEBphu8EWUMxU9TZHA2icgPP72B3tSVcyLz45md9tPOM-fkw7YRyvBtXc8g0Qr_12cRFbH1607fX60jO7atm6A8t_TLSVXAV6ou65PBXStGofhwQqJEBlt4qp3iArlh-W3dbmtqUAW9HVVwe7jIy2bnUeAZxu1JsSY-AhQ_H1lqDiah-c958pDUC-pptZ0_AHoSKiMNh4spb0J01QcYsFGZBzZG2-tJZ6uDEDm9t4c7E5bUrGh-s7pjJhlhl1N0YP9S67QByilLDru0eTsAvx1QoTkpDTe8BdVbwT0r65KxNddNO_emAHmvAD8nQ1QdTIj_N6HpO0M-FgaEWuYOhCjt7EmNeIWjLtHeH0YQkznBrZ88_ZGWtkyfWP7HCCsywr166t_HkEzyU4NFY56rB_U2Xpi4iHONW-bzoj0QgZn4osdJOdyf-U-zpx1gnZU4O9lXdctxXuROnHR5pLvKEENBs9Qc08-OeEhcjzkxOyeDJdmtvb0mHH3-XAkuTWi7L5MOop7wfa65dZDJYOf9NtKtTBuggytLFnNMabbrndzX0spmdvQlJYLv5G6Hs_tkhoe7S5LOctL5JTyNLgskGerhyyg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 83E5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 01:04:12 GMT
sid
mug.criteo.com/ Frame FC77
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=buhgalter.com.ua&sn=ChromeSyncframe&so=0&topUrl=buhgalter.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=LjK8JHxvb3ViVi8wS1FIZHJTOE1lY1ltTXU5R1k5K01peDNNV0EyOUlFTWtUbTlVQ0YwL2htbENGRnhLck1FODlSRlN2ZU1RbmdYc3FkdVZkdXNIR1dJcldVemVBbTVFZFpxNEdpZWJKOERrbS93bnRCM2d5bDQvYWh0SF...
449 B
692 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LjK8JHxvb3ViVi8wS1FIZHJTOE1lY1ltTXU5R1k5K01peDNNV0EyOUlFTWtUbTlVQ0YwL2htbENGRnhLck1FODlSRlN2ZU1RbmdYc3FkdVZkdXNIR1dJcldVemVBbTVFZFpxNEdpZWJKOERrbS93bnRCM2d5bDQvYWh0SFhGUDlwOEZFNE5acGJONFZWY1BXYlVveDh1Q3A2bStTRmR4dFJPei9HTnVMRFRacFI1clFRUks5RlBJV3R5eWx3VVl0RTJ3WHlGV0FvWWJHSHBnTTJ6OC9SdDhiVWwrM3ZrNnVYTmNyMUxnUE5hMlp4ZktiNk9VZW04YWtPQWtaaDhycEQzRnJQVk5WQUc5aTBkN1F3QWdtK2ZQTzJjU2grcXZ4MzFQMDFKQ0RkcGpZQUdpaz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c961dd23c6794dec53379e15052d8b369e302a27d66d8d9e1e5b20147a21cf61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2107379
expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=LjK8JHxvb3ViVi8wS1FIZHJTOE1lY1ltTXU5R1k5K01peDNNV0EyOUlFTWtUbTlVQ0YwL2htbENGRnhLck1FODlSRlN2ZU1RbmdYc3FkdVZkdXNIR1dJcldVemVBbTVFZFpxNEdpZWJKOERrbS93bnRCM2d5bDQvYWh0SFhGUDlwOEZFNE5acGJONFZWY1BXYlVveDh1Q3A2bStTRmR4dFJPei9HTnVMRFRacFI1clFRUks5RlBJV3R5eWx3VVl0RTJ3WHlGV0FvWWJHSHBnTTJ6OC9SdDhiVWwrM3ZrNnVYTmNyMUxnUE5hMlp4ZktiNk9VZW04YWtPQWtaaDhycEQzRnJQVk5WQUc5aTBkN1F3QWdtK2ZQTzJjU2grcXZ4MzFQMDFKQ0RkcGpZQUdpaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
355647
content-length
0
expires
0
stratosdeliveroo-regular.woff
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/stratosdeliveroo-regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f60710f6e068b35323439bfa0c7db81caf2796d43b9edc5d5cffadfcc7b80dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43644
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:10 GMT
stratosdeliveroo-bold.woff
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/stratosdeliveroo-bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35059cdc43401fbcf730189eb26b53bbda8e45d58f16b89c2d236b6bbe6d839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45640
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:10 GMT
stratosdeliveroo-light.woff
s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/ Frame 83E5 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/stratosdeliveroo-light.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a14b003ffe0e950c19ee590ea71d46f6ba7faa8412ac5442f95ec9df010751d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18118561696149667840/160x600-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 10:34:10 GMT
x-content-type-options
nosniff
age
225002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43352
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:04:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 10:34:10 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 6654 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 10:07:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4640 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHl0GbyDy2Rp_n7Mjz720-xSVmK6Wz983wB1U_C8dwFKJuwvTku-0qFnz1TQGtdA05cGqz19I12r8QEQMNX6dGHsiTS_LGZo0&sig=Cg0ArKJSzBKQu33_jbpVEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670634251553&rpt=573&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4640 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjWA9myauoI1D7hVlKiL62c7pzib8jOsZOz0AXpLPH728yAgYyoS1IqxevySvoAlpedMSqjBP4Ckr6fMboZ0185mGxZbIz04itgQo48P6o-SEnu0ER&sig=Cg0ArKJSzKK3Ka3OYohKEAE&id=lidar2&mcvt=1007&p=40,436,130,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1472868681&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670634251553&rpt=567&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3BE1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXWTFZ4WihjRREK7AMA3ydLEALR6QHRWBh8ot8zXByHFPiBx1JSfB3n3OKkbMnnbQOA57FTAGIR2ISE451Wv68jez2XL2GA_Y&sig=Cg0ArKJSzJkreciyhiBIEAE&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670634251588&rpt=632&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3BE1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssVEXiDfn0XfGRJwb2vzCIq0apkjxsaXdX3FAR0P3Yc5dG09u1CE8vGUCTLwx2VQY5z8oSvglgr8Iy-ugiQNo2nlkM8spFxCzY6CygE9f-bb6lsl0c&sig=Cg0ArKJSzHwfwydIlZmDEAE&id=lidar2&mcvt=1001&p=1110,315,1200,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3757304322&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670634251588&rpt=629&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4640 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=259802368155&version=m202209210101&ct=76&x=8&cor=6614179299645162000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E15 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4329997009960&version=m202209210101&ct=76&x=1&cor=253758944722563400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lato.woff2
cdn.gravitec.net/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/lato.woff2
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:28 GMT
date
Sat, 10 Dec 2022 01:04:13 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-36dc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
content-length
14044
x-proxy-cache
HIT
sourcesanspro.woff2
cdn.gravitec.net/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by
Host: buhgalter.com.ua
URL: https://buhgalter.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer
https://buhgalter.com.ua/
Origin
https://buhgalter.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:29 GMT
date
Sat, 10 Dec 2022 01:04:13 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-1e44"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
content-length
7748
x-proxy-cache
HIT
266733644.jpeg
cdn.gravitec.net/images/users/1641839148018958336/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gravitec.net/images/users/1641839148018958336/266733644.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cd27dc3c0cc40b5e5691a2317a7a03e4189fa6d32becac6f390a0dceccb80205

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Sat, 10 Dec 2022 01:04:13 GMT
last-modified
Tue, 15 Jun 2021 13:39:31 GMT
server
nginx
etag
"60c8ad93-2343"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
9027
x-proxy-cache
HIT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C63C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=770106640604&version=m202209210101&ct=76&x=8&cor=10056946384595310000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hbw_master_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://buhgalter.com.ua
Date
Sat, 10 Dec 2022 01:04:12 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://buhgalter.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
484913
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbuhgalter.com.ua%2F&domain=buhgalter.com.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=bIOnB3xNSVFLaVFCRDduZUwyMDZTbXkzYzdnK0pGMGhQaUUzMnpkNTBiZlRHUGc3WTMvV2RCTDU5cHM0RTBveGFrekdpUTl5bHoxa3pQRDJsTFQ0RVExRHhBQ1lQaHZkY2p5VWpIQjlpaFQ0RWpZbTRObG1Nc2hJWUMvSl...
