urlscan.io logo urlscan.io
SecurityTrails logo

offside.com.ua Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://offside.com.ua/
Effective URL: https://offside.com.ua/
Submission: On July 12 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 17 countries across 91 domains to perform 326 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is offside.com.ua. The Cisco Umbrella rank of the primary domain is 137338.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2022. Valid for: a year.
This is the only time offside.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 110 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a03:90c0:41:... 199524 (GCORE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
2 3 88.212.201.198 39134 (UNITEDNET)
5 2a00:1450:400... 15169 (GOOGLE)
2 192.243.59.20 39572 (ADVANCEDH...)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 45.135.120.147 56630 (MELBICOM-...)
4 88.198.49.154 24940 (HETZNER-AS)
2 95.211.229.247 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 178.253.35.215 202492 (SGHL1-AS)
2 12 146.0.227.109 29066 (VELIANET-...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 5 46.249.52.249 50673 (SERVERIUS-AS)
6 51.75.86.98 16276 (OVH)
3 2a0c:5c81:509... 55081 (24SHELLS)
2 8.2.108.175 46636 (NATCOWEB)
2 216.52.2.30 30282 (AS-INAPCD...)
2 2 217.65.2.150 29076 (CITYTELEC...)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
2 192.82.242.208 62713 (AS-PUBMATIC)
3 3 199.115.119.227 30633 (LEASEWEB-...)
7 7 52.57.150.184 16509 (AMAZON-02)
1 1 188.34.190.35 24940 (HETZNER-AS)
1 1 51.255.68.171 16276 (OVH)
1 183.110.238.136 4766 (KIXS-AS-K...)
1 82.145.213.8 39832 (NO-OPERA)
5 6 37.157.5.142 198622 (ADFORM)
2 3 3.126.56.137 16509 (AMAZON-02)
1 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 8.2.110.206 46636 (NATCOWEB)
2 2 54.38.197.123 16276 (OVH)
2 2a0c:5c81:513... 55081 (24SHELLS)
2 193.200.65.6 6681 (GIVEME-CLOUD)
7 9 37.252.172.250 29990 (ASN-APPNEX)
1 2 168.119.9.59 24940 (HETZNER-AS)
2 4 104.18.19.126 13335 (CLOUDFLAR...)
3 3 83.222.114.188 42632 (MNOGOBYTE...)
5 7 172.217.16.130 15169 (GOOGLE)
2 2 193.106.93.124 48614 (ITSOFT-AS)
2 2 89.108.119.43 197695 (AS-REG)
3 3 185.15.175.147 43226 (SAFEDATA ...)
2 2 78.46.100.125 24940 (HETZNER-AS)
2 2 138.201.139.144 24940 (HETZNER-AS)
1 188.34.131.134 24940 (HETZNER-AS)
1 2 194.247.175.26 196831 (BEMOBILE-AS)
1 62.149.18.58 15497 (COLOCALL ...)
1 212.7.203.129 60781 (LEASEWEB-...)
1 37.48.68.71 60781 (LEASEWEB-...)
3 3 66.155.71.149 13768 (COGECO-PEER1)
2 3 34.254.143.3 16509 (AMAZON-02)
4 5 35.227.248.159 15169 (GOOGLE)
6 5.178.65.246 50673 (SERVERIUS-AS)
2 4 35.227.252.103 15169 (GOOGLE)
4 12 54.81.7.162 14618 (AMAZON-AES)
4 5.178.65.253 50673 (SERVERIUS-AS)
3 3 23.75.240.210 16625 (AKAMAI-AS)
6 104.89.20.125 16625 (AKAMAI-AS)
4 2.20.157.2 16625 (AKAMAI-AS)
2 205.234.175.175 23352 (SERVERCEN...)
1 20 2606:4700:10:... 13335 (CLOUDFLAR...)
2 13 23.227.139.243 55081 (24SHELLS)
1 67.202.105.32 32748 (STEADFAST)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 52.17.103.74 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2 213.19.147.44 3356 (LEVEL3)
3 35.71.131.137 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.30.130.246 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
1 185.15.245.83 24961 (MYLOC-AS ...)
2 4 52.208.103.128 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 35.156.83.159 16509 (AMAZON-02)
2 34.252.17.141 16509 (AMAZON-02)
1 162.55.236.225 24940 (HETZNER-AS)
2 2 151.101.2.49 54113 (FASTLY)
1 1 23.35.228.210 16625 (AKAMAI-AS)
1 1 54.164.129.77 14618 (AMAZON-AES)
1 2 54.239.38.253 16509 (AMAZON-02)
1 104.92.72.137 16625 (AKAMAI-AS)
2 2 54.194.115.18 16509 (AMAZON-02)
1 7 104.18.18.126 13335 (CLOUDFLAR...)
2 4 52.46.143.56 16509 (AMAZON-02)
1 141.226.228.48 200478 (TABOOLA-AS)
1 1 52.202.236.184 14618 (AMAZON-AES)
1 66.155.71.25 13768 (COGECO-PEER1)
1 185.89.210.180 29990 (ASN-APPNEX)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 52.209.232.242 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.111.151.213 15169 (GOOGLE)
1 1 54.229.182.75 16509 (AMAZON-02)
4 69.173.144.138 26667 (RUBICONPR...)
4 18.66.248.33 16509 (AMAZON-02)
2 212.83.160.162 12876 (Online SAS)
1 69.173.144.139 26667 (RUBICONPR...)
1 3 3.122.214.165 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
326 85
110    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
offside.com.ua
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
a.exdynsrv.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
3    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.effectivedisplaycontent.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    45.135.120.147 (Amsterdam, Netherlands)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
refpa6781648.top
4    88.198.49.154 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.49.154.clients.your-server.de
covivado.club
2    95.211.229.247 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exdynsrv.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
s3t3d2y8.ackcdn.net
1    178.253.35.215 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)
refpa3966353.top
12    146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
5    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
6    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
3    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    217.65.2.150 (Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
2    192.82.242.208 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    199.115.119.227 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
7    52.57.150.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-184.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    188.34.190.35 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.35.190.34.188.clients.your-server.de
bidswitch-eu.splicky.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
cm.adform.net
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
2    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
2    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
9    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    168.119.9.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de
exchange.buzzoola.com
4    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
ssum.casalemedia.com
r.casalemedia.com
3    83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
7    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
2    193.106.93.124 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
2    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
3    185.15.175.147 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
2    78.46.100.125 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de
sync.1dmp.io
2    138.201.139.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de
cm.p.altergeo.ru
1    188.34.131.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de
adx.com.ru
2    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
1    62.149.18.58 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: cc53243-01.cc.colocall.com
content.admixer.net
1    212.7.203.129 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
z.cdn.adpool.bet
1    37.48.68.71 (Arnhem, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
3    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com
loadeu.exelator.com
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
6    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
12    54.81.7.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-7-162.compute-1.amazonaws.com
a.audrte.com
4    5.178.65.253 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2.20.157.2 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-2.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    205.234.175.175 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
20    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
13    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    52.17.103.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-103-74.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    213.19.147.44 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f600:d00c:d52c:5371:efa (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b001:736:16ab:a44d:3496 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.30.130.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-130-246.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
4    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    35.156.83.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-83-159.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    34.252.17.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-17-141.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    23.35.228.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    54.164.129.77 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-129-77.compute-1.amazonaws.com
usermatch.krxd.net
2    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    54.194.115.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-115-18.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
7    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    52.202.236.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-236-184.compute-1.amazonaws.com
sync.extend.tv
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    2a05:d018:d29:3602:cba9:630b:f07c:688c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    52.209.232.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-232-242.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    54.229.182.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-182-75.eu-west-1.compute.amazonaws.com
d.adroll.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
4    18.66.248.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-33.dus51.r.cloudfront.net
tags.crwdcntrl.net
2    212.83.160.162 (France)

ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
js.cookieless-data.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
110 offside.com.ua
offside.com.ua — Cisco Umbrella Rank: 137338
3 MB
22 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 40667
inv-nets.admixer.net — Cisco Umbrella Rank: 2560
content.admixer.net — Cisco Umbrella Rank: 260182
1 MB
20 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1705
mwzeom.zeotap.com — Cisco Umbrella Rank: 1343
6 KB
17 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4899
u-ams02.e-planning.net — Cisco Umbrella Rank: 64646
s.e-planning.net — Cisco Umbrella Rank: 7062
i.e-planning.net — Cisco Umbrella Rank: 7148
7 KB
14 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
eus.rubiconproject.com — Cisco Umbrella Rank: 573
token.rubiconproject.com — Cisco Umbrella Rank: 711
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2344
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
33 KB
14 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 4966
sync.adtelligent.com — Cisco Umbrella Rank: 4149
7 KB
12 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2310
15 KB
11 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
ssum.casalemedia.com — Cisco Umbrella Rank: 1349
r.casalemedia.com — Cisco Umbrella Rank: 1528
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
dsum.casalemedia.com — Cisco Umbrella Rank: 1295
11 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com — Cisco Umbrella Rank: 408
7 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
211 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
6 KB
8 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
tags.crwdcntrl.net — Cisco Umbrella Rank: 1463
32 KB
8 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 590
ads.pubmatic.com — Cisco Umbrella Rank: 488
image6.pubmatic.com — Cisco Umbrella Rank: 629
24 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
3 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
s.amazon-adsystem.com — Cisco Umbrella Rank: 286
4 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
dmp.adform.net — Cisco Umbrella Rank: 4326
cm.adform.net — Cisco Umbrella Rank: 1594
2 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 820
38 B
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 444
799 B
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 299
cms.analytics.yahoo.com — Cisco Umbrella Rank: 847
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479
2 KB
5 gstatic.com
fonts.gstatic.com
147 KB
5 google.com
maps.google.com — Cisco Umbrella Rank: 1635
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
184 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1589
743 B
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3264
pixel-sync.sitescout.com — Cisco Umbrella Rank: 587
3 KB
4 com.ru
rtb.com.ru — Cisco Umbrella Rank: 42696
adx.com.ru — Cisco Umbrella Rank: 61640
4 KB
4 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 4211
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 4601
2 KB
4 covivado.club
covivado.club — Cisco Umbrella Rank: 204921
33 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
maps.googleapis.com — Cisco Umbrella Rank: 322
3 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 976
3 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 457
usermatch.krxd.net — Cisco Umbrella Rank: 1270
934 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
793 B
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1268
loadeu.exelator.com — Cisco Umbrella Rank: 7936
2 KB
3 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 23132
4 KB
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 4137
1 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2244
1 KB
3 refpa6781648.top
refpa6781648.top — Cisco Umbrella Rank: 349693
3 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2733
380 B
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9125
3 KB
3 exdynsrv.com
a.exdynsrv.com — Cisco Umbrella Rank: 48018
syndication.exdynsrv.com — Cisco Umbrella Rank: 38547
31 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
206 KB
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 6819
1 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 128497
428 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
851 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30266
680 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1140
751 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 672
sync.taboola.com — Cisco Umbrella Rank: 947
260 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 540
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 642
656 B
2 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 84664
467 B
2 altergeo.ru
cm.p.altergeo.ru — Cisco Umbrella Rank: 60070
1 KB
2 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 11945
1 KB
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 14171
2 KB
2 prodmp.ru
prodmp.ru — Cisco Umbrella Rank: 62330
2 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 18578
543 B
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 84026
702 B
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8052
537 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2197
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 622
678 B
2 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 29641
565 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 660
554 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 5027
258 B
2 effectivedisplaycontent.com
www.effectivedisplaycontent.com — Cisco Umbrella Rank: 206175
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1568
112 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1883
349 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3187
187 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 801
425 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 474
430 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1739
546 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 483
145 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 987
770 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1905
359 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 445
532 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 17918
272 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1653
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 106055
659 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12969
411 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 4670
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 908
393 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 3999
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 60032
392 B
1 adpool.bet
z.cdn.adpool.bet — Cisco Umbrella Rank: 91629
504 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 7378
510 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2439
464 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 6467
904 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3329
479 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 24436
219 B
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 49358
17 KB
1 refpa3966353.top
refpa3966353.top
149 KB
1 ackcdn.net
s3t3d2y8.ackcdn.net — Cisco Umbrella Rank: 8005
6 KB
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4608
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
645 B
326 91
Domain Requested by
110 offside.com.ua 1 redirects offside.com.ua
14 mwzeom.zeotap.com 1 redirects ads.us.e-planning.net
12 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
s.adtelligent.com
offside.com.ua
12 inv-nets.admixer.net 2 redirects cdn.admixer.net
offside.com.ua
ads.us.e-planning.net
11 sync.adtelligent.com 1 redirects s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
9 ib.adnxs.com 7 redirects offside.com.ua
spl.zeotap.com
9 cdn.admixer.net offside.com.ua
cdn.admixer.net
7 cm.g.doubleclick.net 5 redirects spl.zeotap.com
ssum.casalemedia.com
7 x.bidswitch.net 7 redirects
7 pagead2.googlesyndication.com offside.com.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 eus.rubiconproject.com ads.us.e-planning.net
s.adtelligent.com
eus.rubiconproject.com
6 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
r.casalemedia.com
6 onetag-sys.com inv-nets.admixer.net
offside.com.ua
ads.us.e-planning.net
s.adtelligent.com
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
r.casalemedia.com
5 pixel.tapad.com 4 redirects spl.zeotap.com
5 ads.us.e-planning.net 2 redirects inv-nets.admixer.net
offside.com.ua
s.adtelligent.com
5 fonts.gstatic.com fonts.googleapis.com
4 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
r.casalemedia.com
4 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
4 ads.pubmatic.com ads.us.e-planning.net
s.adtelligent.com
4 s.e-planning.net ads.us.e-planning.net
4 rtb.openx.net 2 redirects ads.us.e-planning.net
4 covivado.club offside.com.ua
covivado.club
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 ps.eyeota.net 1 redirects offside.com.ua
a.audrte.com
3 token.rubiconproject.com eus.rubiconproject.com
3 dmp.adform.net 2 redirects spl.zeotap.com
3 match.adsrvr.org s.adtelligent.com
spl.zeotap.com
ssum.casalemedia.com
3 secure-assets.rubiconproject.com 3 redirects
3 pixel.sitescout.com 3 redirects
3 dmg.digitaltarget.ru 3 redirects
3 rtb.com.ru 3 redirects
3 ups.analytics.yahoo.com 2 redirects r.casalemedia.com
3 sync.lemmatechnologies.com 3 redirects
3 an.yandex.ru 2 redirects offside.com.ua
3 s.adtelligent.com inv-nets.admixer.net
offside.com.ua
s.adtelligent.com
3 refpa6781648.top offside.com.ua
refpa6781648.top
3 region1.google-analytics.com www.googletagmanager.com
3 counter.yadro.ru 2 redirects offside.com.ua
3 maps.google.com offside.com.ua
maps.google.com
3 fonts.googleapis.com offside.com.ua
3 www.googletagmanager.com offside.com.ua
www.googletagmanager.com
2 js.cookieless-data.com s.e-planning.net
2 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
2 dsum.casalemedia.com r.casalemedia.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 ad.360yield.com 2 redirects
2 i.e-planning.net ads.us.e-planning.net
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 loadm.exelator.com 2 redirects
2 pa.tns-ua.com 1 redirects offside.com.ua
2 cm.p.altergeo.ru 2 redirects
2 sync.1dmp.io 2 redirects
2 x01.aidata.io 2 redirects
2 prodmp.ru 2 redirects
2 exchange.buzzoola.com 1 redirects offside.com.ua
2 m.trafmag.com offside.com.ua
2 s.console.adtarget.com.tr offside.com.ua
s.adtelligent.com
2 a4p.adpartner.pro 2 redirects
2 ads.betweendigital.com 2 redirects
2 creativecdn.com 1 redirects offside.com.ua
2 c1.adform.net 2 redirects
2 image8.pubmatic.com offside.com.ua
2 match.new-programmatic.com 2 redirects
2 ap.lijit.com offside.com.ua
s.adtelligent.com
2 us.ck-ie.com offside.com.ua
2 syndication.exdynsrv.com a.exdynsrv.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.effectivedisplaycontent.com offside.com.ua
1 www.google.com tpc.googlesyndication.com
1 pixel.rubiconproject.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 cm.adform.net 1 redirects
1 d.adroll.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 casale-match.dotomi.com 1 redirects
1 ad.turn.com 1 redirects
1 match.prod.bidr.io r.casalemedia.com
1 pr-bh.ybp.yahoo.com r.casalemedia.com
1 secure.adnxs.com ssum.casalemedia.com
1 pixel-sync.sitescout.com ssum.casalemedia.com
1 sync.extend.tv 1 redirects
1 sync.taboola.com ssum.casalemedia.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 vid.vidoomy.com s.adtelligent.com
1 csync.loopme.me 1 redirects
1 ic.tynt.com s.adtelligent.com
1 r.casalemedia.com ads.us.e-planning.net
1 datatechone.com cdntechone.com
1 z.cdn.adpool.bet offside.com.ua
1 content.admixer.net offside.com.ua
1 adx.com.ru offside.com.ua
1 ssum-sec.casalemedia.com 1 redirects
1 cs.mobfox.com offside.com.ua
1 t.adx.opera.com offside.com.ua
1 idsync.admixer.co.kr offside.com.ua
1 dsp.nrich.ai 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 cdntechone.com covivado.club
1 refpa3966353.top refpa6781648.top
1 s3t3d2y8.ackcdn.net offside.com.ua
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 maps.googleapis.com maps.google.com
1 a.exdynsrv.com offside.com.ua
326 127
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
exdynsrv.com
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
effectivedisplaycontent.com
R3		 2022-06-21 -
2022-09-19		 3 months crt.sh
*.refpa6781648.top
R3		 2022-06-17 -
2022-09-15		 3 months crt.sh
vivarevasta.top
R3		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
ackcdn.net
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.refpa3966353.top
R3		 2022-05-06 -
2022-08-04		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-01 -
2022-08-30		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.mobfox.com
R3		 2022-06-28 -
2022-09-26		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-05-29 -
2022-08-27		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
dmp.theadex.com
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
sync.console.adtarget.com.tr
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 39 frames:

Primary Page: https://offside.com.ua/
Frame ID: D0F4BF3F268864B121807D6E6C5DD2DD
Requests: 188 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: 83424AC12B6C7FF9935852E03C597921
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 218A2466438606B171DEB8E9DE2F2896
Requests: 1 HTTP requests in this frame

Frame: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Frame ID: 1D3762A1AF8E010CE416E40E59AB1279
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7140845151581295&output=html&adk=1812271804&adf=3025194257&lmt=1657609214&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffside.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657609214090&bpp=2&bdt=723&idt=682&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=805628118330&frm=20&pv=2&ga_vid=2120219989.1657609214&ga_sid=1657609215&ga_hid=776932370&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068105%2C44766558%2C31068196%2C42531606&oid=2&pvsid=1183762574062160&tmod=2075173734&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=703
Frame ID: 1CA4D2AF4DF3AFE4DAB4B0C090A71C88
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 17BFB698EE8496EECD89B8D7549BBBC8
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 4C468A06FCF93A246013B60C460687CF
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 84467704DC232FCB789D08403CFF1BD4
Requests: 9 HTTP requests in this frame