458 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bIOnB3xNSVFLaVFCRDduZUwyMDZTbXkzYzdnK0pGMGhQaUUzMnpkNTBiZlRHUGc3WTMvV2RCTDU5cHM0RTBveGFrekdpUTl5bHoxa3pQRDJsTFQ0RVExRHhBQ1lQaHZkY2p5VWpIQjlpaFQ0RWpZbTRObG1Nc2hJWUMvSlNWYTZZZUVVTjhsSFExSGdTQ0s3SlVmMHpMeGYvVGl6ckVNU2VtbzczbUR6TFNESHViMEdwNVV3d01iSWZZeThwNTM3M1FsYWczcE9NZjBoYU1aNVdOWEY0ekJFSERxSTRsTVNROFpROEc2TGpmMURvTTRScnNmS1FaamovQUs0dnJ4VzlFK01DaVlCR0xLWXJ1M1JQK3JHSlZCaUUvbTZsaGx1V1l3Z3lUaTVXQnR1YUZZST18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
083fa684d90e47c33fdf5d7e07c390f3f41b29f33f4524ae0b1d141c168b98be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1687985
expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=bIOnB3xNSVFLaVFCRDduZUwyMDZTbXkzYzdnK0pGMGhQaUUzMnpkNTBiZlRHUGc3WTMvV2RCTDU5cHM0RTBveGFrekdpUTl5bHoxa3pQRDJsTFQ0RVExRHhBQ1lQaHZkY2p5VWpIQjlpaFQ0RWpZbTRObG1Nc2hJWUMvSlNWYTZZZUVVTjhsSFExSGdTQ0s3SlVmMHpMeGYvVGl6ckVNU2VtbzczbUR6TFNESHViMEdwNVV3d01iSWZZeThwNTM3M1FsYWczcE9NZjBoYU1aNVdOWEY0ekJFSERxSTRsTVNROFpROEc2TGpmMURvTTRScnNmS1FaamovQUs0dnJ4VzlFK01DaVlCR0xLWXJ1M1JQK3JHSlZCaUUvbTZsaGx1V1l3Z3lUaTVXQnR1YUZZST18&cppv=2
access-control-allow-origin
https://buhgalter.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
628043
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
spl.zeotap.com/ Frame D5F1 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec867bdc2eeb4e673bafda0b3ad6b7d24b7bdb1bbc788cf0d516540957bd4e93

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://buhgalter.com.ua
cf-cache-status
DYNAMIC
cf-ray
777210b85a9275de-LHR
content-encoding
br
content-type
text/html
date
Sat, 10 Dec 2022 01:04:14 GMT
server
cloudflare
vary
Origin
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A757 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139548
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 01:04:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 11 Dec 2022 15:50:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1888 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Dec 2022 01:04:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 26F0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
733
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
777210b85f260763-MAN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
Sat, 10 Dec 2022 05:04:14 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
cs.html
cs.seedtag.com/ Frame 749F 		50 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.134.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62533bce9accb17502e412cdef6558ac7375e50e1b6fc089f56606c0b6484a0d

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
777210b84dac54bd-MAN
content-encoding
br
content-type
text/html
date
Sat, 10 Dec 2022 01:04:14 GMT
etag
W/"070f12ccb828f0086664e3a8a79da837"
expires
Sun, 11 Dec 2022 01:04:14 GMT
last-modified
Tue, 29 Nov 2022 10:41:06 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1669718466035149
x-goog-hash
crc32c=ot0TbQ== md5=Bw8SzLgo8AhmZOOop52oNw==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15213
x-guploader-uploadid
ADPycdt_SQ8FjVgg4hhWFyIVdf_qOcR_hHyEWsDV8i29SzAFrv5PM_qCM6oIEd2K2S1wTacgK9FmfAZ3FOlWNGphdVYmWg
checksync.php
contextual.media.net/ Frame 7412 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ad9ca7a448f744531777d57cf4565a5ffc47603bfa635125ef9f7e08ab3fc64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://buhgalter.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8184
content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
Mon, 12 Dec 2022 01:04:14 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=922da23c-eac1-4899-a75c-f8fac669c957
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=922da23c-eac1-4899-a75c-f8fac669c957
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://buhgalter.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:13 GMT
Server
Adtelligent
Etag
d250fe5fe2f6a8f4
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=922da23c-eac1-4899-a75c-f8fac669c957
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 1888 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5afced3981fb228b9b567a256dbef013cdab39f40c8b929e3c0409bda2f91e7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2022 03:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9207
Connection
keep-alive
Content-Length
10067
Expires
Sat, 10 Dec 2022 03:37:41 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
fb6762d0a7d3826432b354736ebd833016630c0093d34c9d2458e6023f5a66e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Sat, 10 Dec 2022 01:04:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
getuid
ib.adnxs.com/ Frame D5F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame D5F1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=5c7b0e2b-35f2-441c-aaa6-685650eec00f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5c7b0e2b-35f2-441c-aaa6-685650eec00f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210ba6bd075de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=5c7b0e2b-35f2-441c-aaa6-685650eec00f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame D5F1 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame D5F1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8%26reqId%3D2e3a43a5-9217-4c9f-416b-3499aafbad0e%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame D5F1 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1670634254.310732,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4253-LON
u
dmp.v.fwmrm.net/ad/ Frame D5F1 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:5::148 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Cache-Control
no-store
Expires
0
Content-Length
0
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=06A04779-43F3-4475-A739-FC7237D2B8B2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=06A04779-43F3-4475-A739-FC7237D2B8B2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210ba1b8d75de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=06A04779-43F3-4475-A739-FC7237D2B8B2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
date
Sat, 10 Dec 2022 01:04:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=56eaf0bc-7bef-4f3c-b854-3c6acc3a6505&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=56eaf0bc-7bef-4f3c-b854-3c6acc3a6505&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210baec2375de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=56eaf0bc-7bef-4f3c-b854-3c6acc3a6505&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=19585317114617064883151097815292063724&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=19585317114617064883151097815292063724&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210baabf875de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v045-027dff91d.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
RjXAzipJTl0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=19585317114617064883151097815292063724&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame D5F1 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7175319484515088528&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7175319484515088528&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210b9fb8075de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7175319484515088528&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame D5F1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=apQCafiyIu9lF/KUqExnJe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=apQCafiyIu9lF/KUqExnJe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210bb6c8d75de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
last-modified
Sat, 10 Dec 2022 01:04:14 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=apQCafiyIu9lF/KUqExnJe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210baec2475de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tpid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame D5F1 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.210
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-ttshpelE2orBsQ8YHpG9jm4TaoVtLb0PsQ--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-ttshpelE2orBsQ8YHpG9jm4TaoVtLb0PsQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210bb6c8f75de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-ttshpelE2orBsQ8YHpG9jm4TaoVtLb0PsQ--~A&zpartnerid=570&env=mWeb
date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=2Sp3QfXblD%2FgPKeGv7Qxp6zABtT14JBh%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=2Sp3QfXblD%2FgPKeGv7Qxp6zABtT14JBh%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210bb6c8e75de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=2Sp3QfXblD%2FgPKeGv7Qxp6zABtT14JBh%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame D5F1 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame D5F1 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.4.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-4-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n004-dub-prod.krxd.net
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1670634254
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D5F1 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Sat, 10 Dec 2022 01:04:14 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5PbDgAC0ltmmQAF&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-349...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5PbDgAC0ltmmQAF&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361&_test=Y5PbDgAC0ltmmQAF
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210bbfce575de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-lcy-eglc8600058-LCY
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670634255.683557,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5PbDgAC0ltmmQAF&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361&_test=Y5PbDgAC0ltmmQAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame D5F1 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-36.fra60.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
9fRxXDWr4FsYEd8_XhojDOI8oxCaXg-r1qWrBqPBEnbbQkLS3PZkjA==
x-cache
Miss from cloudfront
usermatch.gif
beacon.krxd.net/ Frame D5F1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafb...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.246.4.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-4-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1670634254
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
date
Sat, 10 Dec 2022 01:04:14 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a005-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame D5F1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-500...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-500...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GA54114TSCF3P3MS4EQZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GDNQCX1AGMZ5Y06PSFY8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame D5F1 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd0fc2...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210bc4d1375de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
date
Sat, 10 Dec 2022 01:04:14 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf...
  • https://mwzeom.zeotap.com/mw?cid=LBH8HXUM-1P-M3AB&env=mWeb&zpartnerid=1770&gdpr=0
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LBH8HXUM-1P-M3AB&env=mWeb&zpartnerid=1770&gdpr=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210bbfcdf75de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LBH8HXUM-1P-M3AB&env=mWeb&zpartnerid=1770&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame D5F1
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be5...
95 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210b95b2275de-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame D5F1 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
777210bbbcbc75de-LHR
access-control-allow-headers
*
content-length
95
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bIOnB3xNSVFLaVFCRDduZUwyMDZTbXkzYzdnK0pGMGhQaUUzMnpkNTBiZlRHUGc3WTMvV2RCTDU5cHM0RTBveGFrekdpUTl5bHoxa3pQRDJsTFQ0RVExRHhBQ1lQaHZkY2p5VWpIQjlpaFQ0RWpZbTRObG1Nc2hJWUMvSlNWYTZZZUVVTjhsSFExSGdTQ0s3SlVmMHpMeGYvVGl6ckVNU2VtbzczbUR6TFNESHViMEdwNVV3d01iSWZZeThwNTM3M1FsYWczcE9NZjBoYU1aNVdOWEY0ekJFSERxSTRsTVNROFpROEc2TGpmMURvTTRScnNmS1FaamovQUs0dnJ4VzlFK01DaVlCR0xLWXJ1M1JQK3JHSlZCaUUvbTZsaGx1V1l3Z3lUaTVXQnR1YUZZST18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
517107
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame B6CB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbed15c926feff62cf0164eb206b223b7f87bd5414724994d92137f352db5b3

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
777210b96e783607-MAN
content-encoding
br
content-type
text/html
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCEUmRPe2kh3LqFxkv07UWbdI0gn5vvBHzStUbH1WvQTr2legXO%2BTlfNr%2FhmndyTHIJQ2WqKzLZurzd5iNzHzUtujvNd1lPVNJAn4K8FayH6vKRFll8ku62MvxzaEopJ0Ci6%2BDjmP2b%2BCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5297
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Dec 2022 01:04:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 10 Dec 2022 01:04:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 1CFB 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Sat, 10 Dec 2022 01:04:14 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 62CB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139548
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 01:04:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 11 Dec 2022 15:50:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 6CEF 		61 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1670634254234&pubconsent=&euconsent=&hasConsent=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 01:04:14 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame A131 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP007 /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
server
33XP007
x-33x-status
2000208
isync
visitor.omnitagjs.com/visitor/ Frame E71F 		0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 01:04:13 GMT
expires
0
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame 1023 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
v1
match.sharethrough.com/universal/ Frame E91E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.155.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-155-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
s
s.seedtag.com/cs/st/ Frame 749F 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame 749F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7879528663438692187
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7879528663438692187
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
AN-X-Request-Uuid
16ceaef2-0232-42db-afb6-2a11fa760c4b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7879528663438692187
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/ Frame 749F
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
HTTP/1.1
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:13 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
outbrain
s.seedtag.com/cs/cookiesync/ Frame 749F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
90
Content-Type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 749F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame 749F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_user_id=${BSW_USER_UD}&bsw_param=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=seedtag&bsw_param=cf2ce370-54e1-4ed0-8314-7296e5e3ca80
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=cf2ce370-54e1-4ed0-8314-7296e5e3ca80
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=cf2ce370-54e1-4ed0-8314-7296e5e3ca80
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=cf2ce370-54e1-4ed0-8314-7296e5e3ca80
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
spotx
s.seedtag.com/cs/cookiesync/ Frame 749F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=905fb18b-7826-11ed-a823-...
  • https://s.seedtag.com/cs/cookiesync/spotx?channeluid=905fb12a-7826-11ed-a823-1e1d47870306
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=905fb12a-7826-11ed-a823-1e1d47870306
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://s.seedtag.com/cs/cookiesync/spotx?channeluid=905fb12a-7826-11ed-a823-1e1d47870306
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
113
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 749F
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Sat, 10 Dec 2022 01:04:14 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
date
Sat, 10 Dec 2022 01:04:14 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame 749F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=249286
  • https://sync.search.spotxchange.com/partner?source=249286&__user_check__=1&sync_id=90600017-7826-11ed-97f3-10a0cca80306
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&us_privacy=
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=%24%7BGDPR_CONSENT_229%7D&uid=CAESELfvQCttagTA04LSu0a9NjU&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
//match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
60
Connection
keep-alive
Content-Length
0
improvedigital
s.seedtag.com/cs/cookiesync/ Frame 749F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=d39a4126-c329-47b9-bbd1-80f99b7ae25b
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=d39a4126-c329-47b9-bbd1-80f99b7ae25b
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=d39a4126-c329-47b9-bbd1-80f99b7ae25b
access-control-allow-origin
*
date
Sat, 10 Dec 2022 01:04:14 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame 749F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y5PbDNRdFZhuTg-R4CxyqgAA%265214
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y5PbDNRdFZhuTg-R4CxyqgAA%265214
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPNbMfQl0G%2FqL%2BwiJ0HPRipvxEPFfiQJ5%2B8MZFK6dMBAvTdud7zUAH%2BnbO0DEdJhxMqh38WzQ%2FNRQkoY1KORtaMzzr3NT8o%2F5axSwDwJNAMo69QrimM2jtZZ8QCwUWXOZpn8XVYOd9zh0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=Y5PbDNRdFZhuTg-R4CxyqgAA%265214
cache-control
no-cache
cf-ray
777210b96e7a3607-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame 749F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-k6ZOdqFE2uEEqLxUw.iAmsg58homBCMg36O2MfU-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-k6ZOdqFE2uEEqLxUw.iAmsg58homBCMg36O2MfU-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-k6ZOdqFE2uEEqLxUw.iAmsg58homBCMg36O2MfU-~A
date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame 749F 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
server
nginx
content-length
43
content-type
image/gif
pixel
ap.lijit.com/ Frame 749F 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9741-9206-01&pc=PL&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 10 Dec 2022 01:04:14 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
692.json
id5-sync.com/g/v2/ 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19336/hb_299506_4371.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
76e13840d9450858db8a043047e6a7c1318aeb0d414000110fac4dbf4947c590
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://buhgalter.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://buhgalter.com.ua
date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 62CB 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16507361&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0c377a1d62309a2b4870545ab7bdaba93972d7acc1e7081a9d8b8d71c23e1353

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 01:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/ Frame B6CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5PbDNRdFZhuTg_R4CxyqgAAFF4AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAK4p2fR1BaxmR0eaVVBnJE&google_cver=1
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAK4p2fR1BaxmR0eaVVBnJE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzZS2fq9audK1gO%2B3X%2ByO0ZPUxfR1are2WZHxu91t9ZBjw9YhVE7GdGfOSeNl1Ut2OH5dtlt28xhWh5B9RHeamhyN3qEDW17c1nppZeSfpM0R5gtd8WmGtnDymlPyhfQTGPSjO1Vmq%2BLzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
777210ba9b2654cf-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAK4p2fR1BaxmR0eaVVBnJE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B6CB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame B6CB 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5PbDNRdFZhuTg_R4CxyqgAAFF4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9ENGWHCRRDPP05J0FA2E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y5PbDNRdFZhuTg_R4CxyqgAAFF4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B6CB 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5PbDNRdFZhuTg_R4CxyqgAAFF4AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B6CB
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19BB082665E744BABD109FC0D9A8023F
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19BB082665E744BABD109FC0D9A8023F
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19BB082665E744BABD109FC0D9A8023F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 09 Dec 2022 01:04:14 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B6CB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame B6CB
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Sat, 10 Dec 2022 01:04:14 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame B6CB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame B6CB 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5PbDNRdFZhuTg-R4CxyqgAA%265214
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbuhgalter.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
9271
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
777210ba8d2b188f-MAN
content-length
43
expires
Sun, 11 Dec 2022 01:04:14 GMT
match
c1.adform.net/serving/cookie/ Frame D145
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 017C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9d56393-db0f-4600-9e1a-751385bc52e1&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9d56393-db0f-4600-9e1a-751385bc52e1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 10 Dec 2022 01:04:14 GMT
Expires
Sat, 10 Dec 2022 01:04:13 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master zrh-pixel-x31 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b9d56393-db0f-4600-9e1a-751385bc52e1&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame EB7A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1116023227903885191
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1116023227903885191
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1116023227903885191
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D0B5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
Sat, 10 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2030037
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame BEA2 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=BF2C0561-AF87-4F40-BD86-9AD38468566B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 10 Dec 2022 01:04:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4C95PAY1HFM621NCKBMV
Pug
simage2.pubmatic.com/AdServer/ Frame 2F8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7879528663438692187&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7879528663438692187&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
39746a38-bc7d-4d93-bec5-d92c069a9561
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Dec 2022 01:04:14 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7879528663438692187&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 2283
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 33D2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7175319484515088528&gdpr=0&gdpr_consent=
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7175319484515088528&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 10 Dec 2022 01:04:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7175319484515088528&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 3161
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DtGgHntqSzphZzaM56-wRdmKxGU
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DtGgHntqSzphZzaM56-wRdmKxGU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Dec 2022 01:04:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DtGgHntqSzphZzaM56-wRdmKxGU
Pug
image2.pubmatic.com/AdServer/ Frame 05A9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZC1VN0hKN1lBQUI4Z3E5QmRrZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADd-U7HJ7YAAB8gq9Bdkg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADd-U7HJ7YAAB8gq9Bdkg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADd-U7HJ7YAAB8gq9Bdkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4296682362736574570&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADd-U7HJ7YAAB8gq9Bdkg&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADd-U7HJ7YAAB8gq9Bdkg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 10 Dec 2022 01:04:15 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADd-U7HJ7YAAB8gq9Bdkg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0C0E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5PbDgAADuq_cQAe&gdpr=0&gdpr_consent=&_test=Y5PbDgAADuq_cQAe