Frame: https://content.admixer.net/test1/5a4a8557-12e5-4ff7-bf43-a6dcb5f558a5/438160a6-3e9e-4a68-bcf1-2c83e4329d60.png
Frame ID: 46FB343F6E0AFD4DE48F849F9F28EF07
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: ABA7EAA5C8ABC1DDC473B4A19D25BAF1
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db4cf4b70acba59f7%26uid%3D
Frame ID: A92416ABB4EBF0614A817C64E190AA8E
Requests: 2 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Frame ID: 38185DABCCA2DD4438BF101E4AC8729F
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 493DC185945A4BE8FA2EF35CB77D984E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 5484C29E03181EAD9F49B3A4AD968AFF
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&cmp=0
Frame ID: A75819481D13E7FDF077367E83E40DE7
Requests: 30 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7064435012117703281
Frame ID: F36B8C55DBEA9944308EB6F36C08466B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: E4325B9C1AD6F70CCF0FD3B91E9CDD5C
Requests: 13 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 5B3C944D6EA1F8D09BCA3BC3992DB03C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 54F0E8AABFB1AE1A628FE378F7E8DF55
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: E0552916004089919B10443CC1C2CC50
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 97FD800282EC8C189A88D089D75D0537
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: D3A376260EB3B6E024DCD8DC3C8D4C63
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e30a3ab5-eac6-4c1e-80c3-1b64bdc5d675
Frame ID: B17512D4A4614F12AEA49FB2E7875AA6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: B45B97D9968F5E22F5D5F408CAAA16A7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db4cf4b70acba59f7%26uid%3D
Frame ID: 01CEBE8CFFA060D94119C7C92979F606
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Frame ID: B05A8B9DBC22044F2D9FCB2C6041FCBE
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 3981476530C5849F7F1B9C61C9CE4ABB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: D8DE98A538B3A5945AFE1E1CFEF04E5D
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=7c1035b3-1cd9-4669-58cb-e54497976b92&zdid=1361&cmp=0
Frame ID: B5070AD517E77DEA899B953982533BF0
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 24074820D0661B9D0A4D1B322858E225
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: B0B87D5C0C9CF1187990D9C7A2666109
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 71F44F5903E99A49C16ED9DC969C3EA2
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3165299387303551005
Frame ID: 56B4B2FCC162BB8AC507AA3FD2984AA2
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: F614E63534FB55C63E6344CA6665FE7E
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKY7puKlhTIvP4OF
Frame ID: 1A6DBFE7D032DF6ADD7A63ABA2FFF0A0
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 1E602188957C65929FFF8D0930322079
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AKY7puKlhTIvP4OF
Frame ID: B55DD5CCA66762189C24B9B1CD586DF1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCB366BF34611A24534DECF57092D41A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D8504D4017715E70FD0458B1630FFD6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Главная - Offside

Page URL History Show full URLs

  1. http://offside.com.ua/ HTTP 301
    https://offside.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

326
Requests

84 %
HTTPS

25 %
IPv6

91
Domains

127
Subdomains

85
IPs

17
Countries

4943 kB
Transfer

9146 kB
Size

102
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://offside.com.ua/ HTTP 301
    https://offside.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.6035216402246668 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.6035216402246668
Request Chain 157
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 162
  • https://match.new-programmatic.com/userbind?src=admixer&id=bb260eba93a0441fa3afe0a58a7babec HTTP 302
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?sign=3011906821 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1&sign=3011906821
Request Chain 164
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Dbb260eba93a0441fa3afe0a58a7babec HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=4834642a-01b0-11ed-8d99-801844df107c HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=4834642a-01b0-11ed-8d99-801844df107c HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=726f1250-5f59-408b-ab8c-f45bcf7dce0e&expires=1&user_group=5&ssp=lemma&bsw_param=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=bb260eba93a0441fa3afe0a58a7babec4834642a-01b0-11ed-8d99-801844df107c
Request Chain 169
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=bb260eba93a0441fa3afe0a58a7babec&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=bb260eba93a0441fa3afe0a58a7babec&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3165299387303551005&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0&gdpr=&consent=&gdpr_pd=
Request Chain 170
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-Yd.g3vNE2uEPe4.G9.lgrayLiTVeCQjxJK5tOW0-~A
Request Chain 171
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 172
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=fe5a76ff-3314-52c1-b176-c90ad3bbd2f5
Request Chain 174
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=c8cc1486-8d80-4d96-b649-30c0a3793c79
Request Chain 178
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=bb260eba93a0441fa3afe0a58a7babec HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=bb260eba93a0441fa3afe0a58a7babec
Request Chain 179
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB
Request Chain 180
  • https://rtb.com.ru/admixer-sync?uid=bb260eba93a0441fa3afe0a58a7babec HTTP 302
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=bb260eba93a0441fa3afe0a58a7babec HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62cd1c009ab4d27d704bab3c%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D62cd1c009ab4d27d704bab3c%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D62cd1c009ab4d27d704bab3c%252526i%25253D1393358583913894259%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D62cd1c009ab4d27d704bab3c%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D62cd1c009ab4d27d704bab3c%2525252526nc%252525253D5555275785909190592%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D62cd1c009ab4d27d704bab3c%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FQqESupYsVN6gUhBQxC2Yw4%2525252525253Fsign%2525252525253D2213836553%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D62cd1c009ab4d27d704bab3c HTTP 302
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62cd1c009ab4d27d704bab3c%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D62cd1c009ab4d27d704bab3c%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D62cd1c009ab4d27d704bab3c%252526i%25253D1393358583913894259%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D62cd1c009ab4d27d704bab3c%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D62cd1c009ab4d27d704bab3c%2525252526nc%252525253D5555275785909190592%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D62cd1c009ab4d27d704bab3c%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FQqESupYsVN6gUhBQxC2Yw4%2525252525253Fsign%2525252525253D2213836553%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D62cd1c009ab4d27d704bab3c&google_gid=CAESECoc0v4v4odnO9DxL3hM5LY&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=62cd1c009ab4d27d704bab3c&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62cd1c009ab4d27d704bab3c%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62cd1c009ab4d27d704bab3c%2526i%253D1393358583913894259%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62cd1c009ab4d27d704bab3c%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62cd1c009ab4d27d704bab3c%25252526nc%2525253D5555275785909190592%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62cd1c009ab4d27d704bab3c%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FQqESupYsVN6gUhBQxC2Yw4%25252525253Fsign%25252525253D2213836553%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62cd1c009ab4d27d704bab3c HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62cd1c009ab4d27d704bab3c%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62cd1c009ab4d27d704bab3c%2526i%253D1393358583913894259%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62cd1c009ab4d27d704bab3c%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62cd1c009ab4d27d704bab3c%25252526nc%2525253D5555275785909190592%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62cd1c009ab4d27d704bab3c%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FQqESupYsVN6gUhBQxC2Yw4%25252525253Fsign%25252525253D2213836553%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62cd1c009ab4d27d704bab3c&dsp_provider_id=2 HTTP 302
  • https://prodmp.ru/li?guid=388D037C3E53CAD6E62C&uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62cd1c009ab4d27d704bab3c%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62cd1c009ab4d27d704bab3c%2526i%253D1393358583913894259%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62cd1c009ab4d27d704bab3c%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62cd1c009ab4d27d704bab3c%25252526nc%2525253D5555275785909190592%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62cd1c009ab4d27d704bab3c%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FQqESupYsVN6gUhBQxC2Yw4%25252525253Fsign%25252525253D2213836553%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62cd1c009ab4d27d704bab3c&dsp_provider_id=2 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/62cd1c009ab4d27d704bab3c?sign=45501020&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62cd1c009ab4d27d704bab3c%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62cd1c009ab4d27d704bab3c%2526i%253D1393358583913894259%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62cd1c009ab4d27d704bab3c%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62cd1c009ab4d27d704bab3c%25252526nc%2525253D5555275785909190592%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62cd1c009ab4d27d704bab3c%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FQqESupYsVN6gUhBQxC2Yw4%25252525253Fsign%25252525253D2213836553%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62cd1c009ab4d27d704bab3c HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=62cd1c009ab4d27d704bab3c&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62cd1c009ab4d27d704bab3c%26i%3D1393358583913894259%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D62cd1c009ab4d27d704bab3c%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D62cd1c009ab4d27d704bab3c%252526nc%25253D5555275785909190592%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D62cd1c009ab4d27d704bab3c%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FQqESupYsVN6gUhBQxC2Yw4%252525253Fsign%252525253D2213836553%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D62cd1c009ab4d27d704bab3c HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=62cd1c009ab4d27d704bab3c&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62cd1c009ab4d27d704bab3c%26i%3D1393358583913894259%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D62cd1c009ab4d27d704bab3c%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D62cd1c009ab4d27d704bab3c%252526nc%25253D5555275785909190592%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D62cd1c009ab4d27d704bab3c%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FQqESupYsVN6gUhBQxC2Yw4%252525253Fsign%252525253D2213836553%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D62cd1c009ab4d27d704bab3c&bounce=1 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=62cd1c009ab4d27d704bab3c&i=1393358583913894259&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62cd1c009ab4d27d704bab3c%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62cd1c009ab4d27d704bab3c%2526nc%253D5555275785909190592%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62cd1c009ab4d27d704bab3c%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FQqESupYsVN6gUhBQxC2Yw4%2525253Fsign%2525253D2213836553%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62cd1c009ab4d27d704bab3c HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=62cd1c009ab4d27d704bab3c&i=1393358583913894259&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62cd1c009ab4d27d704bab3c%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62cd1c009ab4d27d704bab3c%2526nc%253D5555275785909190592%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62cd1c009ab4d27d704bab3c%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FQqESupYsVN6gUhBQxC2Yw4%2525253Fsign%2525253D2213836553%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62cd1c009ab4d27d704bab3c HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=dq1-f-YfVgNMWwF7k3cK&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62cd1c009ab4d27d704bab3c%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62cd1c009ab4d27d704bab3c%2526nc%253D5555275785909190592%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62cd1c009ab4d27d704bab3c%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FQqESupYsVN6gUhBQxC2Yw4%2525253Fsign%2525253D2213836553%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62cd1c009ab4d27d704bab3c HTTP 302
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEKN4Lzd_7dOFR-6uBclNnWA&ver=1&google_error=&code=224&ts=dq1-f-YfVgNMWwF7k3cK&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62cd1c009ab4d27d704bab3c%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62cd1c009ab4d27d704bab3c%2526nc%253D5555275785909190592%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62cd1c009ab4d27d704bab3c%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FQqESupYsVN6gUhBQxC2Yw4%2525253Fsign%2525253D2213836553%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62cd1c009ab4d27d704bab3c HTTP 307
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62cd1c009ab4d27d704bab3c&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62cd1c009ab4d27d704bab3c%26nc%3D5555275785909190592%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D62cd1c009ab4d27d704bab3c%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252FQqESupYsVN6gUhBQxC2Yw4%25253Fsign%25253D2213836553%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D62cd1c009ab4d27d704bab3c HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62cd1c009ab4d27d704bab3c&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62cd1c009ab4d27d704bab3c%26nc%3D5555275785909190592%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D62cd1c009ab4d27d704bab3c%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252FQqESupYsVN6gUhBQxC2Yw4%25253Fsign%25253D2213836553%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D62cd1c009ab4d27d704bab3c&cs=1 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=62cd1c009ab4d27d704bab3c&nc=5555275785909190592&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62cd1c009ab4d27d704bab3c%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252FQqESupYsVN6gUhBQxC2Yw4%253Fsign%253D2213836553%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D62cd1c009ab4d27d704bab3c HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=62cd1c009ab4d27d704bab3c&nc=5555275785909190592&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62cd1c009ab4d27d704bab3c%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252FQqESupYsVN6gUhBQxC2Yw4%253Fsign%253D2213836553%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D62cd1c009ab4d27d704bab3c&cc=1 HTTP 302
  • https://adx.com.ru/adspend-sync?uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FQqESupYsVN6gUhBQxC2Yw4%3Fsign%3D2213836553%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62cd1c009ab4d27d704bab3c
Request Chain 181
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=bb260eba93a0441fa3afe0a58a7babec HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF68C9C3CBDD4D20A0B3DE93A68265A5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=bb260eba93a0441fa3afe0a58a7babec
Request Chain 184
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 187
  • https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=bb260eba93a0441fa3afe0a58a7babec&zone=1BA693E9-AF43-480F-8247-A0A6978D969D&device=28&rule=2A9D2C49-0654-4466-A9CE-559AECCA318A&requestId=e11d785a-74a9-4310-84e3-af0677eef446&hp=6783904&page=offside.com.ua%2F&ts=637932060151053202&ap=MA%3D%3D&asign=-737577268&sync=57%2C88%2C96%2C80%2C98%2C3&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=CBC0AF15-51E4-4BDF-98F7-C184B84F9A6C&inst=ADS-EU-7&pxl=0&pvid=907050a5-1760-412c-a568-139c777f26b1&ip=82.199.130.38&item=5A4A8557-12E5-4FF7-BF43-A6DCB5F558A5&crid=5A4A8557-12E5-4FF7-BF43-A6DCB5F558A5&size=1920x1080&profile=2A9D2C49-0654-4466-A9CE-559AECCA318A&isopt=0&adv=Advertiser+1&dsp=Local&dmp_pr=MA%3D%3D&extclick=https%3A%2F%2Fz.cdn.adpool.bet%2Fgo%3Fz%3D1371652588&extview=https%3A%2F%2Fz.cdn.adpool.bet%2Fload%3Fz%3D1371652588&dstUrl=https%3A%2F%2Fz.cdn.adpool.bet%2Fgo%3Fz%3D1538649218&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0 HTTP 302
  • https://z.cdn.adpool.bet/load?z=1371652588
Request Chain 189
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db4cf4b70acba59f7 HTTP 302
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db4cf4b70acba59f7 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348%26partner_url%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fuid%253Da58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348%2526dc%253D0abbcb4eba840e59%2526fi%253Db4cf4b70acba59f7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Da58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348%26dc%3D0abbcb4eba840e59%26fi%3Db4cf4b70acba59f7 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&dc=0abbcb4eba840e59&fi=b4cf4b70acba59f7
Request Chain 193
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db4cf4b70acba59f7%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253Db4cf4b70acba59f7%2526uid%253D%2524UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b4cf4b70acba59f7&uid=4695938005620185403
Request Chain 194
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 196
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Request Chain 201
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7064435012117703281
Request Chain 208
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e30a3ab5-eac6-4c1e-80c3-1b64bdc5d675
Request Chain 209
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=975ceab5-d0e7-48fa-9bdc-5c367f0f0a8f
Request Chain 211
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=9155233303628206019
Request Chain 212
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=22e745db-6d58-41f3-b6a4-0d874f0d434d
Request Chain 214
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=7e78147c-0dbd-41e0-bd71-8ccc9477b6b0
Request Chain 215
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1657609215742 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8385386429
Request Chain 216
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=bb260eba93a0441fa3afe0a58a7babec
Request Chain 219
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2d7d5c2e-cc4b-47eb-84fa-c6d1756f4feb&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Request Chain 225
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=23b7d37d-d3ee-438a-89a0-69333cb1dc00&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 226
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2129b988-513a-4a67-490d-ab5c1562bc32&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2129b988-513a-4a67-490d-ab5c1562bc32&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=05653383960842244761962696355871741144&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Request Chain 228
  • https://bn01.er.bemail.it/zeotap.php?_bid=2129b988-513a-4a67-490d-ab5c1562bc32&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022071211-52830-0.158256001657619155-c2abfe15d35fc6c84487d4773cafcbe9&zdid=533&env=mWeb
Request Chain 229
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7119377367994267794&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Request Chain 231
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2129b988-513a-4a67-490d-ab5c1562bc32&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2129b988-513a-4a67-490d-ab5c1562bc32&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361&bounce=1&random=1619767107 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=OKqSQR38GyUEgRsrXqEXZO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Request Chain 233
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2129b988-513a-4a67-490d-ab5c1562bc32?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2129b988-513a-4a67-490d-ab5c1562bc32?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Request Chain 234
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-9xtrCqRE2opkWinz1jfoQmb5GlBh17fCFQ--~A&zpartnerid=570&env=mWeb
Request Chain 235
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=NyBbmvkNyxHMvkhhwIfnC7tctpic7q%2Fz%2BS41iYitP1U%3D
Request Chain 238
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361&_test=Ys0cAAAPhVT_HQAj HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ys0cAAAPhVT_HQAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&_test=Ys0cAAAPhVT_HQAj
Request Chain 239
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=cf1862cd-1c00-4d00-bb02-6b27a9124e72&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Request Chain 240
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=O88oX77r&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2129b988-513a-4a67-490d-ab5c1562bc32
Request Chain 241
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2129b988-513a-4a67-490d-ab5c1562bc32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2129b988-513a-4a67-490d-ab5c1562bc32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&dcc=t
Request Chain 243
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Request Chain 245
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db4cf4b70acba59f7 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348%26partner_url%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fuid%253Da58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348%2526dc%253D0abbcb4eba840e59%2526fi%253Db4cf4b70acba59f7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Da58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348%26dc%3D0abbcb4eba840e59%26fi%3Db4cf4b70acba59f7 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&dc=0abbcb4eba840e59&fi=b4cf4b70acba59f7
Request Chain 249
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db4cf4b70acba59f7%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b4cf4b70acba59f7&uid=4695938005620185403
Request Chain 250
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 258
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D7c1035b3-1cd9-4669-58cb-e54497976b92%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=7c1035b3-1cd9-4669-58cb-e54497976b92&zdid=1361
Request Chain 261
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 265
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ys0b--UUM4kDusOwTjCe7AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOsVth5RtiUPf6ln3CtgNqQ&google_cver=1&gdpr=1
Request Chain 266
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&dcc=t
Request Chain 269
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=304c5ff3-d443-4d43-9b09-1afe330d6c3d
Request Chain 277
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2395229435552301717
Request Chain 279
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&dcc=t
Request Chain 280
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1657695616&gdpr=1
Request Chain 281
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=ec6be229-b75b-31e3-b7db32cc
Request Chain 282
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 284
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3165299387303551005
Request Chain 285
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=2e657114c0662886
Request Chain 301
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3165299387303551005 HTTP 302
  • https://a.audrte.com/p
Request Chain 302
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=&google_gid=CAESEFqqXWXs7FP57itWYYe5_E4&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 312
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3165299387303551005 HTTP 302
  • https://a.audrte.com/p
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=&google_gid=CAESEFqqXWXs7FP57itWYYe5_E4&google_cver=1 HTTP 302
  • https://a.audrte.com/p

326 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offside.com.ua/
Redirect Chain
  • http://offside.com.ua/
  • https://offside.com.ua/
164 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
278b654444df259096a79624ab2e21e427234a7b98bfe89b853f84c057ab3684