1 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5PbDgAADuq_cQAe&gdpr=0&gdpr_consent=&_test=Y5PbDgAADuq_cQAe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 10 Dec 2022 01:04:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5PbDgAADuq_cQAe&gdpr=0&gdpr_consent=&_test=Y5PbDgAADuq_cQAe
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lcy-eglc8600058-LCY
x-timer
S1670634255.642500,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 5F18
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 10 Dec 2022 01:04:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
_
i.match
a.tribalfusion.com/ Frame 2AA6 		43 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
777210ba896176d5-LHR
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
generic
match.adsrvr.org/track/cmf/ Frame E42B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670634254544
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6882786710
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6882786710
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 10 Dec 2022 01:04:14 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 10 Dec 2022 01:04:14 GMT
etag
RX669bc10efb974c33b6367f29a72ab53d003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6882786710
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame EFDF 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 10 Dec 2022 01:04:14 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-283d62b9571c@version_1.531
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 369E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 962D 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.83 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-3
gdpr_consent=
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame D14E
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhUXnjaTjjMWnMQST
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Sat, 10 Dec 2022 01:04:14 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.8.210

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhUXnjaTjjMWnMQST
pubmatic
s.seedtag.com/cs/cookiesync/ Frame 16B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=BF2C0561-AF87-4F40-BD86-9AD38468566B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 10 Dec 2022 01:04:14 GMT
server
nginx
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 62CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vywFYa-HT0C9hprThGhWaw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=139548
accept-ranges
bytes
content-length
5549
expires
Sun, 11 Dec 2022 15:50:02 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8d146393-db0f-4400-ba8e-cee3effab749
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8d146393-db0f-4400-ba8e-cee3effab749
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
MT3 180 1fd3e2d master zrh-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8d146393-db0f-4400-ba8e-cee3effab749
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 10 Dec 2022 01:04:13 GMT
generic
match.adsrvr.org/track/cmf/ Frame 62CB
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkYyQzA1NjEtQUY4Ny00RjQwLUJEODYtOUFEMzg0Njg1NjZC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEBDRudu1KyajM925TmWHWM&google_cver=1
42 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEBDRudu1KyajM925TmWHWM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEBDRudu1KyajM925TmWHWM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 62CB 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 09 Dec 2022 01:04:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4543388391959651126
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4543388391959651126
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4543388391959651126
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 62CB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322324126358985&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cf2ce370-54e1-4ed0-8314-7296e5e3ca80&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
BF2C0561-AF87-4F40-BD86-9AD38468566B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 62CB 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BF2C0561-AF87-4F40-BD86-9AD38468566B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BF2C0561-AF87-4F40-BD86-9AD38468566B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HdquntxE2uWy.6ykWCyyCs4NEl47BB0-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HdquntxE2uWy.6ykWCyyCs4NEl47BB0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HdquntxE2uWy.6ykWCyyCs4NEl47BB0-~A&gdpr=0&gdpr_consent=
date
Sat, 10 Dec 2022 01:04:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 62CB 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BF2C0561-AF87-4F40-BD86-9AD38468566B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 62CB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7026906211060877054&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7026906211060877054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7026906211060877054&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 10 Dec 2022 01:04:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:eb895fdf-6bf3-4bed-9b49-7d55119a96e0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:eb895fdf-6bf3-4bed-9b49-7d55119a96e0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:eb895fdf-6bf3-4bed-9b49-7d55119a96e0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 10 Dec 2022 01:04:14 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 62CB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7879528663438692187
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7879528663438692187
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 10 Dec 2022 01:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 01:04:14 GMT
AN-X-Request-Uuid
d1816b56-bd33-4bb9-8729-9e5530dbcaea
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7879528663438692187
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5297 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.125.24.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-125-24-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5afced3981fb228b9b567a256dbef013cdab39f40c8b929e3c0409bda2f91e7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2022 03:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9207
Connection
keep-alive
Content-Length
10067
Expires
Sat, 10 Dec 2022 03:37:41 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 1CFB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:c::1737:6e2c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Unused62
8096267
Date
Sat, 10 Dec 2022 01:04:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 11:31:40 GMT
Server
AkamaiNetStorage
ETag
"49623d3e5c04865dd012dafa25c82381:1645098702.977678"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2929
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame 1CFB 		61 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
598686e7213f278bb341e3194022b4355d1cd95818eeb224ea48ca10e96144cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Oct 2022 08:45:26 GMT
Server
AkamaiNetStorage
ETag
"e887ffeb10fe1e5e78f4cd0280a52ce6:1666255728.542245"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13713
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame 1CFB 		152 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5af3136530a33e7ac536f9e52da58b6d4419b30baf4eb6fe14462fc516643ce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 01:04:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Oct 2022 08:45:26 GMT
Server
AkamaiNetStorage
ETag
"89c36d3d06737a5284fa51f4d50162e5:1666255729.181322"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4196
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5297 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LBH8HXUM-1P-M3AB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SPug