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7297e682f90876ba-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 07:00:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://offside.com.ua/wp-json/>; rel="https://api.w.org/" <https://offside.com.ua/wp-json/wp/v2/pages/3775>; rel="alternate"; type="application/json" <https://offside.com.ua/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHfeGInXbpsr9c2fblanzO%2Bz7S4pli3Xo8lHzMc72iTb5rBTDCPorjxRauoUfOsi8vwYGvYo%2BlyDvo7JT%2Bfq6v6kyGXwqgpHAVn%2FdfADZ6rx6agmLE9US%2F5dpwGnsbYRP92sevka04hR3LvvAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-pingback
https://offside.com.ua/xmlrpc.php
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
7297e681feef7488-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 12 Jul 2022 07:00:11 GMT
Expires
Tue, 12 Jul 2022 08:00:11 GMT
Location
https://offside.com.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzOvmVsvuH%2BaD%2FPZEyObOgJF%2BJ7%2FHzw1tlPIIolcuCFRMV1zZSceMtMtSKSF9W2gButYwCJY1eImnEYPHDmxVdJWghzHvNJZ4vXMwxyIBeat%2FQTgydSvSrOmGbo49bGu8oRwTHWIHKot%2FVefjw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8fef8c3db2ad309a66c5985fc9a74b186187cebe716932d56c605faab903b6dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69134
x-xss-protection
0
expires
Tue, 12 Jul 2022 07:00:13 GMT
style.min.css
offside.com.ua/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88661
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 24 May 2022 21:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJiEvJJ8zXUGs9B6cgs1FGgNhg0Y6Ebh1GarYShOjsLmXatgzfV1vDm%2FQhm%2BIB7fuGZnrjBZ5ZIj53cS1QmATw2%2B3JJj6%2FCR4Q%2FTaBunYG1PH%2Fo1gkmYI8PaBRXS2YJxIym4OZ34I6VTTgSfWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68fbfc376ba-LHR
expires
Mon, 18 Jul 2022 06:22:32 GMT
wp-emoji-release.min.js
offside.com.ua/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 24 May 2022 21:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUih4DKs56VyBrDfkhtHMyJarUx%2BJZAPYFGvRm8cR%2B%2Ff159GR9qV3pZ%2F7Q5QuWXpuQJkrizxQxi60isqKWJkPDMX8Iuhhv0dLffvKQJPE2DR5775ID5%2BW2kKKUgnbMFPHY3csXrtZ%2FXOcqb2NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cc688a7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Jul 2022 07:00:13 GMT
main-custom-1464ba8a0e277d8820e8bcf7034a7fe494d8b7276d9fe55dbd738935741aa90f.min.css
offside.com.ua/wp-content/plugins/anycomment/static/css/ 		72 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/static/css/main-custom-1464ba8a0e277d8820e8bcf7034a7fe494d8b7276d9fe55dbd738935741aa90f.min.css?ver=9b87b6e21a74caabf02f75b28bb0fb66
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5fb47e39b757be7fd84e8b5b1e0f6a2915cb234a8c3d0fcae5df712e954606a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:17:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BhjOyTUAJvZhn2r2odvng8cnkKhpXKWxldeTOk2cD2eh3C1w1pNjuQ0wC%2FPcQHhRNllLjWyRznwL2yZaZO8O9m81RVKUro1N6k4OnFNcyIvq4kyjDJ1PPkbvO7jYjB0xZZ%2BuCfp1E3HwhDnzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68fe80476ba-LHR
expires
Sat, 16 Jul 2022 05:40:12 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700&subset=cyrillic&display=swap&ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 07:00:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 12 Jul 2022 07:00:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jul 2022 07:00:13 GMT
styles.css
offside.com.ua/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
235704
cf-polished
origSize=2731
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Jun 2022 13:26:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klEHg6ByUrS42DBFmi4CzmhWAYHu0ZbkqoQSKl%2FQ%2FOiQ0M3xgiqbHYQyRBhLPSq9kV0qF%2BkvMBaAThuxxWrW9b%2BeSqzVicUqsTAe46kzc6Q7RBQ6dGGQg6Kvp6sJtwaX2jjvSQWRK09ft6cbXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68ff80876ba-LHR
expires
Sat, 16 Jul 2022 13:31:49 GMT
rcl-awesome.min.css
offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d94be650a5c60bab1cd8019486a3e88695f59d181b3b8fa30c8f5abb6949c44

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6G9Div8NoIpwp0V5JOl8tIw28wjVkhRnnK1ZNchzu64OxK%2FLuDM%2B%2BbQBB2tToU3GKFB7OjWVP99TYLrHL03dqU8H1%2B5dj2qNpKQlemk%2Bjw2y%2BbGjW7Eatov6enhv05EnzO5jtPJNtswTsZF%2BEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68ff80a76ba-LHR
expires
Thu, 14 Jul 2022 05:14:45 GMT
animate.min.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/animate-css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324575
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnEoPOGK69UiwyVUyLwYa3zRfPyK%2FKlFvNr4uTMJyZ10e2jvcytI%2BtenBBDPs6rA9PPDI62rAvLkhP4ZgPx7pDP5NUfbBjlI5iGR0SjYOO9UTHanS1Jb%2F3KfSoTb%2F9ADB0A%2BDaay%2FsEk7ZE43w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68ff80c76ba-LHR
expires
Fri, 15 Jul 2022 12:50:38 GMT
core.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c40c2335d26ad0f3b506969c3a67660523d137b0c8cc198911c2826a27316c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324575
cf-polished
origSize=51449
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s38ahCC2o61x7otK9i5B3d2JKeZsNOXHp4rFz3ezCjROUq09uIhQM%2BA3FLvYfCPGfZd7QVIj22VO6AZlto4L5hA3PEI5REBg%2FLRjXahbq%2FzCVp3L05k1N2a5WITjzHb76cym5DGnzMIlTDHcTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68ff80d76ba-LHR
expires
Fri, 15 Jul 2022 12:50:38 GMT
users.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4c1d4ad985cef08104a09919ae8be0221ed3a7ddde5654213e464ae4d944a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88659
cf-polished
origSize=7912
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGDSOoBBhLtt%2BLl%2B%2BaddV1HzMd4TsTFBt2K0700790p39Fc%2FGZnE6EBIvQZ3o17EQoD5XQbWrMxhmi3q1fJDvZrYXSFhoOaC%2B%2BlFZqyrSY2Ss8VmvaTflLNe9Y4SRZQBcEEB25iq8Ikcfge9NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68ff81076ba-LHR
expires
Mon, 18 Jul 2022 06:22:34 GMT
regform.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c51778d96d7c463d5ddef2a8877c63f3dcfb28fe54270fbf5d1df4540af198

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59771
cf-polished
origSize=7410
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdYPHBaq9fmeTUqgeBA3tKzeccs8RjsmLztUMGrSvp8GGwnwqbj6RNCLVnpLqOwbV0ejsDFRUsYqno8N%2FHnc2bDbUHUAt0PXB0xZvg8Xfw9QK3ArE1W1Idoz9NPXtf6s7%2FwMXahB4NrmioMBqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68ff81276ba-LHR
expires
Mon, 18 Jul 2022 14:24:02 GMT
recallbar.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/recallbar.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e9ae1458b36ebe857373cbeb07e1aca3eebc0cf67516c1c841cd98495fbec6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFQ%2BeErAtb%2B74wn04pEtkzdrqdz9gL%2F6acpy%2Fq%2B4moy7DoU2WuYWhnD0rjk6xEwayReT6%2BfXW3HyS5YJyQnOD6fP%2BeSb1tnzqHW81jCRKhsNf5dnZ8RHBYapzJwrKFZ08ZP8pI9wPKDVIWQGhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68ff81376ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Jul 2022 07:00:13 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/theme-sunshine/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87038e38170c8ee523a5abcfc8c0a25ef98523caa85851b24ed1e195f90f482b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
235704
cf-polished
origSize=9774
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzpkyfyGgP6aHqfaWzI5RJ6pnZhex9oPRHaEUryTb7AWYXWje8qeeRDy%2BmoHv75LxYBwFQHziWojdwAijNR9sVVtTEsPDeI%2FuVpoG630Y2GB75lKLUI%2B7jxTACx3GxY4xXRK7gNzmTpcFvUOeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e68ff81576ba-LHR
expires
Sat, 16 Jul 2022 13:31:49 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2438b4fd59796fa354af36092272f00a446507a7979243c7849dd589eaa5f1b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
474439
cf-polished
origSize=8701
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWCXSkQMl1WdzMzZ9j1u%2FNwDH3oI0GaXLXEqPn7qnMyQ6LowczFFKCCg%2BpIxNmuDBPSdJS34miSI1IIgYgFnv58EPTdkzK5QvK4Ec0qsIEPKkUgBvYMPRSNBFigSK6ARY3QAA4UkUQHZRvOnyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690082476ba-LHR
expires
Wed, 13 Jul 2022 19:12:54 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc8c33419378a34dc5449ee25e421efe99767a5d5897e3c4b5f3a14ee15115d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
235704
cf-polished
origSize=9252
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBHc%2B0LXh2S0Mgl3rxWaLVKrRf68%2FFR%2BMIgQn3%2F%2FT%2BmssAe6%2FqZic8stwu5tBdnKFBsJW%2FNc1boeO8Y527VL1J8hvoBch9BMNllZaoilcWl0wnwuqEI3LW4amUzF%2B1%2FNEJnbzETechSb32fBMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690082576ba-LHR
expires
Sat, 16 Jul 2022 13:31:49 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c91639d6dbcb6709cf1878dd5b3c7a84071470c0d31dbf7ca84ee01832151

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88651
cf-polished
origSize=13356
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbQu6BEWtj3W5cVsGkwquinJEHciNSUvPdlxWOokViAyZx5U%2B8vFd%2Fp3sFc2epKvDGtgoAXU36ezqAFtBtnIJt2v%2BukZhfsoKlwtqDxlEIRUy4F2rUhU9hqlTBQ4BrdBhcbpKkTbEHrxMeK%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690082676ba-LHR
expires
Mon, 18 Jul 2022 06:22:42 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/prime-forum/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/prime-forum/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd6281d1ce9156f54a02ab4ede62b9c2e3f6be56fe38e20139f1b58f1ab4458

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
334526
cf-polished
origSize=6509
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXO%2FkHpK7gSXOdYj195jWMQjuBhU91f4vxK7c23vt2%2BJBTc%2Fjiz9TYF87iwm79ZQOOMbVTITrL74azDXc%2BHkxdcbDCo7XMPHv7kizBfec%2BpOuHqir3H0qtCoaAzHX7gLF9Fq%2Bfg2oS%2Fd3jwODg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690082876ba-LHR
expires
Fri, 15 Jul 2022 10:04:47 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/prime-forum/themes/prime-first/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/prime-forum/themes/prime-first/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62935cf553792a615bc5324e08cb2403106d5441a92a5de2295080e77c3f42c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88656
cf-polished
origSize=17365
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDKG0WtyAW3E7goWGhJ1DyXF6kgTdfVvC%2BWzJcLICO5qX%2BVzRJIdYoyiVLgDPpugFP7Ni64uG%2BjfmPez7S1V72eYJ%2BKPeT3e1PofMNN3H50ne%2FstCj7AgbtWj0c2DfHsa7UzCqtHcoUTgH88og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690082976ba-LHR
expires
Mon, 18 Jul 2022 06:22:37 GMT
style.css
offside.com.ua/wp-content/themes/urbanmag/ 		77 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd692e17ffbdd6c487f570808045f74c6d3b93d61b6cd7a0296ae8c451eacd0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438328
cf-polished
origSize=93053
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 20 Feb 2022 20:14:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UK0U9YbZVsORAVFXoohTVVy52qCMmEMDqrmNFNXVPJuUKCFHYS90MO90KoXAVtEL7ZkdFl9GnHoJpLhLTXBK8dGLL2oGf8GQC3os2E2XCCCE7d6s%2BqHacrBaUspoqMmvAiPXPqAxxTxKiUKrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690082b76ba-LHR
expires
Thu, 14 Jul 2022 05:14:45 GMT
css
fonts.googleapis.com/ 		14 KB
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9c0f2238eacfa69a93f98b77a31ad1da5631e66f791ce11c576eabed30410d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 07:00:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 12 Jul 2022 07:00:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jul 2022 07:00:13 GMT
css
fonts.googleapis.com/ 		3 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4e735eaeeb3dcf7bfe26c0a6990d0e162bdcd06cacab1ba8ee0c234ddae328f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 07:00:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 12 Jul 2022 07:00:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jul 2022 07:00:13 GMT
superfish.css
offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/css/superfish.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6de8fdce0389adf4da099857373c7419ade67e4f9854fa602a97cf5b3d6a206

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
474437
cf-polished
origSize=4622
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BeSu1rkwuaAw4F9%2BNZWtwG%2F7c8EU8lD7R5RhZxarQsqCO02UKgTgnrrFNE0gD%2FTMjDsk3yTNXtw2gtn7F%2BtMcUToWbe%2FVqTW1wQyhzFhe8eonkKrwmJlIrgfWe%2FDtmuh8aZJFaIVyu9vLnl0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690082c76ba-LHR
expires
Wed, 13 Jul 2022 19:12:56 GMT
component.css
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/component.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6039ce729a6c8041b44b7285bf244469b4d369991d6ad1f63711d079dad29b07

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
150452
cf-polished
origSize=15900
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GCo%2FG%2BuNkkaza3yqvNpO8TezwHk16I0wfWw7l%2FH5nWIP%2FDArSxrEhrplq8Tc6JrxEGhKpzbtclzHDOVI6wy%2BnZwDTTYcr5egGPEXeGgEgs1xcfn9vowozRkm1KSxw0qrfnIt5mLcgj1hr3I8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690082e76ba-LHR
expires
Sun, 17 Jul 2022 13:12:41 GMT
font-awesome.min.css
offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
429596
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0LgmW8E3d2qSC7r7QRbajYl1Oc0sY0JOCttlAJigvh6bpPVDjWv4ty6x2oAwuL%2BPT5EvneqcKoMhcP%2Bh2pdSmAvVI6XePtOIiUCa5lL3qNAGN6TpzolH%2FfViHKKLdcpgZSvGYDb73yf86qZkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083076ba-LHR
expires
Thu, 14 Jul 2022 07:40:17 GMT
jquery.fancybox.css
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/jquery.fancybox.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce087d1d736beb8d869939f28b6be10aa4660be34796429d59150527054b500f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
436446
cf-polished
origSize=5633
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Apeqg3Vd7zs5N8AnLdlW%2BhHRhIjPvdMoQLfVZvHYyY8kvDQWWktGbrqTbYzkpBs%2F9SSL%2B9Wh1CZIrGSM5O0qYjvgFXVBYL2uESXSmRtaCMrrxs4ORNAvp4iS7HqITSeLWm%2Fks3i8HGvw%2FzE%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083276ba-LHR
expires
Thu, 14 Jul 2022 05:46:07 GMT
flexslider.css
offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/flexslider.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4640640359f504d069e542951660e3aa43220471c2fc5a27a3aaf7e414cdef4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
150452
cf-polished
origSize=3632
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDe43T8gfI1wwN7Z06IXPicWp4aktFPNMPOoW%2F49KcvnRG2iVhnY%2BrHffrfxZpgLOW05lmJwxtmgpFNlmBnS2UUA23oAgylWgZ9Vf7ZkgESW6DiCW%2FNWtFrWp6TA3YyVE26QDFZaX4noGuAm3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083376ba-LHR
expires
Sun, 17 Jul 2022 13:12:41 GMT
style-responsive.css
offside.com.ua/wp-content/themes/urbanmag/stylesheet/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-responsive.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5484ef447d51f1402aada17408f1a7322315241f3df6354f931242cd51450d5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88653
cf-polished
origSize=6666
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lfv546bLw3Cg6%2BBcSWtvQ6lozjU1bF%2Fbb9QYkyJq5EV12XbC9B35SsmnakKy%2FUTjLzQfwLGO2N1PuOR44atDSLWGaaMFsFfdHEtrU170wd7DivKOE9lskAM27jQJiT2SPoUA8TJxwJ02vZ1oig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083476ba-LHR
expires
Mon, 18 Jul 2022 06:22:40 GMT
style-custom.css
offside.com.ua/wp-content/themes/urbanmag/stylesheet/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a98725eceac39b7cbb8e6bc22060dc800fb77bf3c77a7c92bb4b24abc05deb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171451
cf-polished
origSize=40629
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 01 Jul 2022 17:28:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g77t9Csi2gYLgieu4ZI9JQCcB22RTB9Ans6mLTI7U3YfDb0D6V6H8tVur9U7YB4VZH9hL8HhsGcesW3PCVfo42He%2Fs6pmaWs0AdC%2BV%2FJ7S01GJ8waUH0hv%2Bd7zazrw88%2F0pSXF0VZZsQFna9ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083676ba-LHR
expires
Sun, 17 Jul 2022 07:22:42 GMT
sassy-social-share-public.css
offside.com.ua/wp-content/plugins/sassy-social-share/public/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.42
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7001aa094389a4e85c7b731e35f87a7a85f7575b2d69f16092f65842f3b68a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88652
cf-polished
origSize=9700
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW%2BQqBFt2ujTrasivuCxwPvv26eIlONg56PKl9PewvsgQEFKViuFs24JE23rsY85deArRny7b2Hx2iS1K0Dmf0U%2FfpoMGUf%2F8rLldbFSHyFz8p%2BHYsbm1jV1WeHFkv2t2S8ZwrsZHS38FZckYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083776ba-LHR
expires
Mon, 18 Jul 2022 06:22:41 GMT
frontend.css
offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6dc0b8e451822061daba4be79dc084125a2810b8f3bd7a520c788eab3d5377

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
502193
cf-polished
origSize=4181
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETeifG71ahqzOebc24JlsGFrHOVrGKhPObVwMZJTLCGuqAELjEo0lJu5Eu6dICBDWBavMWzUjHGErj%2FHN8SNBwzK5%2FugvpLDHJaOEFJ%2FxIdNJ64CKWIj%2BMmJQ7CZ35BvEcBcYGLfg1vVYh7I8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083876ba-LHR
expires
Wed, 13 Jul 2022 11:30:20 GMT
masterslider.main.css
offside.com.ua/wp-content/plugins/master-slider/public/assets/css/ 		55 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1285c19a66f8d009fc6ecdbd27373eaec80e05cb07cc75d47554f912b2fa06b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438328
cf-polished
origSize=64689
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Mar 2022 08:19:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSjk0HGlVjyH5N67g3G4iJscNcErqNKO0Hv65pjgUkaPGrPvkfqFgCgUoN9qL1bd6Md%2FicJ%2FrVWoDbT94812bfZ06kOfYqfW%2FvbZyz%2BW81yNHhn%2BemsMSOUcfQAuM0mwSMfg2nGljzwmHHWxvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083976ba-LHR
expires
Thu, 14 Jul 2022 05:14:45 GMT
custom.css
offside.com.ua/wp-content/uploads/master-slider/ 		0
358 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/uploads/master-slider/custom.css?ver=1.4
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
430800
cf-polished
origSize=266
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
last-modified
Mon, 14 Mar 2022 08:19:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6Go%2Bf51KX%2BZbjKgsnWES2h2VrZtUYwaMbyR0Aq9RmJzKPjZP9ebtHjfep9fZSCXFXQewhgcp57BhaOt%2FnHs%2FfdKNl%2FSri5OYMvEKy424mGhg4pE7O0obPy%2FXBStrvymS%2FpGndfyUvk1YSf3pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e690083a76ba-LHR
expires
Thu, 14 Jul 2022 07:20:13 GMT
soccer-info-front.css
offside.com.ua/wp-content/plugins/soccer-info/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/soccer-info/css/soccer-info-front.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9657b0a8fad94d69d0317ab203423ac22731eb3b4116482acd110ab96f976563

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500749
cf-polished
origSize=12307
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Mar 2021 16:55:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpSY0rkjKCOiApYOP1%2BG7474H7gnDhmMToXgOARf3UVNYu5pHKBS%2FYC%2FXTzXte9Q2LrJ%2F2ltTG5YCEbAKAJhMvo4It1iXgBej8kCEFiMUY%2Bj%2BdcdnrP4ogWUfhoYGZDgnwx0PsjumdGibRxiQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083b76ba-LHR
expires
Wed, 13 Jul 2022 11:54:24 GMT
frontend-gtag.min.js
offside.com.ua/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 Jun 2022 06:06:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbziR%2BcfxD26dUQsAXhgHGe23gV%2FaShN9Hx8UWYxPLBiN13bQ2fa4taTiP%2BXNkAJk1shwrvcIeEuoiAB%2BhvJgIf3FsZS6cef0W2DU2G2NWnMaodlqJzzwkhuJd2Df9BN0ZqgxPLqmodwUTNR9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083c76ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Jul 2022 07:00:13 GMT
jquery.min.js
offside.com.ua/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79021
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 20 Jul 2021 21:37:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TN%2FxNCVGMDP7EabMRvpZCfn8%2BF3M2zma17IF7OKcUvrX6Kd8D2E4FVMH0NLmbxeS2yc5Wm1iL7J4MQgjJt%2BCozIyWMSMeNSChr7wxj%2BuMD%2BNH3eVhMHjiGogYWR22N1JJ5cnQx6EX4EyrVnyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083d76ba-LHR
expires
Mon, 18 Jul 2022 09:03:12 GMT
jquery-migrate.min.js
offside.com.ua/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Nov 2020 12:36:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDnIMbhE%2BSmzGnHCY0A4gh9M5B1hdZdru4%2FHmvs4ETECBR1kntNMgG9Ln7QfjyhjeOpjN5MK3BBkRhIydUZG03Kio4%2BNa82CEfvP4%2FvMIt2dha9BbJi%2FytWpDA2J3NmJ3wbKHx3wmexlmCYpbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690083f76ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Jul 2022 07:00:13 GMT
core.js
offside.com.ua/wp-content/plugins/wp-recall/assets/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b10eaf10ba9b818d7125988aa3d5e30f0094d53389b8ab1fb4355bd423044e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171451
cf-polished
origSize=49797
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDca%2F0vxJAGIGHRyNsEA%2BrgoIKg%2FXLb05ZiBB7I1Vt0lWyjFtkbagPpIkU8Ueb6Du9q8CAKTV9TvkM%2Fud%2BKtP51bR18wYcB7bh5uM6OCpGQwH1CpNOQFizSr5dlHKFBcnj1byNBkO%2B3wm6VECA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690084076ba-LHR
expires
Sun, 17 Jul 2022 07:22:42 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/assets/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eabedcff1f323472f8f19e8269ea2bb08db98e4ea2fa9c18fe6c813938cb335

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59069
cf-polished
origSize=16886
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBfjyr3XZafGNugTR6CJvJgDRCnnTDdpkZOBqdrRDof2lPd%2BNmug961JcyCNh9KR00886pUb4Jyu6aEBa4xvvPzwn3IVWzr6OzX%2BXVFyHorQ6vhnid7BlqmmKFPF2mVNa1tFxF5GQ5%2B%2FUUdW4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690084276ba-LHR
expires
Mon, 18 Jul 2022 14:35:44 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/js/ 		1 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff72d97681087613a8ff632da8a55ead188887ff0fcdfdfa819ac479b47ba5f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264000
cf-polished
origSize=2263
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPG0dMDrREmpI5sT4cUHq%2FDiugCUBhLXpKHC34jabPN5jM20902dGZ3fq7IYu0xlPboZlQ7uhqUGkEnHtd4dSkw4av0Nev5HLUuBkBljKHPMu%2BvUK7gm4gcPxxsOX3K2foKMrVg7Wk7Fi5Xogg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690084476ba-LHR
expires
Sat, 16 Jul 2022 05:40:13 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf646718da4352ccc6d6044501c89e83a270a597c27b0f0efae7e62cf0e71a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59069
cf-polished
origSize=17363
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANzPmHD89rSWx%2FGcU7zBWxT7SSsX8Z5G63tMKbKn41MHw3Xxf53XrmzguZbjul9e38JZMS8uBx4x7Qg%2FuBu4P1OZ9Of%2BXqcDWzPbjkeF9tF1veBMLcnMRJmXBjEWBubn2ZTbkMT7gKyDXF2cYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690084576ba-LHR
expires
Mon, 18 Jul 2022 14:35:44 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5346e1a1343f6f33d953371d82c8c8a7cc5e7e07a58689ec49d7d9e4452c6f7d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk%2FV9aj9z8yezO6U%2BkcTxWzN3onyabH%2FgLsW9p594HXZlKEVnx%2F3b5DleyCNjU%2FQAd8xZgzq1vcYN%2FWU6IM3K5BEXXoMsqQuuCiaHDGB%2FCa4bJCXNvjPUnReNFObA4dn0%2FNbWSBV%2FAYYHmYnlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7297e690386b76ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Jul 2022 07:00:13 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-12T06:55:28+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:26 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
faeb680b5dc7c4d7212e4da47348669c3275b7a426a608b007746a1983dbaeb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70478
x-xss-protection
0
expires
Tue, 12 Jul 2022 07:00:13 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfa823c0d78ac3b77487ff83ad623413f7fcc931530e1fb269ee0902b104722c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56482
x-xss-protection
0
server
cafe
etag
2232505698027772707
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Jul 2022 07:00:13 GMT
1-min-1.jpeg
offside.com.ua/wp-content/uploads/2021/12/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2021/12/1-min-1.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c3747d29a27dcd07c6cb7d4dee61fccb8de904505e145bce04230b762190e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
241119
last-modified
Mon, 27 Dec 2021 21:05:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMGemunz2DVa9mWv14njqrPLLtQ2rRT6zaajOWOIHTF8ygcAti%2Fgsh1Oc06JDNenNm7XVsaUFM6WMD1Y8cvsNB972UpGujh925LPRzVxC0vWqFOmWRluxHvfP2LVKPwXGhb3S4KfbUnAx02ZIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cc888a7-LHR
expires
Thu, 14 Jul 2022 06:52:30 GMT
facebook.png
offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/facebook.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f616744c5212f524a7ff47e22a04d7f2ba7b2075512f932923a3fad65040150

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
150451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2963
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAKZ6XmH4gUBu6mbeC5OX2Pv1M148Nx4CAj8VYYRqorya7bQ1YsBqhbFE4GA0e4YG%2F%2FT3AMsENd7glIM45Q9lLhQqYLEdUUfDPM3wg1OZ2lSTa6jXPWrGnxBmP0VWbZoyBasFYXs8bH7N7MLyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cca88a7-LHR
expires
Sun, 17 Jul 2022 13:12:42 GMT
twitter.png
offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/twitter.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52258c13dbe41865ee9bbd68e4e15cbc2105e276b5bf907c76b308b1bb952a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171450
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3146
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAIpKTHLJsz1zQ4ngAtLoUKCJyA7YK55khXdxIPGxTWdcsDZJDd2EgrXwxIMxjsJGkITOJPqw58BKsNbTjl4ZpOGW57rZ4xdAdBv%2FuVJQvgxMcJodwrVsSVFHBMGISMgf9W9OocFb66QszSpeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ccb88a7-LHR
expires
Sun, 17 Jul 2022 07:22:43 GMT
logo-big-2-2.png
offside.com.ua/wp-content/uploads/2021/03/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2021/03/logo-big-2-2.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5de0ff9f66605a6edd3434522aea6f05b020a1de93e7b3b6c8edc9e54b63a89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88646
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38108
last-modified
Sun, 21 Mar 2021 09:02:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikLEXrlLEGrlE5b7o6xdCpkNnrQxk3ZXPccI37sKXcqWFRjtD21MKcps1C9w7XXQDYy7kob9%2F3fPrgTw1CYwTNgDRXUn0A3tpT3arL%2FqBiv3lYqo63BjS8scmNqhs0%2FwglrYL2Quera9Rflmzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ccd88a7-LHR
expires
Mon, 18 Jul 2022 06:22:47 GMT
7336-670x456.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/7336-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b17b3f7aaa61b87daa3b93bc11b64cd6536958c69e1ae3d6c89b8c0ae192980

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44832
last-modified
Mon, 11 Jul 2022 16:12:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmMVx%2F%2Bd5P0zGA5HgghjxEbP839ktOz%2Fkukcl8Hf6S%2FkF6Uuey%2BVwfqOt%2FfvJsqbMW32j1%2B%2BR0BpooVzQh7fkzHknU1WFFvXtHFzBczqJgEIyu186BCPQmfG8FglhEGgFRBuj39vGL8FS8I7tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ccf88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
mandanda-670x456.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/mandanda-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fbc598e4a1591e0b0d4a37e2bb5b3545d0695413c7b4b620bfac9eba13d7e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35412
last-modified
Mon, 11 Jul 2022 16:02:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it%2BrQexSOOWKf4NaQewnHUcZ5T1dyEdyZ5SHRegMIMpFPCQu4qxdOr2bRmN4ryZYPuIn22rFIf3EATCTV4tI39ZpgSQ8Mbb56B4hmaedfoGUWtJ8Xh7%2BndfyX6TqZv1tUmnuziKajwn9sXzMjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cd088a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
kri-ro-670x456.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/kri-ro-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa68e2aa20f49c2941d9175f69d54b472d86db7c69b048f040263aded7ca694

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33689
last-modified
Mon, 11 Jul 2022 14:43:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sehsiffDeperk7LWkIfvNSAC7c%2BG42dU670SuFHsEGBqGKtz1NjK0NhEU%2B1WpnyiKGiITScqbcDPc9Jzuf3oavjffHVj12D0W5Nr2TNw0tKnlDQ3uIg0h%2Fs8s6UsNbEEEAYuptCc4kuYY7Xzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cd188a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
43552-670x456.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/43552-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ba4cb5383e0757aa5be26ab4d85f048e2d027a0d3f5f567c91c5ecd1b515d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42842
last-modified
Mon, 11 Jul 2022 14:32:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HciBhEQCotd15ucCO54l4KgvwjCMCzNqEKE%2BnxtFGqyb92VfSZE8E4VsWvVTrXxYkMoru79eeOy9M08NQnTodFleWrQ9loKAfRwlJ%2BxI3MicozRNPHcNqSihveT3EZjxfn%2B1L%2F8%2BzYtiqAGnoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cd288a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
scarpa-670x456.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/scarpa-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7ddc211091d3a157721e4e9dfb27ac4c9cbee13616967d628c5f773ab85e4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40789
last-modified
Mon, 11 Jul 2022 14:21:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8fVJTW686soa7Jgx7GNaR%2Fvp1jtWY65%2BMn%2FFfkLpHrtfNUsVW4N5NROTnRwBh8UAsAk0zuW0%2FnzycYhYflj6Qw3hENC0InIN4Zgio5%2F4wZWtoChnhfWu8OQpMLkMfq0UP2Z8QQS%2FC7jg9gvPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cd588a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
resizer_16574370955191-1-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/07/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/resizer_16574370955191-1-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b540a98a0557f1f1a7cfac516193fb46f0046583af0383ef43025f09e41583de

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47949
last-modified
Sun, 10 Jul 2022 07:13:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tc%2FtONpKmdx3Iom0nPUVOnduUz8pywen3VXxY7jz%2FK1%2Fm%2FYB0VPRcqLfIX0%2FJgmaNknZby2S%2BdaP3FJrSMIOOQLeklNrtV1e2NKiggKRjNOn9pPBEWe0q27ylhR8L5XuFXtbCJl2zqaZN4Ghpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cd688a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
resizer_16573904539681-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/07/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/resizer_16573904539681-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df83ce35b983dfe68c149b53116041586f6060041f29c48f07c8f666af9c6b37

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49019
last-modified
Sat, 09 Jul 2022 18:15:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUD6wkYrTzhMlfWYNDAaxxDAuNUV5WgQ1gn7TTvlkJ8qEJBYjJ625Cc9N5Ovt2FUmBxfMsg2BDwmA13%2FeZP1lXf9xlRU9GHRtKsUQHSNmJCi8B%2Ftn05onI9H%2FEZguLOd4lDa5TTpGabiQirIRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cd788a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
dibala-670x456.jpg
offside.com.ua/wp-content/uploads/2022/04/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/04/dibala-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27229c8ff535c38b69572aea4474a7fb051cfe1f1f40c0497add14f13f65a92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42138
last-modified
Sat, 30 Apr 2022 12:55:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmlJFIqKvlEhCbSJ0NvFH%2FshLmHSkRzpWB4U19avScARfx5jAQnZIXYkgevT8F9sj1WnSWKd1DMmY3T5aRl%2FQAAVE%2BYj%2FdLnsocp8dPSSlVoTE8nn6wLREtSEeWQZ89HX4KkkiU1gHAonpnZPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cd888a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
australia--670x456.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/australia--670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aca1a09ec1670859e73d7c8e95a38e3d7a980dd82a6a2ddf68a72d3be0eb2b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
61518
last-modified
Tue, 14 Jun 2022 06:33:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldgm8VzgmS22MSAliw1wJ9nMqlxXkF1qyYkfjvr6%2BX6DAXbCwRptetcOV9utRnkLubjOqnTNle0VLKbpK3ur14mlpBCkUYNcWkGa5NVQi5TeZGDT2%2FPNKXeF7Kidc8ocvi6jqcVL30COz6HecA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cd988a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
resizer_16549590408961-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/06/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/resizer_16549590408961-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4226f72116bd7e494b7c9a5f22e170f222b1cb9b0736786ce1bf0d5b5a328b9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27018
last-modified
Sat, 11 Jun 2022 14:51:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bef6rLXqKd1b9OvVCBKcAZqlJEg1CfajBqEBLmfPLXYsu%2B5i%2BgNc5O39re6Jr0xrhwVvMq32sTTpWL4VHvKcdp%2BA2WdOFnJ5saY0rCYYQrAuVxlAM9iIaay77qLKxXKA%2FWn86Ub%2F9zsgtiDYLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cda88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
3333732-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/3333732-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7dedbb2327be817cb91eab8f15c83bac411f30f4fe1a88013bd85f940aff522

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31117
last-modified
Mon, 06 Jun 2022 11:36:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr8wtaTQohlleknMFKHXY7D13oEVv0%2BFOWP0FpGa940kfZ5r0R0r1%2BjacGwLHudHgyP%2F5CtZ%2Fr8FWSDCc0cSang8541fWOWsPbCqlBvo4PCyZ8hO0aVXuaZ9NEFgvUltjQHU%2FhDvVEzMCgNvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cdb88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
844335-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/844335-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e5179b2c1bccbc0928bd11c657e540b380344cefe963c98ce576e5ecd5d9fc0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17408
last-modified
Sun, 05 Jun 2022 11:40:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhzEhJ5W%2FHp%2F2Hf4TgCVc%2BtqSUbvQYcqz7yCeyvYxR2Q6jbHOLrFgW0c23aPmP7BDRLXRNiDAq1Nc2C8qxtGwpSKghViyrdoZub9Cg3NT5SnGd0%2Fm%2Fah2UQrcihAK4EVqKN4iaa%2Fackzo7%2Fl3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cdc88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
mandanda-400x300.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/mandanda-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c576aa0870358e504e622f1eb8bd23a788d51adb2d649e1751ba4c9ffbee7b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17867
last-modified
Mon, 11 Jul 2022 16:02:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ql6oqZbaFxou%2FGNjFssfvKaTzc6oPmGCq6sYa9iyhkYv%2B7wKGYz1zDHu8phvmnq6ptiBs5Btp7NnT5%2Bt%2FZP9bMuerup2fyijBdZp955SqmgQ2jgGF9VUWSXRlFbgSXHdHlRLoKkuckG44k7lWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cde88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
kri-ro-400x300.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/kri-ro-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a3c8221a48fa3cdc0f7baaef06532499f8d061facf5465c0d6d02bca09aa89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16084
last-modified
Mon, 11 Jul 2022 14:43:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISOhEYp6LOIqxbm%2Bx8Z7ZtH41VD1DS%2FRezR6AZ5HQsynBpBQ02T4fe7i7TNWOFoIJierzmZHuNVBGlRnTREORu2MmksBtgMLTHI9o9JBbGDcrfGwbeTgheQQMPC160PaVqj55TD0rRfFCLmVnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cdf88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
43552-400x300.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/43552-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad362a61df47cf8a878f2d63a6e94afc5809e489606317f59353031a8dad5c06

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20839
last-modified
Mon, 11 Jul 2022 14:32:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huDwlpqW0h1f%2Bfw8CIkH7CtWL%2FzD0yD1cj14qiJlHZKBGP5orkYHAYm4FMsW5IbFVEftDt0ChSp0DNkKpDQphbx%2Ba0yJ1hIizCCa27UtNdquJ1v6vLTAFU6nJwv0iC62bfrtXMw6G%2BL7DEXJzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ce088a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
7336-700x400.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/7336-700x400.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1298b9e957de0974cfedbce7cefca76dc7986856847f1593a32d8328916c54a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38842
last-modified
Mon, 11 Jul 2022 16:12:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSCaqGDQl%2FgBLy5ZmhK7WhzNRG487NFfa6FjPur1%2Bdf0DEud1rYyOZgYo7kWJXK%2BOt%2BIBEA1Sp90MjoqwKJeorpI%2FlKlx8YZ%2FLykNN%2FMJaLRAlNjHMCF7knKdoPF2QbHMXo8kkY21neiHO8TqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ce188a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
scarpa-400x300.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/scarpa-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
854488771daa7e0da365f12ba7771fcaa148f0b6d3e4cc96150ab3c94756a101

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19779
last-modified
Mon, 11 Jul 2022 14:21:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuWRYA8NtEpdm2zPzIqD9tatE3tSbP1o7xNjVd56NecRkk7bO1a0uXthhtnkVyZ%2BQ7RsTzacJVq3J%2FWPlA5GtB3dK8iDBcMYdwjGlY%2B55FmYhsV%2B8JCOYprmKHL0EGSqUX2DYqpkR8ZAu1UEfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ce288a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
654457858-400x300.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/654457858-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66cc4f5c0e8e3d6c633b9fda10e909c30d70238b8cca7957e5af2c04efd658cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18740
last-modified
Thu, 07 Jul 2022 07:27:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWm5YJkBXI2E8b8l8frhxSnBPi3w5rrnynqQKcCsSQjdu3%2FxNcZbDlbgmcBUdfXZHY3OnicLL4kyUPTDhtAG0bdQ%2BMPRF9imKK0RbL%2BLtCKuv4%2BLZufRy8718hkKqygangMqIkQhgXiOYnsVBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ce488a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
ukr-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/ukr-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0550c453d5f7713f3881f684608bc5a7a4226f2c924ae1134615c0314468525