simage4.pubmatic.com/AdServer/ Frame 62CB 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 01:04:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| oncontentvisibilityautostatechange object| __o function| $ function| jQuery number| dayMs number| cb string| vpbSrc string| gptSrc object| c function| loadScript object| gptadslots object| googletag function| catfish function| gtag object| dataLayer object| gravitecWebpackJsonp number| _subscriptionStrategy object| vpb number| docDate number| cntDocs number| _docDate number| y object| Cookies object| _fbq object| google_conversion_id object| google_custom_params object| google_remarketing_only function| b64EncodeUnicode function| b64DecodeUnicode object| _fpFactor object| name113now object| AccountsManager function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments number| getInterval object| recInterval number| recTime number| _recTime object| sock boolean| reconnectCheck number| reconnectCount object| available_smile_codes function| getNode object| textarea object| messages number| nowUsers function| calculateMessageRest function| sendClickFunction string| client_ip function| reconnect number| scrollflag number| mmsgcount function| readMessages function| appendMessage function| prepareMessage function| sendMessage function| getRandomInt object| validation function| getCookie function| trim undefined| jQuery111107037884364953049_1670634249534 object| jQuery111107037884364953049 object| google_tag_manager function| getUrlParam function| checkEmail function| getPageScroll number| mDesign function| create_popup boolean| ab object| config_accounts function| SockJS object| paramsArr object| paramCurrent boolean| searchText number| unf number| uef number| utv number| wsf number| ctrl number| ctrlCheck object| GravitecConfig object| Gravitec object| WLPush string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq object| vmpbjsChunk object| vmpbjs object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue object| FB object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| google_optimize undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| __buffer object| Criteo object| litHtmlVersions object| google_image_requests object| GoogleGcLKhOms object| send object| googDdmPs object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

124 Cookies

Domain/Path Name / Value
buhgalter.com.ua/ Name: leads
Value: a%3A1%3A%7Bs%3A13%3A%22subscr_source%22%3Ba%3A3%3A%7Bs%3A11%3A%22create_date%22%3Bs%3A10%3A%222022-12-10%22%3Bs%3A6%3A%22source%22%3Ba%3A4%3A%7Bs%3A10%3A%22utm_source%22%3Bs%3A6%3A%22direct%22%3Bs%3A10%3A%22utm_medium%22%3Bs%3A4%3A%22none%22%3Bs%3A3%3A%22url%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A11%3A%22refererData%22%3Ba%3A2%3A%7Bs%3A11%3A%22refererPath%22%3Bs%3A25%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%3Bs%3A7%3A%22referer%22%3Bs%3A16%3A%22buhgalter.com.ua%22%3B%7D%7Ds%3A2%3A%22ga%22%3Ba%3A1%3A%7Bs%3A3%3A%22cid%22%3Bs%3A36%3A%22ecac884d-9d32-482d-88ff-2c0f31c9a2e0%22%3B%7D%7D%7D
.buhgalter.com.ua/ Name: jNEblsd
Value: 1
.buhgalter.com.ua/ Name: __fp2_f2
Value: mNsHQ76LV7943jUXvwQLFRgaEaNKNQtd
.buhgalter.com.ua/ Name: h2tfm4K
Value: 1
.buhgalter.com.ua/ Name: _faguid
Value: mNsHQ76LV7943jUXvwQLFRgaEaNKNQtd
buhgalter.com.ua/ Name: __factor_utm
Value: %7B%22utm_medium%22%3A%22none%22%2C%22utm_source%22%3A%22direct%22%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%2C%22url_path%22%3A%22https%3A%2F%2Fbuhgalter.com.ua%2F%22%2C%22refer%22%3A%22%22%2C%22site%22%3A%22buhgalter.com.ua%22%7D
buhgalter.com.ua/ Name: pageCount
Value: 2
.buhgalter.com.ua/ Name: _gid
Value: GA1.3.599105427.1670634250
.buhgalter.com.ua/ Name: _gat_gtag_UA_35985798_1
Value: 1
.buhgalter.com.ua/ Name: _ga_6VVQ37Y1T2
Value: GS1.1.1670634250.1.0.1670634250.60.0.0
.buhgalter.com.ua/ Name: _ga
Value: GA1.3.1938217506.1670634250
.buhgalter.com.ua/ Name: _gat_UA-53572572-5
Value: 1
.buhgalter.com.ua/ Name: _gat_UA-35985798-1
Value: 1
buhgalter.com.ua/ Name: cbtYmTName
Value: otmAy8aAmICUlMOSl8DDx5qSwZOXxJaQgN/e
buhgalter.com.ua/ Name: _pbjs_userid_consent_data
Value: 2024371239917068
.buhgalter.com.ua/ Name: _pubcid
Value: b4ed2348-a92c-4033-8185-cc1fbc9719ef
.buhgalter.com.ua/ Name: _fbp
Value: fb.2.1670634250371.591693563
a4p.adpartner.pro/ Name: apuid
Value: 922da23c-eac1-4899-a75c-f8fac669c957
loadercdn.net/ Name: vui
Value: 8f510be5a8784b73a77f99ae9d649e73
.doubleclick.net/ Name: IDE
Value: AHWqTUlbFiE_f_1xsQsnFd-pgg2maRXGf5KV_UoqJqFLViIfIlWfUWpHeT6HL3nzZn4
.buhgalter.com.ua/ Name: __gads
Value: ID=5218e73bd70a3ea0:T=1670634250:S=ALNI_Mazp6AUr2YG9-wj-PuJnHzilgwBqw
.buhgalter.com.ua/ Name: __gpi
Value: UID=00000b90674afbdf:T=1670634250:RT=1670634250:S=ALNI_Mal2ujJOZR5CfNoZIXbI9N5dSKE1w
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AFbe8Gb9tkx3h/wV
.seedtag.com/ Name: st_uid
Value: 52eb37cd-1a63-442c-b672-3cbb8ef3ff4f
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBLaW5nZG9tJmNvdW50cnlfaXNvMj1HQiZjb3VudHJ5X2lzbzM9R0JSJnJlZ2lvbl9uYW1lPU1hbmNoZXN0ZXImcmVnaW9uX2lzbzI9TUFOJmNpdHlfbmFtZT1NYW5jaGVzdGVyJmxvbmdpdHVkZT0tMi4zMTg2JmxhdGl0dWRlPTUzLjQ1MDcmemlwPU0zMg==
.rubiconproject.com/ Name: khaos
Value: LBH8HXUM-1P-M3AB
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpS7YuiCy/N3FqbBgMWySGKoH1GQZR6kuhWaHhWVROLZ79BTJwiAl4Ne8x9FX/SGzLD4PlHyE3qACYbB5SW5XQ3vWRd+B4fy7Gma+WVcS1g3g==
.adtelligent.com/ Name: vmuid
Value: d250fe5fe2f6a8f4
.adtelligent.com/ Name: a307558
Value: 922da23c-eac1-4899-a75c-f8fac669c957
.casalemedia.com/ Name: CMPS
Value: 5214
.casalemedia.com/ Name: CMPRO
Value: 5214
.adnxs.com/ Name: uuid2
Value: 7879528663438692187
.sxp.smartclip.net/ Name: uuid
Value: 0d843ca3-0cdb-9363-3a3d-19e068abca07
.casalemedia.com/ Name: CMID
Value: Y5PbDNRdFZhuTg-R4CxyqgAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%uh.OX3!]tbPl1M>e)ZlrFUfJ+tGXxoPY7qROEXo+/Rm<r2DEuBIOSv$uao7XQt8nT3*bpRz*qF1`*b_AE*#60d
.sxp.smartclip.net/ Name: dspuuid
Value: 10.CAESECIkPCcP1Dni00L1QRGmm7Q
.sxp.smartclip.net/ Name: psyn
Value: 19336.10
.lijit.com/ Name: ljt_reader
Value: FykArGZH0vqaiJQuTv6efENY
.turn.com/ Name: uid
Value: 7026906211060877054
.quantserve.com/ Name: mc
Value: 6393db0c-8920b-93b6a-e20b9
.de17a.com/ Name: guid
Value: 1.1116023227903885191
.criteo.com/ Name: uid
Value: 1e1124a9-e5e0-41dc-a365-df0c92047082
.yahoo.com/ Name: A3
Value: d=AQABBAzbk2MCEHumoES9SmjMSg7npJUtTZcFEgEBAQEslWOdYwAAAAAA_eMAAA&S=AQAAAofDziIeP0AfiCby6LolKPg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6a69542c-aa2b-40b1-8c53-14f685cdd619"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzA2MzQyNTI7MjswMjGOuz4R6+Sr0SxGjyMDVtMJIVpJQFRRkgJlNgkb5NjrHg==
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2543:u=1:x=1:i=1670634252:t=1670720652:v=2:sig=AQGQlAdGF3PDypTdjcOPgRZRB7vrXkBR"
.amazon-adsystem.com/ Name: ad-id
Value: AzTtj18N2ES2sCM1TBgTneA
.zeotap.com/ Name: zc
Value: d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8
.zeotap.com/ Name: zsc
Value: %D7%F8%1E%CF%FDN%CE%16%D7%FE%A0%9De%DA%CE%0F%EC%EE%AD%A2%B6%A7L%CB+%AA%E7%B8%92%5E%FC%5D%C0%AC%F8W%3C%0DawY%25qL%29%FC%F6%29%22%9F%BD%A3%26%90%17%60%19%E8%05%F0%93%9D%04%23%DA%F6%40%FD%F4%AE%DA%14t%A8%8CU%96%AD%3E%BC%23u%DA%9C%60%B5%B7%CB%A6%DE%E736%BC%80%B0%C4%02%89Bbdg%94%3A%3D%8AN%A2%0F%139%B1%0F%B9%AD%D9%A1%F5%1E%EA%F1%CB%5D%3A%AEz%97%DC%1F%1BYq%C5%95%85ed%F5EOR%C5%05%9B8V%F7%5C%80%BA%2CA%95%9Eg%E7%9BU%BAE%F7~%E7%D5Q%21
.bidswitch.net/ Name: tuuid
Value: cf2ce370-54e1-4ed0-8314-7296e5e3ca80
.bidswitch.net/ Name: c
Value: 1670634254
.bidswitch.net/ Name: tuuid_lu
Value: 1670634254
.tapad.com/ Name: TapAd_TS
Value: 1670634254318
.tapad.com/ Name: TapAd_DID
Value: 5c7b0e2b-35f2-441c-aaa6-685650eec00f
.adfarm1.adition.com/ Name: UserID1
Value: 7175319484515088528
.ads.pubmatic.com/ Name: KCCH
Value: YES
.buhgalter.com.ua/ Name: cto_bundle
Value: FxO1CV9FTk1YVCUyRjJLJTJGQ2taSFlWMzY5dXA0Q0tXYXBDemhnZWJkczZTTVVOeGRBelh5MWROZk5xbWZrQ0h3cGFXbXVBUkclMkYzRHhmRm5kOTZlYVdXS2oyTUdkVnIwZnlUbGh4a3lvVGQlMkZ5ME9GS3l1QWRVJTJGZ2lHWm1GUWo3R3pYcWxmVmxpeHp5Sk1EQ0ZLUzQzemElMkZtbjNTJTJGdyUzRCUzRA
.buhgalter.com.ua/ Name: cto_bidid
Value: zOor8V9NNU54UnV2ZUt5Y256R1EwNzdKMnlSTUtiUmZHNjNORmlyY09LSmJsalhBUElyTUs3TTZUOWxud3RQdiUyRlRJdkxKY3ZOSDZrQiUyRkRTYlh4aSUyRnBHc0VYemZPVDFsUFdLSHRweVdadDZKNDZLcDRrYkhjQnB2VTZ1R001byUyQlBJSmxa
.360yield.com/ Name: tuuid
Value: d39a4126-c329-47b9-bbd1-80f99b7ae25b
.360yield.com/ Name: tuuid_lu
Value: 1670634254
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BF2C0561-AF87-4F40-BD86-9AD38468566B
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 157743:2
.pubmatic.com/ Name: DPSync3
Value: 1670716800%3A174%7C1671840000%3A197_219_201
.pubmatic.com/ Name: SyncRTB3
Value: 1671840000%3A243_99_55_166_251_22_234_56_233_165_220_238_71_88_161_54_3_8_204_13_7_176_21_81%7C1673222400%3A203%7C1671235200%3A2_223_15%7C1671494400%3A63%7C1671926400%3A35
.demdex.net/ Name: demdex
Value: 19585317114617064883151097815292063724
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tidaltv.com/ Name: tidal_ttid
Value: 56eaf0bc-7bef-4f3c-b854-3c6acc3a6505
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EJwBDgHjJ4EO-TA
.weborama.fr/ Name: AFFICHE_W
Value: O7loPUBYVZU756
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.dpm.demdex.net/ Name: dpm
Value: 19585317114617064883151097815292063724
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjYytzK0MAIAR5NOcgkAAAA="
.simpli.fi/ Name: suid
Value: AA240FDCE9E24A1A82988E2903947609
.spotxchange.com/ Name: audience
Value: 905fffcb-7826-11ed-97f3-10a0cca80306
.richaudience.com/ Name: avcid-zeo-uid
Value: d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8
.adform.net/ Name: uid
Value: 4543388391959651126
ads.playground.xyz/ Name: connect.sid
Value: s%3Ai-KonTKal3K58IYKLLsaTAr99qnYftDB.VHJvIty7ks5xkvO52GfthXiooZdSZjhJPlbs5weoOC0
.adsby.bidtheatre.com/ Name: __kuid
Value: eb895fdf-6bf3-4bed-9b49-7d55119a96e0.439848254
.mathtag.com/ Name: uuid
Value: b9d56393-db0f-4600-9e1a-751385bc52e1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7879528663438692187&KRTB&23339-7879528663438692187
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7026906211060877054&KRTB&23150-7026906211060877054
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7175319484515088528&KRTB&23278-7175319484515088528&KRTB&23369-7175319484515088528
.csync.loopme.me/ Name: viewer_token
Value: a0354316-f7d2-4923-96e6-f9ffbb29d62e
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4543388391959651126&KRTB&23263-4543388391959651126
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-669bc10e-fb97-4c33-b636-7f29a72ab53d-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.agkn.com/ Name: ab
Value: 0001%3AbtAUORsd7PuwUG%2BvGe8bNl56yysRNGbu
.analytics.yahoo.com/ Name: IDSYNC
Value: "192z~28rd:18z8~28rd:19ah~28rd"
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b9d56393-db0f-4600-9e1a-751385bc52e1&KRTB&16736-uid:b9d56393-db0f-4600-9e1a-751385bc52e1&KRTB&23019-uid:b9d56393-db0f-4600-9e1a-751385bc52e1&KRTB&23208-uid:b9d56393-db0f-4600-9e1a-751385bc52e1
.pubmatic.com/ Name: SPugT
Value: 1670634254
.krxd.net/ Name: _kuid_
Value: PP5rpvAI
.tribalfusion.com/ Name: ANON_ID
Value: aInv7yqkaHbBykt9ZbOq55fKZbnNZd7wyDuBcJq0iEH8AlgfHWMg5BHV6qXZcWeaiFE6TTkasrr6bIA33Zb6aRn0iSvctgFWktgCxiF5VF5DkZbdiH7pC66OIZb
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEBDRudu1KyajM925TmWHWM&KRTB&16514-CAESEEBDRudu1KyajM925TmWHWM&KRTB&23025-CAESEEBDRudu1KyajM925TmWHWM&KRTB&23386-CAESEEBDRudu1KyajM925TmWHWM
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP&KRTB&19420-u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP&KRTB&22979-u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP&KRTB&23403-u8vl2-ma7IugwOXavZrx0b6a6omgne7Y78HD6huP
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1116023227903885191
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5PbDgAC0ltmmQAF
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6IjI0OTI4NiIsInNwIjoyLCJpIjp0cnVlLCJscCI6NzAyOCwidXBzIjoiIiwiZ2NzIjoiIiwicGwiOls2NjUzLDg0NTksNzU3Nyw2NDA5LDY0NjVdLCJzaWQiOiI5MDYwMDAxNy03ODI2LTExZWQtOTdmMy0xMGEwY2NhODAzMDYiLCJzb2wiOjcsInNsIjo1fQ==
.bidr.io/ Name: bito
Value: AADd-U7HJ7YAAB8gq9Bdkg
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMTS
Value: 1179
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5PbDgAADuq_cQAe&KRTB&22978-Y5PbDgAADuq_cQAe&KRTB&23194-Y5PbDgAADuq_cQAe&KRTB&23209-Y5PbDgAADuq_cQAe
.onaudience.com/ Name: done_redirects200
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjE0MjM2tbC0MBXiM9QtT6nKNyuJKkn1LCkEAEv91oQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjE0MjM2tbC0MBXiM9QtT6nKNyuJKkn1LCkEAEv91oQlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5gZmxiZGpiZmkGAAEaspIQAAAA
.fwmrm.net/ Name: _uid
Value: "a162_7175319484508023350"
.seedtag.com/ Name: st_cs
Value: ZpgnwXDlAc4HMVds0tQmgDtS0S3Vh2S3MrA0Cizq9QebLNNdB+v6K8rY/dQ7dLhdznPu759miYmlM+pGisKPHjautEKq2ZMXsBXlQl1l7n9psM9WJEkvCPYA+mIm/WUnQLQLIrA0xIZ7hyADyTbOpH4suRl72Dr9jXKczpy42TIj1vGvOOYwkxjjYs0qrurVniV4dcKO0XkKnrkKeYjjvqjKjmVyKbvWcNsUqTxeKOJhFpS7XLFlH8tQowBD+KSwE3pFJHm0o/+I2Vyq9ctUmGFDiAvHDVUm+FlRj1HbM4brDvbT/YlG8Ls+wvu037gs
.seedtag.com/ Name: st_csd
Value: 1670634254698:1670634254698
.onaudience.com/ Name: cookie
Value: b0c095d819ba6938
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-cf2ce370-54e1-4ed0-8314-7296e5e3ca80
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0ed1a01e-7b6a-4b3a-6167-368ce7afb045.eatiUhZ2Iz0LcbE3U6UUYrlCcHPBa4p0xXzgHFvYAAE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ADtGgHntqSzphZzaM56-wRdmKxGU.%2BLyUij8Bqz4rapD72xtTg8Is0TrpY67V%2BjoyGD4%2BoBE
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-DtGgHntqSzphZzaM56-wRdmKxGU&KRTB&23334-DtGgHntqSzphZzaM56-wRdmKxGU&KRTB&23417-DtGgHntqSzphZzaM56-wRdmKxGU&KRTB&23426-DtGgHntqSzphZzaM56-wRdmKxGU
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 302d067f67c27a5b
.smartadserver.com/ Name: pid
Value: 4296682362736574570
.smartadserver.com/ Name: csync
Value: 127:AADd-U7HJ7YAAB8gq9Bdkg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADd-U7HJ7YAAB8gq9Bdkg
.pubmatic.com/ Name: PugT
Value: 1670634255

8 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googleadservices.com/pagead/conversion.js(Line 28)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.kiviads.com/8d39819b61aa03f45b0ece15913fb28c.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D739302%26extuid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhUXnjaTjjMWnMQST
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d0fc2f0f-be58-4c3b-5003-4bc6a0bf3ce8&reqId=2e3a43a5-9217-4c9f-416b-3499aafbad0e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b6e531fe308ed3a74b1158979346217.safeframe.googlesyndication.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ads.playground.xyz
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
analytics.factor.ua
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
buhgalter.com.ua
c1.adform.net
c2shb.ssp.yahoo.com
cdn.gravitec.net
cdn.indexww.com
cdn.jsdelivr.net
ced-ns.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
cs.admanmedia.com
cs.seedtag.com
csync.loopme.me
csync.smartadserver.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
engine.widespace.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jsonip.com
lb.eu-1-id5-sync.com
loadercdn.net
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
reactive.factor.ua
region1.analytics.google.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s.zmctrack.net
s0.2mdn.net
scontent-frt3-2.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.kiviads.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.ipw.metadsp.co.uk
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.125.24.254
104.18.134.145
104.18.33.19
104.18.36.94
13.32.99.36
135.125.160.77
136.144.183.196
137.74.6.209
141.94.171.212
141.94.240.143
141.95.98.64
142.250.185.130
142.250.185.226
15.197.193.217
151.101.130.49
159.65.196.12
162.19.138.119
162.55.236.225
172.217.16.194
172.64.151.162
172.64.154.237
173.231.178.83
178.250.0.157
178.250.0.163
18.159.155.47
184.24.4.64
185.172.90.252
185.184.8.90
185.187.81.40
185.187.81.41
185.255.84.153
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.80
185.80.39.216
185.83.142.19
185.86.137.132
185.89.210.244
185.94.180.125
193.0.160.128
195.5.165.20
198.148.27.139
198.47.127.19
198.47.127.20
2.18.235.93
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
212.82.100.182
213.155.156.183
213.19.147.44
23.3.109.122
23.35.236.201
2602:803:c003:200::27
2602:803:c003:200::41
2606:4700:10::ac43:db6
2606:4700::6810:5814
2606:4700::6812:18ad
2606:4700:e2::ac40:850f
2607:ae80:5::148
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c02::9c
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::3
2a02:26f0:1700:c::1737:6e2c
2a02:26f0:6c00::210:ba1a
2a02:6ea0:c700::10
2a02:fa8:8806:16::1370
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:24:b002:d133:9dc2:a783:2cd2
2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d
2a0c:5c81:5142::2
3.126.56.137
3.248.100.224
3.69.94.253
34.102.253.54
34.107.148.139
34.111.131.239
34.149.50.64
34.98.67.61
35.157.246.167
35.186.194.101
35.204.74.118
35.210.239.72
35.214.223.115
35.227.248.159
37.157.6.233
37.97.131.40
45.133.44.3
45.133.44.4
45.79.77.20
5.161.54.172
51.222.80.231
51.89.9.253
52.19.187.82
52.206.63.211
52.46.151.131
52.94.223.167
54.228.118.174
54.246.4.228
54.74.181.165
54.76.134.229
54.76.69.248
54.78.254.47
54.85.128.169
54.93.177.113
62.149.1.122
67.202.105.22
69.173.144.138
69.173.144.139
69.192.160.219
70.42.32.159
72.251.249.9
80.77.87.114
80.77.87.163
85.114.159.118
95.170.82.90
96.16.141.156
98.98.134.242
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
02bc0e96a3d50029e72d03e578932cc00bd7d5aba37809c4605ac466e74b3def
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
05e53a3421a2a994ba6c1f48f951c2441c5553e8295b49e2e2a57cb2db3c8eb8
060bb8520b20eb55d3627c997fb70a310ee7340fca81019d845ec4d411f1f28d
061543b6ada60edddffd9f7c3f5a4fd1fa7c37e0f023816dbe1a8d4091daf49e
07ab47c07bab62e7d7ff7bc8ec64936785a7e488438074dd3510227aa5c466b0
07b382d14e2714223655f23745e8bfad2b87de32d3bc5d145403ed07dbcce891
083fa684d90e47c33fdf5d7e07c390f3f41b29f33f4524ae0b1d141c168b98be
087dbe10c41f9e7dac1560fe02cb969b1c50ba098cf8355ffe9f71b18654037a
08dc98899bc6fbc694aaaec07ac1f34770124445cba8c3cb03122fe9700d8f5b
08e04409d774299c7ac6fbbd18203bb89d0febac102760ed40a76864a6bb4066
0945e4fad72d0c08a7eeb945cd19a38c4e1b159550a38336f397fd408223b8ad
09bf76bf9a693f6d1ff70fb63a0f530e6d880240a4cf8b53baa070cb244852c0
09cf7684a243dfc294f30f108a7a97ad7807efebc4699aeff4baf8b94c65d749
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0afa182359f8943e7833245bea17bb97c3967d31fad99a184f40a4786ca6a039
0b19e3558f61d77fefde0bdf7f62db03dc3ccd78fceea8e1bf89762d1c81127c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c377a1d62309a2b4870545ab7bdaba93972d7acc1e7081a9d8b8d71c23e1353
0c593b478bac40d4bd1c30ccf349c6e118c347e0ed9881ff7e70a7c5de86493e
0ced1f4816edad827c2a498b490f27cd9c2b0b49e8b8526ee781fe5d95f137d5
0d69f1278d6e4a0029b7768f07efe1d3b12162e7c4f29aa8f361fa076af045dc
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
0ed7cd554ca7cb94be6dbc4389419a530515554a6608a1ee1cfbd5b973055ad0
0ffd12e87c755a6cf030c1b418b55d8d51e5a65d2d5a15f485befcc3ef74e7e9