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47038
last-modified
Wed, 15 Jun 2022 13:45:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqCKmaQNYV4%2BUkhf8SaC6Q%2B7MU0GRL6VFOKNNBrk%2Bt2jA%2Fqei%2Bxbet2GA2qCaGALIpR%2B5bUzTQOqxQPI8BMXo84ZRUwnx9KOlyCvAmX2qI6UX%2F9LLaZ%2BCjbUrS7UHWbGSrUDWzVJ49v6Xqwrtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ce688a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
ukr_arm3-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/ukr_arm3-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd33618d55990e248e3c821a48983c3432d5758deb93a6c231758b7f1e3f1b3e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32720
last-modified
Sun, 12 Jun 2022 13:16:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWqXyHlU1gqHJ3TKLZ82Y8Im2lPp4d3OZhrv%2BwVuNFjXMT22TLKHXui%2BjmpKTbn8zLtqHO8CYqR6h3bWCGk2nWPflhuXrNNVo%2BFGKcMVP5uFhGJytD%2FCPkYa%2FGAOsWH2MnUw5pS83N%2Faocbzvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ce888a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
vrv656-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/vrv656-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bab567b3903be4386028e78fe6e99876796d1a3f021275834041a2702a4d804

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28309
last-modified
Thu, 09 Jun 2022 05:13:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOK8b6a%2FXPU0UezzrMGjmSsT4IxbHzrIIMEh%2BTRssbqE5Jv6NkaWkQpHWFgLLuOYFOZH4jEgdw2mPiZawY0T%2FrXsQfnjrhQAKGSlc7eUU3R5Indz3xDr6%2BfTP9f%2BLnZ46z7PLNi%2BascvxWClNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ce988a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
lunin-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/lunin-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe7d136e70cb2861d42af1252f323fb95ffa3f3c506fd2c64fa78f034e10883

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18747
last-modified
Tue, 07 Jun 2022 07:41:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cC3Dzpn%2BW%2FxsrbNfKgwMP%2BU42nkI2RCYIiYXj8RVs0n0MKknKTJfYJr4%2Ft76PZGzHD4sYQvC4R5bWkRtKDrfvOIWguDPhEo9aiJvLgQTzHj65oGUaX8B7W8Ls8hty10GaKb47%2FvH8PIRHrEE1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cea88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
benzemavini-400x300.jpg
offside.com.ua/wp-content/uploads/2022/05/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/05/benzemavini-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6ae06e3c71a81bbee6cdeb804e123e386f924e0d2e090d2ee03f16768d055c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19444
last-modified
Tue, 31 May 2022 19:33:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXx9Q4TsOAVnaqrL5pjDo6kW9Vnd0hid9vHlUDlYBQGtmQQSCKJ5DsKSCb0Ep7DiKJZpbeUmR3atlWZuNvYvM1lXGh8YYqUJB4y6kyk40k86f4pr4Xr%2FVpvpG%2BhZ%2F28mAqUGTAeh3UCPspP%2B7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918ced88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
0-400x300.jpg
offside.com.ua/wp-content/uploads/2022/05/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/05/0-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3875159fa62bdedd2b91ccf9b615bbf1e1f2e9c2f9c91dc1bc301a05af6039a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22025
last-modified
Sun, 29 May 2022 10:05:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvTRpG%2BymHdWEZsycQ8RUIhy9xNAdJ6TgkBe4R6CHt202dke9tTn4sMCAJMqOzZZh3Kw%2FDdFQFMql899LfRYVUcMwbsxNvrABWJGnx3Ppnlv%2Bjtj%2FYzvPtMo6k1cD%2BsxcxnH0T%2BoXn6BfqDbvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cee88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
4763663-400x300.jpg
offside.com.ua/wp-content/uploads/2022/05/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/05/4763663-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93283207e11d69216e79359311251c1112430f233292d03ae19acde36f42cb36

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35700
last-modified
Sun, 29 May 2022 09:55:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il09nxZ4MUVpka5uumlpMfnX7UvGlOQhlTGaYjdp6VtyGGEayKH2CVFXT695cdTH%2B%2B%2BydxHlK1FkSSsYPpyEH%2Br6n65eBHHSPL6Y1zm%2B3anl%2BjVxu9nZJgmca39As%2Fk57ptNknatYvq8uy5Yag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cf288a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
6372627573-400x300.jpg
offside.com.ua/wp-content/uploads/2022/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/05/6372627573-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
424b42dce7c8d396da4463193fab31fe167a3fbd9ee1df5745d6fcf23b9e0a44

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18016
last-modified
Sat, 28 May 2022 09:43:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V440DZmbwLCdAsgDB56sYNm52RtKnDLRKxGvh1Mo7nxE4bIhCszK4WaHCS3gw503xkBh%2Fv2yIiQbl0DNxfKL82157u1M9PtFnS5Hp6%2FX4IPx64C0ljnppqeECDQ%2B0boM2qFJpoW%2BmGleoLB9Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cf388a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
resizer_16549590408961-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/06/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/resizer_16549590408961-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6942d5eb7a1b32fc50a00610993de33c20d405ba2a939e7f22a5c1f76201d425

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59975
last-modified
Sat, 11 Jun 2022 14:51:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mULT9RiL%2B%2Fo%2F%2B%2Bxq3%2Ff7FMDfEt4SzYtN5lmTDpuP3DNJ8Dcgf%2BFQ6trqO2gKTim4ayig4MId%2FZi0lqmC4YFRxIXnNBUNF%2FKvFaSbFbovHxTQU4%2BTaaDO%2F3bdOAEzPzzY8JgNtfpb%2FAz606RpIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cf488a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
3333732-670x456.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/3333732-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ae01f825d8e203e574d3a82874481ed3d59d4ef60b2c92262c920932706ff8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64509
last-modified
Mon, 06 Jun 2022 11:36:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDkK%2BQUHc2eauTl4bKgKX30b%2FprsNdHUWKOyF%2Fy5An8Y1fxv8OOhElD27XU232J07ALY1aA6ploW0%2BzOkgrZq4AxbUxB4WAprvC1MaWrrfSZIOgjdxXhoGLJN1gGZmlYFK%2BVxnsJqUNAZDg8oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cf588a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
844335-670x456.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/844335-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75a31cec85535e7da98dd8c6125784e952249bcbd54b01243b8164db0eb63c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34977
last-modified
Sun, 05 Jun 2022 11:40:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWH%2FPa0AG8eryIGBklKQ72EsWzO4A4GbU3IU%2Bm21maAIQ2hSbnSOm0v6SwWqdQxX3Qw4kk3Bew8EsiUQozdqz3UBKR8Na8Xd8FMi8MaxJLhhQ9qWsHBb7OxD%2FO6irZ0FkVSu1xAjz1rUeD4aog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cf688a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
wales-ukraine-670x456.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/wales-ukraine-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de4a613ce8afea727d2acc72baf646d51689d8cb1808f3fa2c1ef36cb2b7cddf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35381
last-modified
Sun, 05 Jun 2022 11:19:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HEUwbfoXVog9POW2RiMMLZ8r96cieRhT4KLUAG8AAyTlE7MIa0BXv5A7cSyeo9PSTaCWny11U%2FD35sdyhk88vNpfCaUtn0aUtrmwN1ahs4UgyuUxCqiYdhqkkAwQxO2yKpiWJh49MFeG2yw%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cf788a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
fp6iervwyamdgfa-640x360-1-670x456.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/fp6iervwyamdgfa-640x360-1-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e47d1fcfc215e1bc40693edf7eafa3c9ffc41ff5d9236d606b1141e258d2061

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58376
last-modified
Fri, 03 Jun 2022 06:02:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqRtI5a0q6tUzhlTBxN2HuxLkrLazKUqFTlMJ57W8EWGMiKVpuelxLkfmw3d7u5070H1cEpjyzZm1MzmBJPE7%2BwPp2vAUl6AfV9RZ4Z8VZSj9%2FPfqmv4KJdqZOSahL55oZ2ou7H1m73lo8Bsjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cf988a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
pm_logo.png
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/pm_logo.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
427f8dcaa42e89577a4604efbbd21af5c268c39b5c6e021f12d060b93257b101

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
503047
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17290
last-modified
Sat, 02 Apr 2022 14:07:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iwJHDN0ARAhgW17ZqAHl2VjOIQeoUe32yuQXVvSMPng1DfHGtumyFDoxDcLpnIVSs5cLYIh13jDSYrSkB0hj%2FNRz%2FapeuNGTsnEHb2TEBwNFjBGUfjdWU3BqUVXm1RYG%2Boi6C7NvOKIG%2FRvwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cfa88a7-LHR
expires
Wed, 13 Jul 2022 11:16:06 GMT
sapfirbet.png.webp
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/sapfirbet.png.webp
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94277769b8916ca8755e5a211d850942e94e1d6621060daa7ffb5c3976b1ce5e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2738
last-modified
Thu, 04 Nov 2021 10:44:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzRKgJ0s362af5dZYADwu8j9tfXhd5ndtgnSoaY2FeeH4qZF6L6VM6T1W3DIo4uXxKriM8Kj89u0w9h%2FL3Giyr1LaXxzlDJbn8RJKRF3ONXE%2Ff1RKQKBd5b7MpBKm2HvG64OHN4tyVjU%2FoQvrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cfc88a7-LHR
expires
Mon, 18 Jul 2022 11:16:10 GMT
Mel_blk.png.webp
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/Mel_blk.png.webp
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2877b9644f1d0214961542e44f4d78fdcba93756941da51b62f0796b5d96431

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1564
last-modified
Thu, 04 Nov 2021 10:44:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2W7eQEDL3HT4vIDqjbqvr2xemrzPMkr2yXe%2FSeIEmSvL6jtbr%2FlwSV6RbqKolW0Em20F%2FbfY8KU2Y9JacfQnRFNwqMG5o33prlEWeaZ8iqOAXvX3LkT6Zm6r14u7QJ%2BW8ba9ESjm798ediLfUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cfd88a7-LHR
expires
Thu, 14 Jul 2022 06:52:30 GMT
mostbet.jpeg
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/mostbet.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d154521b7e690095bfb6cb7d50d20769a73c63299f7b35561e7266a8ad2f6f41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438319
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3513
last-modified
Thu, 04 Nov 2021 10:44:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FiQJnmCslwyqAXPbEMz%2FYNs8hiiWqJpoSOdhpn6NngEeHFV30rsGlgdKi2DUFlXNWekt%2BsUxu1NXYR1GkV8ANGQJq6aW3CTr5uq%2FR%2BhmCUPBuXO8ru9iJSn8YWQ8Q5xilJYbtgfPlYC%2B4iBtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918cff88a7-LHR
expires
Thu, 14 Jul 2022 05:14:54 GMT
1xbet.png
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/1xbet.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199a66ac6582dd904b4a006853b186b3169cceddddc159f5772e01ee3f31cac0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9893
last-modified
Tue, 15 Feb 2022 21:05:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLyFEzfbw61n0xvp%2F%2Fbpndmde%2FlLMgiOBaWxIKuwHuWPLLH9f9fzlbPbTr%2BGRh70%2Bwt5qLRp3lsjgiyArecxA0%2FGVgzuL0MPdbAVwLUpdTlyhL5MRJ6YqgKk0IWqM7gnRdeULf1FxmmxZ8gYZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918d0188a7-LHR
expires
Thu, 14 Jul 2022 06:52:30 GMT
nayef-aguerd-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/nayef-aguerd-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff125f0dfe5af20434e5abc3228bcb63ba4a2a5a286e69e090e16eff29cd368c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19677
last-modified
Sun, 19 Jun 2022 15:08:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRQsKxd9eiyGgRY4n%2BAtWRUafQd60NXt1L8YvltWUYOPL7TEOBXNxn4YPO%2B0k2JaZk1bNOtFJg4tMjRQmSlf13xpJI6Sq6dq6mCyyQbHTX6MolEfPex9ZjfBaS1SjLZr1oqN0GwNESR2Dpj2dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918d0288a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
74453-400x300.jpg
offside.com.ua/wp-content/uploads/2022/05/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/05/74453-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6cfcdf1e2b932ad28e31fa67aa30b6c13e15bd0e4cbd8cf973dbea4679c815f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21321
last-modified
Wed, 11 May 2022 04:36:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thNCQHGxM4GZh6Crvl5BP2pWsssqQyMyaF55CRpZO6wfT7RTYppMOSQ9l0ez76CjFGtGi8Xh%2BZQvKEy0RWOi89%2F%2FMYh2o6SI9a7qvtepD6RsPcJxVnddvYxvH%2BALLan0jpkKLimzwHdoIdPgow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918d0688a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
fernando-morentes-870x400-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/04/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/04/fernando-morentes-870x400-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f4266a842360b89a28c06a7651ca82a1cb88202db2ff6c174d380619a1e6f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26315
last-modified
Tue, 05 Apr 2022 07:57:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BNqH83Ba7bnR9xP0cDI0iTFxjmWf7fvj3X%2B%2FKc9Jzhe3q4HakrVtYyVDI1zRKCzDG%2FMvo%2B0Upg5PAX2GmBOBiUJtkLHcl2Y6FhDvFvuOTv3qjrwxS%2Fb7LBkzaRChwOWrjgu0FiwPiEzR7QaFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918d0788a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
ad-provider.js
a.exdynsrv.com/ 		107 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exdynsrv.com/ad-provider.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0f4e0c3fe251b64bd36e2eab19db80e2093f18732ba081cd65382ff6ca57eafa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:14 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"60bb36fa42b034aeeb97ecfed02"
X-HW
1657609213.dop217.lo4.t,1657609214.cds248.lo4.shn,1657609214.dop217.lo4.t,1657609214.cds315.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29607
7336-400x300.jpg
offside.com.ua/wp-content/uploads/2022/07/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/7336-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e336df1b9f268821f3276705e6d271be80f32033531fcc8fcae62141a70a741

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21089
last-modified
Mon, 11 Jul 2022 16:12:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tQijsXpfTKByW35Nw1JUsIgWwpyxsqvtqC%2FgPolegj1vve5WWQot%2B2X4eKf0U3kZ%2BRA8t5mmr5dtTsBuPUybXCdWWVCe0aN4jqK3YAu3BWSYBItP0Lsxalo%2FkrLGRvBkSvgsocxPMoJOK6puA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918d0988a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
resizer_16574370955191-1-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/07/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/resizer_16574370955191-1-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fa4326b5ee1782ff8dcb6da38f48b6cc282566de4d5d39eff0106eeec6f3ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22017
last-modified
Sun, 10 Jul 2022 07:13:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FueAOR%2BD8gT1371kdS11CTK18BcaM5ek5TgChlNrkfNwt9CiAw0920%2B3tjIqlAnvh%2FRNeqbybmgWJJ0z60L9JJNAE7V8W3mjEZRYv0b1wwkoqcmO9srrIx8ZJkM8bhR1ZTKJhBijBRvF2YgcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6918d0a88a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
twitter.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/twitter.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3abb75ebc673d5c07263ea76e8a03b2f03a12e6a56c050c6b3a37e33e78e72f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=di6VpQuh92CimH7zEZqedBomsd%2FLrHX9d5leRSjq5UJ4%2B135tlUd1ws%2B0dq6es43Y3JilroYGpHf2xREM7kB0XIetAyWmO60LIX8r6cWWQWuY985rhAQIPep5QNCpK%2FTyD%2FwnBGOJjy88aJamQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918d0b88a7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Jul 2022 07:00:14 GMT
facebook.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/ 		523 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/facebook.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78764c6b55a054871a6a5b36a5704b51eaab0e4394cf6a97cddd3c0ee4d7236e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHQA9hDfSeRf6BmhX2Q541rwExyvCLbNvsFbNp5zuaEHkT8hY%2B6AbDBYGXMYXX8KJi29DLQGtu%2FfOj%2FURgc%2BoaWWmtBk0tGYoS%2Bjqf84dECL%2Bd0lVAAVICZHYQ6uCKcb9fxdIrLTBavjviJv7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918d0e88a7-LHR
expires
Mon, 18 Jul 2022 14:24:06 GMT
google.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/google.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37d6e58fbd507020bfee3d26b717393a4c78e845bc164bcea7d7374c4a5d672

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171298
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0ewWU6rSW13BVdN%2Bq0Jz7WIs6jXUqxgXK9Uai86sYLlxFIBuQW7h0zlvqfZO49iLI0ShNnmQW13e7qeE86kmtEM3V4gU%2Bu0yDUmv0a5rLDwKnhC8h2Nm1TCrbdN8SNL38e016LcuXu0W5%2BBBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918d1088a7-LHR
expires
Sun, 17 Jul 2022 07:25:15 GMT
email-decode.min.js
offside.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jul 2022 12:55:25 GMT
server
cloudflare
etag
W/"62c5863d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIDoj3obpGA4ALxruHks%2BDgWDxURID7YtCahWTegFc%2FxQhW0%2FuG%2FhxAIbOXc2SQrESAruExcqxxAFpgr41SkGuYs4ahIArY6tjCUpqCXJ20SZS0xBEDNgBVtqDPmdU6Losvqabnz36UoSpgPAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7297e6915c5188a7-LHR
vary
Accept-Encoding
expires
Thu, 14 Jul 2022 07:00:13 GMT
main.min.js
offside.com.ua/wp-content/plugins/anycomment/static/js/ 		2 MB
587 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/static/js/main.min.js?ver=9b87b6e21a74caabf02f75b28bb0fb66
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f010159247bf3b25e92cd7c414b38194bd825a212bf42f9adaa8587bd0253ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171298
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYjKhSF681H7rVUsQQpDrQXrfSZdnOe%2FbNmO3qxU0JeMGNyOoXBVBXs1YHAw0AQt1zQSI5HSOYDwUOcrZJEVrkEvLko7zOolCftZDWy8NkIpiJrLaNSF2yvASgZTfPgF%2FKY2FMopp3qO6DswsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e691ad1388a7-LHR
expires
Sun, 17 Jul 2022 07:25:15 GMT
regenerator-runtime.min.js
offside.com.ua/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
477944
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 24 May 2022 21:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2py5gPeTADbuym55zeUWqjKRBGCGOQHcE80l%2FOGkmqFoJJ4OFX%2FGmLZzgch1iGXMHl8v6sS2Ju6W0tmIoTPXAk7zVd3zqh8rRNexm6sR9UmtXdtPRhMNiNz4FuZIQYyQbaRv1ndEHaODLMnLdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6917c8e88a7-LHR
expires
Wed, 13 Jul 2022 18:14:29 GMT
wp-polyfill.min.js
offside.com.ua/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 24 May 2022 21:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9snIwuE%2FAKSzBbtrczUV18ci1xYfdBRe9tKcYBzv0CYyAh0uiQyED96%2Bju7%2B%2BMM%2FbMEmXIJbX6yrC7PaOsMfUofb8WMJ0MbNiSwrUUI3MQkcKhtUPA7D1zUiwY%2BME6NfX6daI4FtB2cDKUfoFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6917c9188a7-LHR
expires
Mon, 18 Jul 2022 09:03:14 GMT
index.js
offside.com.ua/wp-content/plugins/contact-form-7/includes/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7abd36a2f651330420d86187c125331d679408d1be7b6cd93efa64e08eaf80c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58395
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Jun 2022 13:26:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE%2FvhiOd2ZKK%2Be7g23CMy0xPWBAuqdGe9%2BwSJIgHFYYBodSFHtoPA1RBU%2F72OysTsB3sDVQ4BEdvPg2Z4KoqhBlBlxhwBv0tWe5Cxi%2FqoXa%2BUSP1bldwZtYBsFmL%2Bto5h0a4fHHhzxGQ6I%2FNww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918c9f88a7-LHR
expires
Mon, 18 Jul 2022 14:46:58 GMT
superfish.js
offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/js/superfish.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419b39f3cda98241621ab9469a5b23de4b0f01a98a145efe662d4aadc510a7bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
503779
cf-polished
origSize=7145
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul8OTxLCApgoYmUScK3jDoJRg2uKEiQK16Hh2VB%2FUjsHbxN2idmGvlrzOom43bNA3MvijEXIg0FZMHnRlcHWEklEfQmypuB0sOSHo6SM4NKyL0srHcnxBpTCOpJrPijl5fpaDOkJ%2BAjzXbsdPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918ca388a7-LHR
expires
Wed, 13 Jul 2022 11:03:54 GMT
hoverIntent.min.js
offside.com.ua/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 24 May 2022 21:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3fnmmT4O33cqrbQ%2BjDz4Im1sEwSxI8pMcgQ8mnWQjXVl%2BU6lGqPxGjJh3CAlod7KV%2B%2F5zmHVIn8TbAf7Pg1GQuG8Z0QYTJaPPYuVFefPWqamilR6N69Cp6Qs9MzpQy%2Bm7%2F7x8Uy7J35dRUqCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918ca988a7-LHR
expires
Sat, 16 Jul 2022 05:40:13 GMT
modernizr.custom.js
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/modernizr.custom.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bed074367042548e1f1ce7d18ba273b797a7a142899b5fdafabf24aa17bb645

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTtAFZMhYMy8zYLReHFV%2FtaDGarbavt8bLhYiAK36DeOAeI5UHHA6SUR6uJaO5qhZ3Gg7%2F2IXXO4ebdYyL2YjKwWrvzYxTM7C89JDBFMuqpQOax%2BwXoNsLzR4oetYKMbqW%2BXeVWY8%2FHbrpCajQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cab88a7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Jul 2022 07:00:14 GMT
jquery.dlmenu.js
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/jquery.dlmenu.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d34963b7db0da6900ddb9c2fd6b9b9d59844eeec6d2a6a99d3f7c0bc820797b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
502192
cf-polished
origSize=7002
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muyRlBgZ5lJhevcAzkvYBSciq%2BofAakYi6L3oeoVhwcyWw1HmrVw9cS%2FoTZt9W3iKO%2F1U9vUXO%2B%2B4v1rOwEcA3eo2Hr83C8waH1cJamc4e55qI%2B6Hm02Lxnq%2FWA78DZAtUqnYZUFYgWsprXVww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cae88a7-LHR
expires
Wed, 13 Jul 2022 11:30:21 GMT
jquery.easing.js
offside.com.ua/wp-content/themes/urbanmag/plugins/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.easing.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
495469
cf-polished
origSize=8097
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzYL6daM%2BERsxOwAgaB7q9KAw88jgeTNOr11%2F%2BVRBk%2FHWMwyDtkD2hQUot%2BPG0GF%2FVAiuhTVPiIVtX7QxrA3j8hFhZt3DAdOMXP6RKSSKT2nzWXPDg4tMBAiUtd2%2B9cXaYXTb4mQpuvqYvVM8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cb088a7-LHR
expires
Wed, 13 Jul 2022 13:22:24 GMT
jquery.transit.min.js
offside.com.ua/wp-content/themes/urbanmag/plugins/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.transit.min.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75239
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIaqzB6aKomtcEcIa6SdYLgyVOAh%2Bjy5GlouSXS0JU2qjU1%2FITxrzjaBaICcNdrR%2BfbycOz8SwL50dkDBqrRzNZJD9WmAfvQ2x2ACkv7hh77l86v2J0p%2BOoZQUQIM4I2VO1SUJEZGMVsqqvtPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cb288a7-LHR
expires
Mon, 18 Jul 2022 10:06:14 GMT
jquery.fancybox.pack.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/jquery.fancybox.pack.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
776ef5ab756f8e5a45a1508c934b11b7d2ae0206cb1d614bc2ab939541a1a897

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432463
cf-polished
origSize=23997
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiHTp%2B5AFXvS2UOkra8Dadk7iVU3u3oyqCBSBw%2Fmtx7eCkcPBobb8fkwHNsc8ydXfNFtdSG1VQlpm%2B9YutM6SIqYvaGjCV7vbNXGcEncz8gS0wQsy%2BxXnUqqF6L6FS9fVyYvZuug9zb1GyA2WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cb488a7-LHR
expires
Thu, 14 Jul 2022 06:52:30 GMT
jquery.fancybox-media.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/jquery.fancybox-media.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1bd7d64deecbc15860d0f0a269fca9043802f24a12443c912cc507305e4cfd0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324561
cf-polished
origSize=5305
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nlwlcYeiXJI%2FxBH%2Bn%2F042wQ%2FK3Jjk5iFj3F9WD5ihBRRg95iMplse8Cvvn37CHvP4oY%2BeWxIwPoCbdb0xnmTxEi5qWHKmrpDJ99UXZ%2BDU6tdrvbdK2CH%2BxheeYTfQqMLbfkQi1ELZVjJVX7ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cb588a7-LHR
expires
Fri, 15 Jul 2022 12:50:52 GMT
jquery.fancybox-thumbs.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad72ba5583bcd350d55c0e2b27839eb8398a6842df6c399e80bb05e37604ee5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75238
cf-polished
origSize=3836
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpSH2aLvz7nnt0AEZS29P7z%2FsT192OgeB5Z4fYWEugGGTcWjCvnZu6cKTe4SbZzyY%2BAlwTBZ%2BWJj1RktCqL9njRYAymwRGWSpkt29nBuC5ZI0Xz0RFwcFuf5ue95KQC9WEzmaYRz5kSfWhwqGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cb888a7-LHR
expires
Mon, 18 Jul 2022 10:06:15 GMT
jquery.flexslider.js
offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/jquery.flexslider.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c17e5fec5e26fbc519e90d9f8455d30bd9fde8c1fde9591691ef249b0741028

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171335
cf-polished
origSize=52367
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9OyN2FwlHSY6PGK1oVv4yMeHEtoOCK1e8VtJTnha7oJJm6ZosvTQ9lwHRuOaLQjMqkhlyf7KIst2UIHKb%2B9AhSI%2FkS9lSJ2jTZMrTal81u5eMdiBFBVfUCpUs%2BhlZLoVKen7XMo5f%2FGnrK6Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cbc88a7-LHR
expires
Sun, 17 Jul 2022 07:24:38 GMT
jquery.isotope.min.js
offside.com.ua/wp-content/themes/urbanmag/plugins/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.isotope.min.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfda5ab4fa75e77566a328adae8566973f7d2a7d1815a272daf58cad64ff8273

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2Fsz9h%2Fu0NlkRvwYi7n%2BGk12kx46bYlBeCyX9PTy9eVVqQApgAe5TvQccPocwYgRDZ7RXLgN%2BSzHvTl6HrTOh3F1mASkM11M%2FAbIgFzxCznaYThPAB8n9tFuiXPxybWUbz6w9zye5VPxPeN%2Fhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cbf88a7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Jul 2022 07:00:14 GMT
gdlr-script.js
offside.com.ua/wp-content/themes/urbanmag/javascript/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/javascript/gdlr-script.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4cff9965d17a5e644e1610d150796343dd8a51556b6d7a7fd3c390b82288f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500748
cf-polished
origSize=32833
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nbX%2BgRbmvF1D37I5ESs76BVAscQB%2FxJXhr7GXCvRbZKe4sJQiYVwv8fVSlK0xfH7VMQiHMHTwNeGRSuQgNr05XY%2FuNBDI1GRpgVGykjbUexb126CDTHyAbSw1urE68AMI%2FCZ%2FaKh6q8CkYV3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cc088a7-LHR
expires
Wed, 13 Jul 2022 11:54:25 GMT
sassy-social-share-public.js
offside.com.ua/wp-content/plugins/sassy-social-share/public/js/ 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.42
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba86c4e74026c9c80d215b10cf1aecbc0576d7aaef6ceac9eea652d48a787bf4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171300
cf-polished
origSize=121779
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHlEB%2B6vrHnoXosK6BNp92SJjfX8SST5nuI8k2mx6S8F%2B83AwrtXLn5GbUl0aPZCM4k9TAWV7WKpD1hDfiR2rfwXA17BoPghmKrJi28qaH6%2FSoXtQVeEXi36fRZ%2FLKd4j7Ivm3sIGBI3eW0rcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cc288a7-LHR
expires
Sun, 17 Jul 2022 07:25:13 GMT
js
maps.google.com/maps/api/ 		176 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
51d40c85b2b9e4dee74cd75fa28a0095a125bcfac5ec024498649ccdab5dcc15
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 06:48:17 GMT
content-encoding
gzip
server
mafe
age
716
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=11
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58909
x-xss-protection
0
expires
Tue, 12 Jul 2022 07:18:17 GMT
maps.js
offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=2.3.4
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a3b8ea20c9512ec35491bea3f66fe195756a49d837c82a83013f89e0e6b1bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5279
cf-polished
origSize=56069
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 17:14:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4G8S%2FDchTelYOpmYLV1%2BJN0ys6kCth9wmFaTAMPyEwbhYpTyp8SJG1IIgI5o5grsnv9XRDPSMI6r%2F49uvj5N%2Bn%2B0BjgT7b%2BcOTWVEaRljpfUWxDQa4VUe8xY2fisavB7Vz7IxeTnyhzCsEHWog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7297e6918cc488a7-LHR
expires
Tue, 19 Jul 2022 05:32:14 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.6035216402246668
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.6035216402246668
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.6035216402246668
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:14 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 11 Jul 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:13 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.6035216402246668
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sun, 11 Jul 2021 21:00:00 GMT
i1-1024x268-min-1-1.png
offside.com.ua/wp-content/uploads/2021/12/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2021/12/i1-1024x268-min-1-1.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9cb9ae359a625e05528779aa81b4889ca5bbb9c3d870ea207fc3e9502d26459

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
503048
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126809
last-modified
Mon, 27 Dec 2021 21:04:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=schkVReFUG6xz1J%2FbDm7lOGB%2F%2BvpjfugT7Y7mHQhRTqzHFfFC%2FBep7yFaGz2kGoWLfqIHxu1ikiuH%2BL2fLNgXhAzoA%2BdLnz6tgwG9KRH6iV7wguWp9VGuTtqt0p2rkxNvveGJKo1LkfIevhbrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e691ad1588a7-LHR
expires
Wed, 13 Jul 2022 11:16:05 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:07:05 GMT
x-content-type-options
nosniff
age
568388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:07:05 GMT
truncated
/ 		252 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c88d61050399e0f93184e6e6fe946329df48ef9c7bc23b521ebdd28e10e563

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
invoke.js
www.effectivedisplaycontent.com/15ba3ff22a033198c506d7c00839843c/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplaycontent.com/15ba3ff22a033198c506d7c00839843c/invoke.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 12 Jul 2022 07:00:14 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v27/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 19:26:32 GMT
x-content-type-options
nosniff
age
473621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:53:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 19:26:32 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v24/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:19:24 GMT
x-content-type-options
nosniff
age
567649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20480
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:19:24 GMT
fontawesome-webfont.woff
offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65452
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qr5GkMPlCG%2BFg34ab%2FjQll81EQlF8snhNk6nSwrKDZsiOe1j0HEgajlc%2BUfQaFVbAN%2Bcae23NxZSAX198v3lBX48PEKd%2FbndmguS63T9rzWWNeXQt6b%2FVovphgpJKr%2BJpvjDjKFqOHvOHJDc1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e691ad1688a7-LHR
1Ptug8zYS_SKggPNyCkIT5lu.woff2
fonts.gstatic.com/s/raleway/v27/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyCkIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c28cf9531a92b13f64e6bde8578d730da9920d06883a826a944ba161e3cda818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 19:40:02 GMT
x-content-type-options
nosniff
age
472811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25584
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:50:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 19:40:02 GMT
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-83HN7YJGYM&gtm=2oe7b0&_p=776932370&_z=ccd.v9B&gdid=dZGIzZG&cid=2120219989.1657609214&ul=en-us&sr=1600x1200&_s=1&sid=1657609213&sct=1&seg=0&dl=https%3A%2F%2Foffside.com.ua%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20Offside&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offside.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb78a53f736a86f446c9a007f90e4c9561b59b9176b5075730b9446dc599b027
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70471
x-xss-protection
0
expires
Tue, 12 Jul 2022 07:00:13 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a44e14227086b310ffb4fd450a59ce85481174c4d0efecb9365578202a0e4752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122421
x-xss-protection
0
server
cafe
etag
16691129709021151862
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Jul 2022 07:00:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame 8342 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
4379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 05:47:15 GMT
etag
10429905676100781186
expires
Tue, 26 Jul 2022 05:47:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5MF0YH07SE&gtm=2oe7b0&_p=776932370&_z=ccd.v9B&gdid=dZGIzZG&cid=2120219989.1657609214&ul=en-us&sr=1600x1200&_s=1&sid=1657609214&sct=1&seg=0&dl=https%3A%2F%2Foffside.com.ua%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20Offside&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offside.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 218A 		738 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Tue, 12 Jul 2022 07:00:14 GMT
etag
W/"62824272-2e2"
expires
Fri, 07 Jul 2023 08:26:19 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-06T08:26:19+00:00
x-id
fr5-up-gc29
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-07-04T08:28:32+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 05 Jul 2023 08:28:32 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-07-06T08:26:24+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 07 Jul 2023 08:26:24 GMT
I
refpa6781648.top/ Frame 1D37 		642 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
82033caf490802d20c64e9a1585f6800464d103ba5737d788a5add2f98ad446a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
417
content-type
text/html; charset=utf-8
date
Tue, 12 Jul 2022 07:00:14 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
5.0
invoke.js
www.effectivedisplaycontent.com/783e5138ef26bb20b7684a6985d43be6/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplaycontent.com/783e5138ef26bb20b7684a6985d43be6/invoke.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 12 Jul 2022 07:00:14 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
overlay-gradient.png
offside.com.ua/wp-content/themes/urbanmag/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/overlay-gradient.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f999ea0d328245ae7d1201632b7783931d12b0f936430c31e3fc1b2fb080f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2256
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8xHrakpeG5RA%2BLbpQsqO%2B8Cmzuzz0%2FJ2R8QVdikREk%2FUgVMGfWC66%2F69pbOwV4%2FU5E8yur5CDXL%2BVh640qoJRfBFj3AQ4UZ%2FUqt4HobybspgXclbP8c%2Fz5n9vModGUdYARw07SdcxU8TRKKlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6956b8488a7-LHR
expires
Tue, 19 Jul 2022 07:00:14 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v24/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:12:15 GMT
x-content-type-options
nosniff
age
568079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25088
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:38:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:12:15 GMT
/
covivado.club/catfish/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covivado.club/catfish/?sid=99681&rand=0.8686064044070008
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
565a3c1109b083c57031aff608ed98fab419370a31c69f3e49f96bd06a4323a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
server
nginx
content-type
application/javascript; charset=utf-8
date
Tue, 12 Jul 2022 07:00:14 GMT
expires
-1
ec2414f3522a79b97620ab8d7a56a836-13073-600x200x10458400-[rnd].js
covivado.club/banner/ 		868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covivado.club/banner/ec2414f3522a79b97620ab8d7a56a836-13073-600x200x10458400-[rnd].js?e=vb600x200x48764&rand=0.09227330908477738
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
e8950ecd52e439f7dd58115df3d4ab549f15cbf980633b2d389141e2a8d0d9c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 12 Jul 2022 07:00:14 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
server
nginx
strict-transport-security
max-age=31536000;
content-type
text/javascript; charset=utf-8
a9aad5ef29d93f6b001878d9ddf2bcdf-88548-600x200x70838400-[rnd].js
covivado.club/banner/ 		130 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covivado.club/banner/a9aad5ef29d93f6b001878d9ddf2bcdf-88548-600x200x70838400-[rnd].js?e=vb600x200x53539&rand=0.4879829535199458
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
b3a4dc93cb491425d6552342960777015f434ed0c89b8adf0fc2a84c4063d93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
server
nginx
content-type
text/javascript; charset=utf-8
date
Tue, 12 Jul 2022 07:00:14 GMT
expires
-1
api.php
syndication.exdynsrv.com/v1/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/v1/api.php
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
8a44373cd2617ec6d005ef8a6e9e9d8eda6d533f0cd6b7ac67f805680fa81e32

Request headers

Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 12 Jul 2022 07:00:14 GMT
Access-Control-Request-Method
POST
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://offside.com.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Encoding
gzip
Access-Control-Allow-Headers
Authorization, Content-Type
rcl-awesome.woff2
offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5c1ffb80e8c6b709daf7cd8f06a977335f3a35f90332e9bd9a5e605717ccfe