110b303089a71f1b1c392a22406acdad508b9b0d39a1f39626827e86f3a5a78f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
157566a22df7ac8bfdcc48afbe9f286224ad388423eb469c916d0cdbd4d2ccfe
159210f9ceb6561cae10aa34238d9c3d4a601a5ac825ff6d9f3e669d8bd0df0e
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
1810d9c1288f29c14d6559eddee941e2f350dd1f563562d921378125144e5482
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188fc2045c73ceb0931b06357ec5c0a8c0b93045b831c79e557c25e4c8959d01
18b058a41e2f6de6a40523cce3f8db85012c43d27d7739f0637abe5d4f0cc301
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
1c920ac2b555f154391dff84dc42ef4599ada15b7ddfe9a0e6d0cc8d2a4b57a6
1cbed15c926feff62cf0164eb206b223b7f87bd5414724994d92137f352db5b3
1cd795d06d23422370a772ff4f11b2149589c1ef15e91de8194d92403ca2ffdb
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e18095b9d6ac7a64d0acc19a7691ceac4bb92f0da943acbe4183c75ab07f27e
22b6842aa09453819e001f6e728ab1903111e0d51dfec2cfad3cf37b83934f8f
22ef740962bc0b112be9cf31438b5f65689bee5ea052a5538cf05d959cd4d96c
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
242a6a20d12524c488c29a5678ed09c6852d9a920325874abb53824a50d8cafd
24d2d062a3432cd4d5b5079a056eaa1c0267f7ac8299bbff426395d70d081f2d
259c000134f1b62928de5c6c5b2fbd055aa9c1133a3d95ae6794acf455f86458
26257f526f756a7a174e3594f12fbfaaa9433dad761332a05f24e61af3e86269
2625f168921e25e175a1eb02f6c077b322efd6379d492ebad72f0622613b8eb8
2643b493d883208f3991775760f86fefee5127efc6a99fba86c08419dcb921f6
26a3f227747bef076f84745aff171a08badd022bfbe1f74197dbca9bc443354b
2794e4bee8b85e3e25f439d6e2eff996da14eee39f04ccd2ab65436562be1fe9
27bf5587dcdf6b46c008ea961d5a4792d2d7b8cdff11db21f9251425e4c1c20b
288835374ed109b25201404054a5ef98cfd02eb8f6bb2a1cea16a89af9b9ab52
296a988d4d9033be4c070388508bd7d4e7e2d149bd3f985ef21bf8de7cff2f9c
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2c30bce9316a009e9a17785731b7c5b52af0e3f3f162efbc5787513b54cea138
2d27a1810a9c43b17603247c2757dba5e852432b29416d66de79bf6a3bbd1fd3
2d4a003558108036d5e1e3364d37a5cd86359cfdb46fdba413cee4cb2903d45c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee69f515b17f5b570b287e1d92f35e94e76139440dbd97db70805430ffda58d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30376b7a02d8985207312e83f0bc075af15ba72c29eb50ab402cc11653cd240d
3061a71d8be14bbf325156cea941da0e53ef184eef60c14331e15b4145b4dc7e
30ba9045c27675eeddd69564add4e731cdb9fc7f913db3f608d4fc1b7d0a4cd5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35059cdc43401fbcf730189eb26b53bbda8e45d58f16b89c2d236b6bbe6d839b
35e4f11d5b6195be51a9c7bce166a21287bf6820f3a6e65516f6d3d4217fcf13
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36bfcbfb8c235969f901acae944343611139ad8fe2ab577e907cbd2ca7cbef55
375869b0de81c6e3af30325ee0289b01e70554d5139eca722f1bff4fdff83c45
381a124d638ab510f71d09722a1023400d0dce2be6cf0212f29c17eb4dd2255e
3832e80c2f4bae18db01d9ff72307093f4e91b1cfb838166fc401c2507fdd85b
3971a86564fe25b2262b78bf830d8af076f7cde4fe7b2167585b38571b3f180a
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3b9f8220667138d557e4ab43615c43de5f6845bbf1b0c31636304c94107f8525
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cf551965abb3907196d630825291b27d1b77dd499bbbf12e07905a25afcf59
437b62002b3aa74ee137d19b391dca8654b56dae86142648176149bc0d7b823c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4902e624cd797af0488835da96a262162484d4e181fde9b7e271dae74ead71fe
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df54930b77e169f8fe3c37810a4ebcd2bfcf377d924e0d905814bec27d6f8cb
4e3f8d43d16f1c9e0757fa04cb28fe7d6602f040b947bfcb098dc7004ff945f0
4e70ecfca477097016402b383144895768062f4740740417f203207a3e8db059
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f9695de838f580539a55fb51b39700729e469625f429ef612e7e3173bd004bc
4fa18ae7faa4c864e0c14d23b00a46e5cb48f7509335d3d9ece052ff93c328d5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5119cd6572709b118ba42b8a63800d762d60f9a0beb50c0583dbaf4815c4784f
52b55ae47fb6f7ce41328be63dce372ff1e2c28be04a4d1e7a3ba68152acfa7c
52db729bbfda2646c18d63f4ad32c8bb07ab396a30c8cd49b22d0481af5310c2
52e5aa30fbcd4f762fd828571b6d91b0ac214112c4c7cea30d137f4aef3c521a
52e9fa27ccae6d5e0fa1a5ba57af999d6977b7e03e2fd3e7381ba4304469f3f8
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5493b50484546f15a91733027087c94abf47e272b42eec326e2c0b85af7c125f
55809c03d4d0109d1247e7f4e6fbeb3a801b5349f689f7191490fcb429882ff9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568b7d3cf2e53fa57bb78d9e1a20c1f00de65c62b3ca9ad4c168b88a0a62bba9
56ea42e9abee0dee184e17c10be89ce3c54b1c59e5f643a36c76b0bea344deef
56fd9e7b808ff385aa584431865f3cf5999f8c5877c0c5fb80b555b689292aaa
57433e1293341458165bf38974563d349e5c2116f089af926afe7bf6a4e4a49c
5833f676a69a7385d07b129f61b2545762ac94c5691a5c8fc82b1eff66d74737
598686e7213f278bb341e3194022b4355d1cd95818eeb224ea48ca10e96144cf
5af3136530a33e7ac536f9e52da58b6d4419b30baf4eb6fe14462fc516643ce0
5afced3981fb228b9b567a256dbef013cdab39f40c8b929e3c0409bda2f91e7c
5b1f3a1a548da7198749700d9599957f9d63fb1d94489fb4dedc67839471c34c
5e1055767f6d4ebc018c9e2386d3ca843ce1cc24daf9add01c652a15b7fdaf4d
5e58f8b78b478aa2523320955716f96d184525be8139482eefb612d1250693fd
5fbcc4ff94d56fb37b33e838466308a145e902acc9640acbfc529e7fe88f3d34
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62533bce9accb17502e412cdef6558ac7375e50e1b6fc089f56606c0b6484a0d
625614d0c74d2cd49b55966090b740556a74d6f81fab60a6ba40cbeb2a328ebd
62e3c56b865e6dbbc780c6eaf200a8feb37b6bdbc7e7c34754b7cc95c4e280e3
6356465097a91fe7436546d26b9a0575a5092cdea33572d65d1ee447777890c5
63d2f7149362366cdb1bc6f7c39b97c89d597b1d29a27071ac0b74d94895096b
64264632b26710afdd63acd3b513f61f0ee6d6cac6b05187ea835f63201d8083
6689b10d16d6c6f738c2fae6e209c53d7b4ad2d597ba712e0ecc2f1852a280ac
679449bd06f6cbbe46b129b5009ce6b490d323677b02fac4a62b10bdfc678ddb
67aabe986491a87b3c73d96b8546ebc1992ce2da06d7582c69166d409cbd3bc4
67ed8bdd90963f7ea344f9ba4797400b312447b092830bda8d64c3ba59630fc7
694282a54518a5f1fa5813f34f2f060fa5fb63dc4bee848405258ff77bb65ebc
69768ececc08139a577e3382f14cdec2f0c549663ab259f280e2f83e709065a2
6aa60dd23a74b3701f5ed911709abd25ac4e7f4a8cbd13d777fda48db32915f8
6ab32739ba4f93340641de33dd7fb0a29b32a09314595a3f2f4830ec586f521f
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b5117a49904c7e8ff9aac2dbcb6ea10729864e7225e1eb9ab9d0576db937793
6b8fd7dd4105ce1ed396f303763969895138f914f8a96914107f5f0423881eba
6c421c9533a1c7c8ab8af8228b3b4116e449166c30e90d2e9b7e7505f859a7e0
6cc934e7d47865d351cd8b7788dfe404a4472351ffa2452a28540d94c4a2be76
6e337204ed03b6e4418d9b9b436cd2614831b06c4e1a9ca156d47ece9ad0951c
717caa82423b365bb307bc47f8cbf11fb2a9cee3643b3bb062c0267950d4af23
73106120faaf8658a5d5272a01316d7a02cea27811b1b579bafdab2c801acef5
736f0e3b065e8ebc1f7af329fc3f711395f644140e3a5d570fc3c6f4997adcf5
741cb5b795c866f5aef2c01f64bf8eda484c92bfebe3ee309c9ed35cd252f033
7443db88304846f025d87248180532092fa8a230cdaed78de47311374c697cf4
74c3d6e4e68a777357e0779c0dac3ab4b146a1b9f95f5884893f453e703ef745
7535435b268eceb5a194a8a6065e853af11815cedcbe1769155617d3a8487d60
75471d692aeb9322e75a041dcb0c363657eb51db495b14d5555c5e7a907fa799
764ba836d8aaf35a9528c814e9b05ea22c566b58330a20e713fbf5a23da855d3
76e13840d9450858db8a043047e6a7c1318aeb0d414000110fac4dbf4947c590
7704281ee0b386ac39b9b1f6ca82401efc3500b75ac160e9a46ab6246974d9a5
7ad9ca7a448f744531777d57cf4565a5ffc47603bfa635125ef9f7e08ab3fc64
7b63f721e824f90d7f3144b2458f93b1697419fc8790f35537a064ed757a1b80
7be36e657cadba9c02dfb614d3471d50d3c66ef3a5225d3927aaf7f8d117220e
7cb32d973638c94c708c3bfd9d908d9c899f1f77930c149059a1ce06ef4cefb0
7d5bed178d04622ad95cab658071133ce2ea6b1b394fd71179ec07b5de122bc5
7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61
82a4df0a6f0f70b0df90aeef7e01e356a0a5859da073e4139145dffd0844b226
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f2963ac96def32a52b88d46767a0e6b4f7d5deeabe40bdcd795ce25b99217a
84d368b23e95809600d8e96a8532cc3b88c49cecd69a058d249b4ec0024073ba
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87a156566bf61f245a0b0d6c16f0446eb7cc4a36a9350be545fa37259a40b71a
87df3b2b2a5fa80f62a713bbe3fa2dfe02fa981a335faec6dc57fe303f089b79
88d6065c134848ae1019d0c2afdb83744ae9ee66273fe7acf7655f0f65b57294
8941f04f999d54e9dd1431c77fb4eac9bf0d84e74fe5d89700cc5f3b6fd5d1fa
8a33048e30d15afc0eaa7734898be22ab913880bff745bcbe624de5d4b0862ef
8b6a35331dd68f99e7f98c910482458ff65198fe5e6385d4ea1a2e451bf877e5
8cdcfbfb679d7c159d49557e10cd1ce6041891ba5542973dae56d1d67500d4be
8d08002698e3eea9504529fb40cb7ee307d4bfcb79b26e6b7a9f0d88583ae8ae
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8890244315ff9816a52be72d2a2fc98ee93b6dfc8ad01f1f32343acf36fb49
8ecd6b5f6c1d64a95f0c12958ded33e890f8ee4c8dc7605f72c2e6df5be86fd7
8f60710f6e068b35323439bfa0c7db81caf2796d43b9edc5d5cffadfcc7b80dc
901edb4b4a447bbb1ff2764059ffccafae7a7d74227b5daa4367506dc00c2cc4
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9124a6f861f08469b2fc5fad79f6392aa500d45f4c5992559bf2186e1d39c2b1
9361f54060bd1e37f71077f3935c37c63df1cfa1800e62978324203cb1796b7e
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