Request headers

Referer
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rocQgYJWwgULuxqw6EJA4vGaMgltMzUirsexP1xvzkvMCWz%2Bm68MOZfAr6ggiTjZAXqzWS7qerkf%2BX5m8vP%2FK0DvtaOWffBGIG1gzipJ%2FH160cMmVHN6SAWmyorqNNKa6BGPHtAjYTsFQcAlbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7297e6973f1388a7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81956
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://offside.com.ua
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		218 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=offside.com.ua&callback=_gfp_s_&client=ca-pub-7140845151581295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a002b829d4ff6c53c745ff0f57451002810b8dd72840d4db062f1f9f78c974a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Foffside.com.ua%2F&tn=DIV&id=recallbar&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1CA4 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7140845151581295&output=html&adk=1812271804&adf=3025194257&lmt=1657609214&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffside.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657609214090&bpp=2&bdt=723&idt=682&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=805628118330&frm=20&pv=2&ga_vid=2120219989.1657609214&ga_sid=1657609215&ga_hid=776932370&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068105%2C44766558%2C31068196%2C42531606&oid=2&pvsid=1183762574062160&tmod=2075173734&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=703
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 07:00:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cimp.php
syndication.exdynsrv.com/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12PW04DMQxFt8IGJrp2nDjud1kB6gKSeUA/6HxMkYrkxZMZEELoKPJJZOvGDOYBOhA/IZ6AE4kXDmQWKCLE4ufniwv5uizbdZrDuL6Hj+qcRFVcFSjqJiUauyQrxtkTumuMkOTZUmHV4gJnRycKE6Ws+yUAIDf45eV8HOqwR+DBCd33dLfs0h2PfbzNqSHOIy0V2RaYTVMTGTkb8djmvfH/b/FNAKV0BOCXgY7ytm736+3VvfvxULfP2+j+p3MnOf0Y+cQxkyhSaa3VJctU+/qFStRWm+ELRwch9FsBAAA=
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Jul 2022 07:00:14 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
8ad738d385a4dfb7b957e5ce35d9967414bc2d2a.webp
s3t3d2y8.ackcdn.net/library/254774/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3t3d2y8.ackcdn.net/library/254774/8ad738d385a4dfb7b957e5ce35d9967414bc2d2a.webp
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2cf06971b4faa1bc7a53a866698974f8697faf3fdb5531a85ff2efa6f468995e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 12 Jul 2022 07:00:14 GMT
x-cache-op
HIT
x-77-nzt-ray
q5zK+JG8l/4
x-cache
HIT
x-age
799881
content-length
5596
x-77-nzt
AdRmOI326UT/iTQMAA
x-accel-expires
@1688345333
last-modified
Fri, 17 Dec 2021 01:35:47 GMT
server
CDN77-Turbo
etag
"61bbe973-15dc"
x-77-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Jul 2023 23:52:40 GMT
9a550fcc-885a-4caa-9132-06c004e73115.gif
refpa3966353.top/img/AdAgent_1/ Frame 1D37 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refpa3966353.top/img/AdAgent_1/9a550fcc-885a-4caa-9132-06c004e73115.gif
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.35.215 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
db9bacda467d38f3afc52d07d44734b5d48543fb9600f71f5018b1ed09b87c62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://refpa6781648.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
last-modified
Wed, 01 Apr 2020 17:14:06 GMT
server
nginx
etag
"083e8f2488d61:0"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
152123
checker.js
refpa6781648.top/checker/ Frame 1D37 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refpa6781648.top/checker/checker.js
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
content-encoding
br
last-modified
Tue, 10 May 2022 06:49:25 GMT
server
nginx
etag
W/"627a0af5-1843"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=63072000; includeSubDomains; preload
expires
Tue, 12 Jul 2022 08:00:14 GMT
dsp.aspx
inv-nets.admixer.net/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7698032461334936&cpv=02d5a0f3-3235-7deb-0a73-e875dd8bdbcb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22770c3fdd-44cf-b153-7dbf-089c32326c16%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226ac5c84a-54b0-3c18-6e70-0ca08c9e4f6c%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22f064d825-6f5a-b827-c58f-62b55bb90de2%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22a9d3986f-70ed-c105-d041-6212be6f383d%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d450eebb78e637a6106afbc9d7936b8ac6f209aee37a064f15157e2fa999e186
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3594
X-Xss-Protection
0
94a9b44846143bc18bab943992b72dbc-95721-0.04262235699932271.json
covivado.club/vast/ 		177 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://covivado.club/vast/94a9b44846143bc18bab943992b72dbc-95721-0.04262235699932271.json
Requested by
Host: covivado.club
URL: https://covivado.club/catfish/?sid=99681&rand=0.8686064044070008
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
ce9752333550003588f5331b7127dcb9c5c21de2116a21bd31364601964ff127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept
application/json
Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache, no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
server
nginx
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://offside.com.ua
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=31536000;
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
stattag.js
cdntechone.com/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/stattag.js
Requested by
Host: covivado.club
URL: https://covivado.club/catfish/?sid=99681&rand=0.8686064044070008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d1662ab265a1b1c6264d999bac5f24fac78f744ee892f49d304556189d25d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5166
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Jun 2022 09:20:11 GMT
server
cloudflare
etag
W/"62a1bb4b-bc9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3jGS%2FesvkAAwcpyciBngcmBDNEC7tziy%2BlAk59bzBx%2BScn6ugCRx05lanDU0YTeo2tLZpxaJbXWlqvO40YEyDXmYBM1c5N%2Bsd6yKLZq19yWEfrKKeD5oDxWzmexfByGPrAo%2B83WB5s8DrdP6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7297e69a3f890075-LHR
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/46506/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:28+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:28 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/46506/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-07-07T09:50:33+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 08 Jul 2023 09:50:33 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/46506/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-07-07T09:50:33+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 08 Jul 2023 09:50:33 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/46506/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-07-07T09:50:37+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 08 Jul 2023 09:50:37 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/46506/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-07-07T09:50:33+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 08 Jul 2023 09:50:33 GMT
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 17BF
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7698032461334936&cpv=02d5a0f3-3235-7deb-0a73-e875dd8bdbcb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22770c3fdd-44cf-b153-7dbf-089c32326c16%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226ac5c84a-54b0-3c18-6e70-0ca08c9e4f6c%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22f064d825-6f5a-b827-c58f-62b55bb90de2%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22a9d3986f-70ed-c105-d041-6212be6f383d%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d2ce8aeb5078f755d7899883af3de7b1181a39bcdb68249e529fa7c3d1651dbf

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
expires
Tue, 12 Jul 2022 07:00:15 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-746

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 12 Jul 2022 07:00:15 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-746
/
onetag-sys.com/usync/ Frame 4C46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7698032461334936&cpv=02d5a0f3-3235-7deb-0a73-e875dd8bdbcb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22770c3fdd-44cf-b153-7dbf-089c32326c16%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226ac5c84a-54b0-3c18-6e70-0ca08c9e4f6c%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22f064d825-6f5a-b827-c58f-62b55bb90de2%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22a9d3986f-70ed-c105-d041-6212be6f383d%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame 8446 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7698032461334936&cpv=02d5a0f3-3235-7deb-0a73-e875dd8bdbcb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22770c3fdd-44cf-b153-7dbf-089c32326c16%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226ac5c84a-54b0-3c18-6e70-0ca08c9e4f6c%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22f064d825-6f5a-b827-c58f-62b55bb90de2%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22a9d3986f-70ed-c105-d041-6212be6f383d%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3ba01f9c16a55d404aff94ddd5f28d63e1a2552358e661e1cf75bed93f601e88

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://offside.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1269
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Jul 2022 07:00:14 GMT
Server
Adtelligent
X-Robots-Tag
noindex
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Jul 2022 07:00:15 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
an.yandex.ru/mapuid/targetrtbis/
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=admixer&id=bb260eba93a0441fa3afe0a58a7babec
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/?sign=3011906821
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1&sign=3011906821
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1&sign=3011906821
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 07:00:15 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 12 Jul 2022 07:00:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 07:00:15 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1&sign=3011906821
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 12 Jul 2022 07:00:15 GMT
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.208 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
content-length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Dbb260eba93a0...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=4834642a-01b0-11ed-8d99-801844df107c
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=4834642a-01b0-11ed-8d99-801844df107c
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=726f1250-5f59-408b-ab8c-f45bcf7dce0e&expires=1&user_group=5&ssp=lemma&bsw_param=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=bb260eba93a0441fa3afe0a58a7babec4834642a-01b0-11ed-8d99-801844df107c
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=bb260eba93a0441fa3afe0a58a7babec4834642a-01b0-11ed-8d99-801844df107c
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=bb260eba93a0441fa3afe0a58a7babec4834642a-01b0-11ed-8d99-801844df107c
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12-Jul-2022 16:00:16 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Dbb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.208 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
content-length
0
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
sync
t.adx.opera.com/ 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=bb260eba93a0441fa3afe0a58a7babec&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=bb260eba93a0441fa3afe0a58a7babec&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3165299387303551005&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0&gdpr=&consent=&gdpr_pd=
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=bf59dbcb-8194-4c1a-9d9c-97b67474b6c0&gdpr=&consent=&gdpr_pd=
Date
Tue, 12 Jul 2022 07:00:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-Yd.g3vNE2uEPe4.G9.lgrayLiTVeCQjxJK5tOW0-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-Yd.g3vNE2uEPe4.G9.lgrayLiTVeCQjxJK5tOW0-~A
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-Yd.g3vNE2uEPe4.G9.lgrayLiTVeCQjxJK5tOW0-~A
date
Tue, 12 Jul 2022 07:00:15 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT, Tue, 12 Jul 2022 07:00:15 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Tue, 12 Jul 2022 07:00:15 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=fe5a76ff-3314-52c1-b176-c90ad3bbd2f5
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=fe5a76ff-3314-52c1-b176-c90ad3bbd2f5
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=fe5a76ff-3314-52c1-b176-c90ad3bbd2f5
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=bb260eba93a0441fa3afe0a58a7babec&redir=[RED]
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=c8cc1486-8d80-4d96-b649-30c0a3793c79
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=c8cc1486-8d80-4d96-b649-30c0a3793c79
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=c8cc1486-8d80-4d96-b649-30c0a3793c79
date
Tue, 12 Jul 2022 07:00:15 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
sync.html
s.console.adtarget.com.tr/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://offside.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
setuid
ib.adnxs.com/ 		43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=533&code=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:15 GMT
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c1c9336-135d-4e0b-92c0-efb7327939a7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=bb260eba93a0441fa3afe0a58a7babec
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=bb260eba93a0441fa3afe0a58a7babec
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
168.119.9.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.59.9.119.168.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=bb260eba93a0441fa3afe0a58a7babec
date
Tue, 12 Jul 2022 07:00:16 GMT
server
nginx
etag
W/"625f0e7b270327cd4006889dc4b29c2ae9ca781ee9a560d93f0a414b81c3b4f2"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BsNSAlqjfX%2F2JS7MTUZxgDJx1wrhOUZoD9db2BHOMKrH%2Bk9SvbSjt4WCRB6651zwbf1azcG92poYzKGHzoVSoQHDegBuOpTONgt0akKivY%2BI6Is4ni3NM7KyX8p1a7hNYDhJ%2B1YSv1hYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB
cache-control
no-cache
cf-ray
7297e6a10fc8771f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
adspend-sync
adx.com.ru/
Redirect Chain
  • https://rtb.com.ru/admixer-sync?uid=bb260eba93a0441fa3afe0a58a7babec
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=bb260eba93a0441fa3afe0a58a7babec
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62cd1c009ab4d27d704bab3c%26d...
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62cd1c009ab4d27d704bab3c%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D64...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=62cd1c009ab4d27d704bab3c&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62cd1c009ab4d27d704bab3c%26dest%3Dhttps%253A%252F%252...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62cd1c009ab4d27d704bab3c%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://prodmp.ru/li?guid=388D037C3E53CAD6E62C&uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62cd1c009ab4d27d704bab3c%26dest%3Dhttps%253A%252F%252Fdmg.di...
  • https://an.yandex.ru/mapuid/dmpmediadesk/62cd1c009ab4d27d704bab3c?sign=45501020&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62cd1c009ab4d27d704bab3c%26dest%3Dhttps%253A%252F...
  • https://x01.aidata.io/0.gif?pid=6472613&id=62cd1c009ab4d27d704bab3c&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62cd1c009ab4d27d704bab3c%26i%3D1393358583913894259%26r%...
  • https://x01.aidata.io/0.gif?pid=6472613&id=62cd1c009ab4d27d704bab3c&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62cd1c009ab4d27d704bab3c%26i%3D1393358583913894259%26r%...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=62cd1c009ab4d27d704bab3c&i=1393358583913894259&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3...
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=62cd1c009ab4d27d704bab3c&i=1393358583913894259&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f45...
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=dq1-f-YfVgNMWwF7k3cK&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100...
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEKN4Lzd_7dOFR-6uBclNnWA&ver=1&google_error=&code=224&ts=dq1-f-YfVgNMWwF7k3cK&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62cd1c009ab4d27d704bab3c&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62cd1c009ab4d27d704bab3c%26nc%3D555527578...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62cd1c009ab4d27d704bab3c&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62cd1c009ab4d27d704bab3c%26nc%3D555527578...
  • https://cm.p.altergeo.ru/spnd?aid=62cd1c009ab4d27d704bab3c&nc=5555275785909190592&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62cd1c009ab4d27d704bab3c%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://cm.p.altergeo.ru/spnd?aid=62cd1c009ab4d27d704bab3c&nc=5555275785909190592&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62cd1c009ab4d27d704bab3c%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://adx.com.ru/adspend-sync?uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FQqESupYsVN6gUhBQxC2Yw4%3Fsign%3D2213836553%26location%3Dhttps%253A%252F%252Ftop-fwz1.ma...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.com.ru/adspend-sync?uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FQqESupYsVN6gUhBQxC2Yw4%3Fsign%3D2213836553%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62cd1c009ab4d27d704bab3c
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.134.131.34.188.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:19 GMT
Server
nginx/1.16.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://adx.com.ru/adspend-sync?uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FQqESupYsVN6gUhBQxC2Yw4%3Fsign%3D2213836553%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62cd1c009ab4d27d704bab3c
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=bb260eba93a0441fa3afe0a58a7babec
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF68C9C3CBDD4D20A0B3DE93A68265A5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=bb260eba93a0441fa3afe0a58a7babec
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF68C9C3CBDD4D20A0B3DE93A68265A5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF68C9C3CBDD4D20A0B3DE93A68265A5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=bb260eba93a0441fa3afe0a58a7babec
date
Tue, 12 Jul 2022 07:00:16 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
438160a6-3e9e-4a68-bcf1-2c83e4329d60.png
content.admixer.net/test1/5a4a8557-12e5-4ff7-bf43-a6dcb5f558a5/ Frame 46FB 		913 KB
913 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.admixer.net/test1/5a4a8557-12e5-4ff7-bf43-a6dcb5f558a5/438160a6-3e9e-4a68-bcf1-2c83e4329d60.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
62.149.18.58 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
cc53243-01.cc.colocall.com
Software
nginx /
Resource Hash
57c4ba7e8a1a2cd472369a8e68292b6f1e53a55498c3cebd36ed3ea51458763f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 08 Jul 2022 21:52:27 GMT
Server
nginx
ETag
"62c8a71b-e430c"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
934668
Expires
Thu, 13 Jul 2023 07:00:15 GMT
55453de97a118ce9
ads.us.e-planning.net/uspd/1/
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
date
Tue, 12 Jul 2022 07:00:15 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
content-type
text/html; charset=iso-8859-1
x-sid
AMS-746
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
sync.html
s.adtelligent.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
load
z.cdn.adpool.bet/
Redirect Chain
  • https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=bb260eba93a0441fa3afe0a58a7babec&zone=1BA693E9-AF43-480F-8247-A0A6978D969D&device=28&rule=2A9D2C49-0654-4466-A9CE-559AECCA318A&requestId=e11d7...
  • https://z.cdn.adpool.bet/load?z=1371652588
35 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.cdn.adpool.bet/load?z=1371652588
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
212.7.203.129 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
P3P
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
-1

Redirect headers

Location
https://z.cdn.adpool.bet/load?z=1371652588
Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
add
datatechone.com/log/ 		0
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=a968e546-c11a-4be3-8c95-b00e0522c220
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Jul 2022 07:00:15 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.19.10
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
um
u-ams02.e-planning.net/ Frame 17BF
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db4cf4b70acba59f7
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db4cf4b70acba59f7
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Da58185df-ce...
  • https://u-ams02.e-planning.net/um?uid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&dc=0abbcb4eba840e59&fi=b4cf4b70acba59f7
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&dc=0abbcb4eba840e59&fi=b4cf4b70acba59f7
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?uid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&dc=0abbcb4eba840e59&fi=b4cf4b70acba59f7
date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
prebid
rtb.openx.net/sync/ Frame 17BF 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Db4cf4b70acba59f7%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
qkdf3oaklb52rs0732erce5ru5fatce4
ptag
a.audrte.com/ Frame 17BF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-7-162.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3d364588ab9e8dfb50d506853d43201eecabb33fe2fdb4c0037637651909e7ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 17BF 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 11 Jul 2027 07:00:15 GMT
um
u-ams02.e-planning.net/ Frame 17BF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db4cf4b70acba59f7%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253Db4cf4b70acba59f7%2526uid%253D%2524UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b4cf4b70acba59f7&uid=4695938005620185403
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b4cf4b70acba59f7&uid=4695938005620185403
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:15 GMT
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
441af1f9-0016-46f2-9938-3cf44ca3fd90
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b4cf4b70acba59f7&uid=4695938005620185403
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame ABA7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Jul 2022 07:00:15 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Jul 2022 07:00:15 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A924 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db4cf4b70acba59f7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=104828
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
expires
Wed, 13 Jul 2022 12:07:23 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
usermatch
r.casalemedia.com/ Frame 3818
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
496659f4dc07b5a371481d5c807e80a750b91b42e63c7d9de1cd4c532b26a499

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7297e69e6a6be684-LHR
content-encoding
br
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
dropped-udsids
73|130|4|206|241|65|191|105
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkLOM5EgEirl3eHCrY9PIXGfrMJcjnT8xCen%2B6bms%2BtIvVRHOqJjvHQz9X%2F2%2Fmu52cb96Z2nPGaGeRmf9VXdpuGH%2BgfE6opEP4myPrsQx2MGgKN8CjMZTN7eCpLYZCn4nXpg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7297e69d38990656-LHR
content-type
text/html; charset=iso-8859-1
date
Tue, 12 Jul 2022 07:00:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug7O23GlmTo6kWgzTFkAa0cWMz4DtmYNfcIcB0pqc0%2B7goKjpQOjriMkqLvZf%2FG%2BJCc6ZibzcDKWThjFVekHG%2F%2BTmf6aR4pGkinunNbKrLi2EHHBrc9YSVN54urO%2FhpQGNe%2FcGd7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 493D 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
60ad96569363116a57ba49ba67f0cc06
x-cf-tsc
1653097306
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 5484 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A758 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
becca024b2cb3805d2624e20512e03bcf5487690286ee41fa44700ab8ac12955

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7297e69d3947756e-LHR
content-encoding
br
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
/
refpa6781648.top/redirect/stat/run/ Frame 1D37 		14 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refpa6781648.top/redirect/stat/run/
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/checker/checker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
x-requested-with
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
49
csync
sync.adtelligent.com/ Frame F36B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7064435012117703281
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7064435012117703281
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Tue, 12 Jul 2022 07:00:16 GMT
Etag
4479fa1b55e367bb
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
330ae45c-932f-47f8-b1bf-2298e47e57fd
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Jul 2022 07:00:15 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7064435012117703281
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
/
ads.us.e-planning.net/uspd/1/ Frame E432 		2 KB
1013 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
0de9663e110e1a0c97d1c8dc3494bab3000b4801c49286ce1df6d3149cd6ffd3

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
expires
Tue, 12 Jul 2022 07:00:15 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-746
sync.html
s.adtelligent.com/ Frame 5B3C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Jul 2022 07:00:14 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 54F0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=104828
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
expires
Wed, 13 Jul 2022 12:07:23 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
onetag-sys.com/usync/ Frame E055 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame 97FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Tue, 12 Jul 2022 07:00:15 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame D3A3 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Jul 2022 07:00:14 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame B175
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e30a3ab5-eac6-4c1e-80c3-1b64bdc5d675
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e30a3ab5-eac6-4c1e-80c3-1b64bdc5d675
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Tue, 12 Jul 2022 07:00:16 GMT
Etag
4479fa1b55e367bb
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7297e69e1dda8892-LHR
content-length
0
date
Tue, 12 Jul 2022 07:00:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e30a3ab5-eac6-4c1e-80c3-1b64bdc5d675
server
cloudflare
csync
sync.adtelligent.com/ Frame 8446
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=975ceab5-d0e7-48fa-9bdc-5c367f0f0a8f
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=975ceab5-d0e7-48fa-9bdc-5c367f0f0a8f
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
VertaMedia 1.0
Etag
4479fa1b55e367bb
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:14 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=975ceab5-d0e7-48fa-9bdc-5c367f0f0a8f
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
lr6l2g9ap22k225qflgh57blui1avcm3
pixel
ap.lijit.com/ Frame 8446 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Jul 2022 07:00:15 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 8446
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=9155233303628206019
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=9155233303628206019
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
VertaMedia 1.0
Etag
4479fa1b55e367bb
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:15 GMT
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
02491c81-6528-45b8-8c40-94be4937e806
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=9155233303628206019
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 8446
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=22e745db-6d58-41f3-b6a4-0d874f0d434d
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=22e745db-6d58-41f3-b6a4-0d874f0d434d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
VertaMedia 1.0
Etag
4479fa1b55e367bb
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=22e745db-6d58-41f3-b6a4-0d874f0d434d
date
Tue, 12 Jul 2022 07:00:15 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
vid.vidoomy.com/ Frame 8446 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 8446
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=7e78147c-0dbd-41e0-bd71-8ccc9477b6b0
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=7e78147c-0dbd-41e0-bd71-8ccc9477b6b0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
VertaMedia 1.0
Etag
4479fa1b55e367bb
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=7e78147c-0dbd-41e0-bd71-8ccc9477b6b0
date
Tue, 12 Jul 2022 07:00:15 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 8446
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1657609215742
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8385386429
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8385386429
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
etag
RX3252e0f793834ef6b4609fd6bfcfe1e1003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8385386429
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 8446
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=bb260eba93a0441fa3afe0a58a7babec
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=bb260eba93a0441fa3afe0a58a7babec
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
VertaMedia 1.0
Etag
4479fa1b55e367bb
Content-Length
0