96a0c611733b90af699b6b236a735e48ed76f02d74268cc34439bc84c8bd6c88
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a14b003ffe0e950c19ee590ea71d46f6ba7faa8412ac5442f95ec9df010751d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ce75ed467996485eace448fc8554374409488e31678c2e1efb995c77449c0e4
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18472ae86a7b20ced524d98ed60a37cc38d222dd6891200a0edcc335d3d9350
a1b43339886c2df3f1451af8474e95a8923085ef0fc240820e7a8218110d573b
a3492ab3d262a82e24fbabfecd777c0800964578ca1e00a363307bd3e590dc77
a40af8c17d73b31362be38e6eb6d8f8556dc8fa9f1e3332a9248a37d908befca
a4991d87ebaea362f7b779eb0e62f6664d2b0bfb83aada173b6dbdc6ed587a7b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f9fa103935fadea54ea87412c9697a65d9545e2b4d67b3b3f984590c1f0dea
a56602d44222ff0e9c9c9d8faa30c87de0a0b053145aff4a43be4588d216157f
a7175d1d334c622399772f16264ac7a80176047397f32836b6e0b004a59969e8
a77cfb5ef88689ec9943f5e423ce7be4e962c42e051bc5c86a8992807cfec1e3
a84684c392beb111f1ffc575860f0fd182e14aa8953829b5655a90cf5094e898
a87dcc73ff805f14d042296f823c96df55aa628565ce6f1549fa777854b7c6a6
a8c2beb7c2b74195b7bda68bce7b2f3bd317b362ce6d86eadfd6233c047c375d
aac16f954d581bdc9117839285ab45c1e9c71133dbdf18d0e72f420f18d99f13
aac32479b7e00e374a47b5c6daeb907574805cd3320d6d2c520764c6ee96c12d
aaf51dbf4e7f50571addf72805cf9f9d89ec4370ed4d7e6940d6ffb6a9b9cf94
abf2a4b981439fd1bfd908b09d480d4ddcd77b220c5d68f2aa342e7582396db8
ad7aca6bf9ad72feb89acc1f0a7cabdc4821056550c3a04e5887e29895e0fa17
adc6c5f34c9c4f94735357a08ff809907b2430760eb6b192269ef66e4c2b293e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b044100db87d9ea6f2baea5b4c2cacbd92d3f76a8fb521cdcddca8c26c196c1f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b265408716dbe3e1a43a7bb536defb88b2a4df5e02fd12f1262ded3e46b2c9c2
b272da8532a2532b094eb8b01d0c38fac4cb5cbc2a48e620f40cdf886db497a1
b3513b034d0ecb8f59408a1ca4b9b3a8ba63c68f07f877b2e1e1f34da644afe1
b35b72ac1876a9d5ec1b9955529f4070e971ce9439a1394970143145b499117f
b36e2f24c228d4aa3773ac182616c0cf6835f37725be8de6ce7305caa2a99348
b3b8bc1f85a6271976766d393373716502cc318ab9f0370132bc907c13e075e2
b3d7d3c47dc2ed2229601da34d1b8d1a9f7e7405e2a495c582544cd4fe82dc20
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4b6d898c081feaaf31175668b7a4837cf08ee6480fce388cbb93fc710646d07
b61c483c1ef272649d59390899f6ba6dacc4a0047fd5f31fb66a5a4bcb5af0ea
b6681c00074d8e62bb49a4c31444da8096a55f8830f62e4e8cf7b00882ba6cdb
b66dd84625754284fe9e270d7226ff457a5e84b4930f197b52ea0bde0d9c2dc9
b6802ed3c9a13e4e0c4be93749ab1ffdfbf488638b05ed7e18ad3896b1a1748e
b6c5c4d0e28b468e836a67f966c07ac27215c268525bc9fae530d983ae25fa9f
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7
b9d9a71b2879100a34747d78f1f7ece002835d00da28500833fc500b80032188
bb4fafe3d9db67e1d848a6a313fa0148962e92762ec44488667e3c67559e8373
bed4a74b7635879aa6e90938d83ac7aabb21ebbd258a62c9edbb2661d4c25918
c1862f5fa7dd3945e2bab43995b64fa4f720581a0b070afea4dc9431b9cfabd8
c1ccf8f543009a813c29e737c9d9b1c5348169995360fbab23c402ab35c93374
c1dffd59aa695c7624ba66ca5c2a1f152f44821259b74a05a3e76f59e84331fb
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c263200d38a81c6b1a196bd36fa33b084ca93f6966c8dcebd364bfd10e6bedf0
c29d67f4e9401f25dc64727b141330574b2392bfd7713ee2c2346c89d7c0d09e
c34ef6e86efa9e3af58da7200514d3c8f9c157051826020ad940017664fc5a9e
c4a5a12744673c5a2dbb3653fcf99e1d86f9630f2a49ff4aa892cc5018794720
c4a6f381a5dfdcf76a9c61b3aeec81e4899cf5b2141eeb80db87a81ecc4e1d21
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c52a8264c8a4dfb27b101c226b29ed7df32bd643d17550a6aabf8d44d880c75d
c52ea3c0b9b1233a70ed9ee281fec4418c13f8688c556ba31e587e0570cc2b43
c5a7e1a01e97fddf0d6fea76f7a895d53516d76728a4615816a71afa8141d8df
c76df2edc4aac9adc409fe5f6f2250a05ed1ef1d32c411c2d754445e53146f52
c961dd23c6794dec53379e15052d8b369e302a27d66d8d9e1e5b20147a21cf61
ca30c33aa5f114d6c4810f2546893395a3047705d5a8b23cb60bba9a157a77ef
ca89d08ccb30883363a0409364cb5bb8c445de036d1f44e34988326654d76798
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cb89401c31c55eaf5d321b8d956d8b26717e2fe7663101a173619f642cb11d63
cc8e455613eb2f5a4d373144320b33b34324c4cef186f26bb11ea78e4ddf1d7b
cd27dc3c0cc40b5e5691a2317a7a03e4189fa6d32becac6f390a0dceccb80205
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf546b0a79fa03fe1026055391bc230c83a3ab336af78ef406f1bc61232fbddc
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d0bafc175bf850c1326f94020730aab72654b46d51240f6ea199f1b4f755d688
d0e59aaca8c9a62d2ae97808a1d7c958012a860f486ecf0f35c73308ac3623cb
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d285ddb67b0c0d1642d8dbc0d6c122085eaf32cc6df3f165febbb4a47d05c9b5
d453778582484007a5a8c9b610fbe6a12a863260562fadd46f8e402f740ab12e
d4c5780344a410ba6f301b65ec5a0fff84b5ff87bdf3e65c7f6f52958beba7e0
d564e795aec94a8c74308ecec87cb269c8b536135086e36ba14ffa7f22434264
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d691477018d0f0957939aa725df7f8a979d42731cd24ffc4b2a91e8cb456db82
d790bdb9c9934a5f355f4252b42f70aa70075349b567823d9366c383b980ea60
d80bd54f6f01cdaa4f9b4bf238a45def7223316f3613971da9a6a417c62b5364
d8ee6435761532684a8d1d79368bfadcc4ebc56c653721a4c2a3e649b69922df
dadc342d66fe74c55e27087590362734cad1eb09b0b788032e47a8211252f99c
dafaa937eadd710a78845e1e43b6facb9b04efd0c94ef1b5d0639b70a9e4b76c
dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57
dc2c370d8a5d1a0a32059fee415ee027dd9dbb0bf4a7c323ff01d8ae0f165ffa
dd9366b123766ecaeec85d47719aaa8ddbd3b68aa7e1fae5434fec5133ebd7cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de845987f3459366a295fa160b916e6945c7b96961d7ba73d441b03f211811e8
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
df352596341aef158df4b1735cf3b02723951a0a584685f896ce3782f6e33f29
df44d58bf8c6e91eb9cc06976a75862f3dfa2f8c58c2313a7003497bbc8144c4
e027435211ef2a57f103c525775456d802bd6ad5acaa62117d45e10930c7af7e
e142124087c412eef969cd891c1fc1e1629fc878fc1641dbfe44bf9ef38b187c
e20e767839f09483c5eae25b181b720e31943d94a40dda6e7a6ea1e2809dcdb7
e2375265c2c58ff376a5b20241c598a2822e043c80935b4a27b50306b4338280
e27ed09d7d981bca54cf2bbaae780d25f610c11057db155b59d05c19df07cb2e
e2d5e937f6c5374bb949676c2b77cbfe4c263bbbc16fef2f58f6b0d3fe314dd6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d808bad95e4317de730ff30cb286cbe71f03a65d49d59b65bfc8c58bbc1ffc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6ff9b93f859dee3b1057bcd37675069870c1bf2532c4f06175a4f0e70791f37
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e86f7b25b83ece6379a4dd715545583806705d952755e7636667c850de9db460
e8e63b273ee7c4272980208e5d6e6d36747f2b675f7b7cf508fccc6d623fb563
e905fa7f6fb641e301a671f79a50345d62906d8dd9da25919ca521955f70ed15
e94d0e2d56d7e7d35935918e549a374568fad167f2c8f4e5189104fa6546d8d5
e955ea3c7cea5f641e22b09184850d60c3a4a8eef354d739ca9e0ac25daebfaf
ea35c5d1362d678749f64a9e5e667ff8e8cde215869401caa753c5e6585f568f
eb231ddd81ab3b9f6a94bc2648e45f839b606a6a6253e379c5464bcdaba922e7
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7cf723e138fd1ced41f6f1c2c0d724c43183a65b54ebaef160e9635fc222d6
ec867bdc2eeb4e673bafda0b3ad6b7d24b7bdb1bbc788cf0d516540957bd4e93
ecc36cc1d2a1b39c6dcc4d23c5e1c029f1d2c78e8f696e094c8ea8db964e5664
ece024550d861e5c32110aa1039658ce7688394ed067f05264ceb95d01e5fe7e
ecee9fa46611c97add225970dbb6dd2ea6e56f0a8e38ace8a027a9f11f8c13c0
ed676d69b35c099e552d3aaa442fd3588828e5f72851e1eb70f5a266af629126
eea97132cddb1a868c4c2e3b3fd2c073d928fb9ddbd31bc71c5cf72419da6979
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f009046c8dfa738f7b73d46544595b6d47858c62f8af8c9a1fa87be048d17330
f1b4809c02c833ef4a89170232005bdb3b7b825cd4a1b16e1f7868fdcef834d7
f1bb0ca338f496307dafa965e2c5429c8df952986576cb812f0f0ba83e4d1f25
f1c3024ed229e0941e4ecfa9faf35eca8c8663d8494a4bc8fff7ec62e954433d
f1f2c754697a52684fccacaa9e300ac3268d6c13837b9ac7f46475cc67de8d4c
f268e67bed4c1584ddf22b804ba2e482c2ed18c8905a1f032406bf846d7887dc
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f3fb84ac22d9aa3bcb4eb5a032abb61f745d15a6e89e4b5c87a60d08bb48bbd8
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f5457f2dad0b354c7eeaef5f733401b7d9c7326aaf5e57f3bed1e74ba5e24138
f5e702aabcb6a68a102ac86060ab9d0a6ba6d23e8145de4792758813f4c76cd8
f77bdfc493418da1a85260cc1b790bd02c9d0a09426ed1ad89a9613aa16e5758
f7a1766b66d96e1e1eb19e2f12b6b4ca66362ac67f6bfccb031b9e71d4956628
f7c81f756187282cde04eb081009912e336f388013eb18b70b9895f4cefb6a79
f7ec7b8677014393b78f8e512a7b08dd6227d6d54fb6c145ab0ccc5a71b11600
f7ec9f64994c0f12acd8ab801d6709a5373b161d22752d64c316fc4dc6b04026
f8dd67a3930d510197cdfb0dedb2c076621b8417b6c8152188343fdd0316e53b
f93b573c56fa5c2f022653fe1017fb1153a34623e951304d11ce0fe7fce65b72
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
fa730e45f1461662728ed590039a2cb0900eee5486af662670dccca0e7f0ddd6
fb420929ea53b852c97e4a0a1f814d8bf1194a2e25c10e818d197bdbcc5d085b
fb6762d0a7d3826432b354736ebd833016630c0093d34c9d2458e6023f5a66e2
fd3eec52805f5b6243e9fe47efb617a37254f80fdeafe26f9d39e007635e0266
fee2f5031d305581779642efa7a4b973272f1fa711149fb3c6697b2e5989a903
ffa2e149a7cb4362696d47b85863b157283c7225b648bf0ea43e0591165e4c2d