Redirect headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=bb260eba93a0441fa3afe0a58a7babec
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
getuid
ib.adnxs.com/ Frame A758 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame A758 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=2d7d5c2e-cc4b-47eb-84fa-c6d1756f4feb&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2d7d5c2e-cc4b-47eb-84fa-c6d1756f4feb&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e69fcc8d756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=2d7d5c2e-cc4b-47eb-84fa-c6d1756f4feb&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame A758 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame A758 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame A758 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1657609216.767201,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4250-LON
u
dmp.v.fwmrm.net/ad/ Frame A758 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:d00c:d52c:5371:efa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A758 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2129b988-513a-4a67-490d-ab5c1562bc32%26reqId%3D24187f12-6e2e-4ba3-4c2b-ae34fb5b1145%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=23b7d37d-d3ee-438a-89a0-69333cb1dc00&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=23b7d37d-d3ee-438a-89a0-69333cb1dc00&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a09d7d756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=23b7d37d-d3ee-438a-89a0-69333cb1dc00&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2129b988-513a-4a67-490d-ab5c1562bc32&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2129b988-513a-4a67-490d-ab5c1562bc32&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=05653383960842244761962696355871741144&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=05653383960842244761962696355871741144&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e69fcc90756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v036-0999aaade.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
lobl6Ql2Tpc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=05653383960842244761962696355871741144&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame A758 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=2129b988-513a-4a67-490d-ab5c1562bc32&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022071211-52830-0.158256001657619155-c2abfe15d35fc6c84487d4773cafcbe9&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022071211-52830-0.158256001657619155-c2abfe15d35fc6c84487d4773cafcbe9&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a11e1e756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022071211-52830-0.158256001657619155-c2abfe15d35fc6c84487d4773cafcbe9&zdid=533&env=mWeb
Date
Tue, 12 Jul 2022 09:45:55 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7119377367994267794&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7119377367994267794&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a03d20756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7119377367994267794&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Date
Tue, 12 Jul 2022 07:00:15 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame A758 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2129b988-513a-4a67-490d-ab5c1562bc32
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2129b988-513a-4a67-490d-ab5c1562bc32&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2129b988-513a-4a67-490d-ab5c1562bc32&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=OKqSQR38GyUEgRsrXqEXZO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4b...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=OKqSQR38GyUEgRsrXqEXZO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a20f3c756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
last-modified
Tue, 12 Jul 2022 07:00:16 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=OKqSQR38GyUEgRsrXqEXZO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame A758 		36 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=2129b988-513a-4a67-490d-ab5c1562bc32&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-length
36
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2129b988-513a-4a67-490d-ab5c1562bc32?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2129b988-513a-4a67-490d-ab5c1562bc32?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a28813756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.14.86
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-9xtrCqRE2opkWinz1jfoQmb5GlBh17fCFQ--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-9xtrCqRE2opkWinz1jfoQmb5GlBh17fCFQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a1ff30756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-9xtrCqRE2opkWinz1jfoQmb5GlBh17fCFQ--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=NyBbmvkNyxHMvkhhwIfnC7tctpic7q%2Fz%2BS41iYitP1U%3D
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=NyBbmvkNyxHMvkhhwIfnC7tctpic7q%2Fz%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a70dba756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=NyBbmvkNyxHMvkhhwIfnC7tctpic7q%2Fz%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame A758 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.17.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-17-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1657609216
x-served-by
beacon-n007-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame A758 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=2129b988-513a-4a67-490d-ab5c1562bc32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ys0cAAAPhVT_HQAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae3...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ys0cAAAPhVT_HQAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&_test=Ys0cAAAPhVT_HQAj
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a4dafc756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657609217.729172,VS0,VE0
x-served-by
cache-hhn4071-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ys0cAAAPhVT_HQAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&_test=Ys0cAAAPhVT_HQAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=cf1862cd-1c00-4d00-bb02-6b27a9124e72&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f1...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=cf1862cd-1c00-4d00-bb02-6b27a9124e72&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a42a3a756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
MT3 4475 c1dc35a master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=cf1862cd-1c00-4d00-bb02-6b27a9124e72&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Tue, 12 Jul 2022 07:00:15 GMT
usermatch.gif
beacon.krxd.net/ Frame A758
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=O88oX77r&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2129b988-513a-4a67-490d-ab5c1562bc32
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2129b988-513a-4a67-490d-ab5c1562bc32
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
34.252.17.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-17-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1657609217
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2129b988-513a-4a67-490d-ab5c1562bc32
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a5dc53756e-LHR
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame A758
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2129b988-513a-4a67-490d-ab5c1562bc32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2129b988-513a-4a67-490d-ab5c1562bc32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2129b988-513a-4a67-490d-ab5c1562bc32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9YZ57SHJE9FHAE8TCGD9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
654F57SGQSGZMMEBJG73
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2129b988-513a-4a67-490d-ab5c1562bc32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame A758 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=2129b988-513a-4a67-490d-ab5c1562bc32&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-72-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame A758
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D212...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e6a3a971756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
date
Tue, 12 Jul 2022 07:00:16 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame A758 		557 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04adc8f6ddd45cceef28032419c3afaad0abc2c4be2760db0c7e51793c036730

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7297e69db9ec756e-LHR
date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
um
u-ams02.e-planning.net/ Frame E432
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db4cf4b70acba59f7
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Da58185df-ce...
  • https://u-ams02.e-planning.net/um?uid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&dc=0abbcb4eba840e59&fi=b4cf4b70acba59f7
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&dc=0abbcb4eba840e59&fi=b4cf4b70acba59f7
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?uid=a58185df-ce2a-4dbf-9155-4dfbc56d702c-62cd1bff-4348&dc=0abbcb4eba840e59&fi=b4cf4b70acba59f7
date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
prebid
rtb.openx.net/sync/ Frame E432 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Db4cf4b70acba59f7%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
9depgek3homa4ueks2gg72759cjqk9do
ptag
a.audrte.com/ Frame E432 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-7-162.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3d364588ab9e8dfb50d506853d43201eecabb33fe2fdb4c0037637651909e7ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame E432 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 11 Jul 2027 07:00:15 GMT
um
u-ams02.e-planning.net/ Frame E432
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db4cf4b70acba59f7%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b4cf4b70acba59f7&uid=4695938005620185403
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b4cf4b70acba59f7&uid=4695938005620185403
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:15 GMT
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c520bd5f-25c3-49cc-b1ab-fbc3d49a4227
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b4cf4b70acba59f7&uid=4695938005620185403
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame B45B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Jul 2022 07:00:15 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Jul 2022 07:00:15 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01CE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db4cf4b70acba59f7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=104828
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
expires
Wed, 13 Jul 2022 12:07:23 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
usermatch
ssum.casalemedia.com/ Frame B05A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8ee8a949d817501563284649dc164ccb4a0cb46497220d58eab71b7ae360ec

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7297e69e29c17505-LHR
content-encoding
br
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
dropped-udsids
230|45|241|39|26|152|64|46
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=km8s%2BOWgiPMjXWRtUrphEQMe7CzBFu8I9ZZpGuh9O82o7BtZoF6qIRqR77Asnx1H8kndcfqfDkjYWefb24%2BWk94%2Ffa95gBccIrah6knKVLd%2BCoFthNotHMF3S4iQDlDlct6TeJi2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 3981 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
a08c9dab3a6f40c6540827d378d3d115
x-cf-tsc
1653097306
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame D8DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame B507 		530 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff828e8413d71d34d885f683cfbec9b21ef3c8cce757b0766a4416e817e29193

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7297e69dea25756e-LHR
content-encoding
br
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame A924 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1145920&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
content-length
0
cmp
spl.zeotap.com/ Frame A758 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7297e69e2a76756e-LHR
date
Tue, 12 Jul 2022 07:00:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
mw
mwzeom.zeotap.com/ Frame B507
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D212...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=7c1035b3-1cd9-4669-58cb-e54497976b92&zdid=1361
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=7c1035b3-1cd9-4669-58cb-e54497976b92&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7297e69fcc91756e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=7c1035b3-1cd9-4669-58cb-e54497976b92&zdid=1361
date
Tue, 12 Jul 2022 07:00:15 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame B507 		557 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=7c1035b3-1cd9-4669-58cb-e54497976b92&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
317af32e29c965d8becb782a826d1d17aeeb8bc52ce4df04d4ceaec8534e4e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7297e69e6abc756e-LHR
date
Tue, 12 Jul 2022 07:00:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2407 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=104828
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
expires
Wed, 13 Jul 2022 12:07:23 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame B0B8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Jul 2022 07:00:15 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Jul 2022 07:00:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 71F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 5B3C 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
VertaMedia 1.0
Etag
4479fa1b55e367bb
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame B05A 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B05A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ys0b--UUM4kDusOwTjCe7AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOsVth5RtiUPf6ln3CtgNqQ&google_cver=1&gdpr=1
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOsVth5RtiUPf6ln3CtgNqQ&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7297e6a1f8e571bd-LHR
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ohsufs8btXxs9eIcCLiWqpemznqlW%2F8sMwp2uQm8g%2FVn%2Bcp7aW0veuwUI7t67XCWqn1okNrbZN8w3C2eG8uzpafCyZPHdyPGCHjmev3YDnuxtUeo2urGZh%2BEdlM3bQfP9oNdWMiBdeoJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOsVth5RtiUPf6ln3CtgNqQ&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B05A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B31KEA38RDFBMAAE6EZ2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HZ8C0S1YVWNCNEH1526S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B05A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/indexscod/1/cm/ Frame B05A 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b--UUM4kDusOwTjCe7AAA%261145
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
56913
crum
dsum-sec.casalemedia.com/ Frame B05A
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=304c5ff3-d443-4d43-9b09-1afe330d6c3d
43 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=304c5ff3-d443-4d43-9b09-1afe330d6c3d
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7297e6a2da1271bd-LHR
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFiXEGdOG7cBP9lskUZBV4lvvQXVi0kMj%2FMDUwgML6IMWD%2BkW7I3UHO%2B8%2F4%2FDPSh68gnt9BBe%2FfYjJz06D2ATCEnYhjP3hJEwWeBCeChn%2FrKkhVQINse7ezmpx5jwIdUIqx2IIurx3GpJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=304c5ff3-d443-4d43-9b09-1afe330d6c3d
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B05A 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
getuid
secure.adnxs.com/ Frame B05A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
um
u-ams02.e-planning.net/ Frame B05A 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=b4cf4b70acba59f7&uid=Ys0b--UUM4kDusOwTjCe7AAA%261145
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
server
openresty
content-type
image/gif
cmp
spl.zeotap.com/ Frame B507 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=7c1035b3-1cd9-4669-58cb-e54497976b92&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=7c1035b3-1cd9-4669-58cb-e54497976b92&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7297e69edb55756e-LHR
date
Tue, 12 Jul 2022 07:00:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame ABA7 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d9fd04b0c4d42a58f7b00d5427d9f2ec293d329f41a4b22e37b6d18a1117679

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24707
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9457
Expires
Tue, 12 Jul 2022 13:52:02 GMT
Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3818 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:cba9:630b:f07c:688c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ie
match.prod.bidr.io/cookie-sync/ Frame 3818 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.232.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-232-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3818
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2395229435552301717
43 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2395229435552301717
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7297e6a12fc171bd-LHR
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9ElAd7SvIgbwgz75cdf9KMhnGOSbJfnZdSsuz%2BnGx%2F1xlkm4xuO%2B5SEvAKTgUrqV%2BBZLQNN9mMyQ4i5%2BqF3PgLieMXStkaGI28AW7HnSOLNcJlUeJRExoFTw1LGhhgXGYP39pVTohaHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2395229435552301717
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame 3818 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame 3818
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GSD3NVV28XC0CVR9NYHP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
APAYJPBSDPPX606Y0HVA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys0b__UUM4kDusOwTjCe7AAABHkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 3818
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1657695616&gdpr=1
43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1657695616&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7297e6a32a067511-LHR
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aptTY%2Bs3bIKG3PnZg0Lez%2BC8yQ7FnrYBDJTDyMmWLGZvUA7iAscHiM%2Fx7kraLE%2FpOSHfpxh62F9xNNo017PvwuosM2KjOq1qbcuaGhJ%2FGMNE00N47ENELtPdFyXxm3YpcD6aap25"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1657695616&gdpr=1
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum.casalemedia.com/ Frame 3818
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=ec6be229-b75b-31e3-b7db32cc
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=ec6be229-b75b-31e3-b7db32cc
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7297e6a32a047511-LHR
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acxH76vli65H%2BTljO1MnA8f1slgppy2NNS61%2FUs4LtjGcR49SWHFCmRvccJf0ovsPtr3V0DTqp2L5bASeujLdHl2%2Fi5X2Ff%2B1usE6Rz0ETZPo3NGas2fc85ICdjUfQwY2pFbQqVx"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Jul 2022 07:00:16 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=ec6be229-b75b-31e3-b7db32cc
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 3818
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7297e6a12fc371bd-LHR
pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJVZNVunFzLuaUbdFtJ0rqqD5M3xzCA1KGTxXi8BU4nWFXGW0%2FtXCoxl2dI3H2foOEBPY5wg7m0OGrjyCvYPgRCzWb%2Beti31ctG7obZ5EykZ3X5OXfsaMMW6kG%2FlW2Cg6abg3hKBuNUFUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 12 Jul 2022 07:00:16 GMT
server
nginx/1.20.0
content-length
76
um
u-ams02.e-planning.net/ Frame 3818 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=b4cf4b70acba59f7&uid=Ys0b--UUM4kDusOwTjCe7AAA%261145
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db4cf4b70acba59f7%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:15 GMT
server
openresty
content-type
image/gif
csync
sync.console.adtarget.com.tr/ Frame 56B4
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3165299387303551005
0
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3165299387303551005
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Tue, 12 Jul 2022 07:00:16 GMT
Etag
2e657114c0662886
Server
VertaMedia 1.0

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 12 Jul 2022 07:00:16 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=3165299387303551005
server
nginx
csync
sync.adtelligent.com/ Frame D3A3
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=2e657114c0662886
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=2e657114c0662886
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
VertaMedia 1.0
Etag
4479fa1b55e367bb
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=2e657114c0662886
Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
VertaMedia 1.0
Etag
2e657114c0662886
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame B0B8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d9fd04b0c4d42a58f7b00d5427d9f2ec293d329f41a4b22e37b6d18a1117679

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24707
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9457
Expires
Tue, 12 Jul 2022 13:52:02 GMT
usync.js
eus.rubiconproject.com/ Frame B45B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d9fd04b0c4d42a58f7b00d5427d9f2ec293d329f41a4b22e37b6d18a1117679

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24707
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9457
Expires
Tue, 12 Jul 2022 13:52:02 GMT
khaos.jpg
token.rubiconproject.com/ Frame ABA7 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame B0B8 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame B45B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame E432 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:10:17 GMT
content-encoding
gzip
etag
W/"a31a707739fd82541fa40e577dbbfede"
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
64200
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
Pb-jHB6hc8a-qDS9Og_A2O0x2khv6Iwa9E8fFQzxvsStDsGcy2hAMw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame F614 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Tue, 12 Jul 2022 07:00:15 GMT
etag
W/"601b131c-27c"
expires
Sun, 11 Jul 2027 07:00:15 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame 1A6D 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKY7puKlhTIvP4OF
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Tue, 12 Jul 2022 07:00:16 GMT
Etag
305ebc1058ae3199
Server
VertaMedia 1.0
GS.d
js.cookieless-data.com/ Frame F614 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657609216315
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=bb260eba93a0441fa3afe0a58a7babec&zone=1BA693E9-AF43-480F-8247-A0A6978D969D&device=28&rule=2A9D2C49-0654-4466-A9CE-559AECCA318A&requestId=e11d785a-74a9-4310-84e3-af0677eef446&hp=6783904&page=offside.com.ua%2F&ts=637932060151053202&ap=MA%3D%3D&asign=-737577268&sync=57%2C88%2C96%2C80%2C98%2C3&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=CBC0AF15-51E4-4BDF-98F7-C184B84F9A6C&inst=ADS-EU-7&pxl=0&pvid=907050a5-1760-412c-a568-139c777f26b1&ip=82.199.130.38&item=5A4A8557-12E5-4FF7-BF43-A6DCB5F558A5&crid=5A4A8557-12E5-4FF7-BF43-A6DCB5F558A5&size=1920x1080&profile=2A9D2C49-0654-4466-A9CE-559AECCA318A&isopt=0&adv=Advertiser+1&dsp=Local&dmp_pr=MA%3D%3D&extclick=https%3A%2F%2Fz.cdn.adpool.bet%2Fgo%3Fz%3D1371652588&extview=https%3A%2F%2Fz.cdn.adpool.bet%2Fload%3Fz%3D1371652588&dstUrl=https%3A%2F%2Fz.cdn.adpool.bet%2Fgo%3Fz%3D1538649218&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame ABA7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=33703f42-b374-4fd8-b5f3-6f9c313e8412
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Jul 2022 07:00:16 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
sync.php
pixel.rubiconproject.com/exchange/ Frame B0B8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
ptrack
a.audrte.com/ Frame E432 		368 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.38&p=M1353665098&artime=2022-07-12T07:00:16.685Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-7-162.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4c3e568a51d26eaf8e3a6f95a642fef37773344d8a88b99138fc01d73ab944d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:16 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
261
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame E432 		155 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Jul 2022 23:17:04 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
age
27793
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
g2SZ2pnmME33b0VwbXMoVRms-QVGp7VcG8i0z_1tW2GXg3HSji9vNw==
p
a.audrte.com/ Frame E432
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3165299387303551005
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
54.81.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-7-162.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
ps.eyeota.net/pixel/bounce/ Frame E432
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Content-Type
application/javascript
Content-Length
1239
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=
Date
Tue, 12 Jul 2022 07:00:17 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame E432
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=&google_gid=CAESEFqqXWXs7FP57itWYYe5_E4&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
54.81.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-7-162.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
data
bcp.crwdcntrl.net/6/ Frame E432 		20 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.27.55
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 17BF 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:10:17 GMT
content-encoding
gzip
etag
W/"a31a707739fd82541fa40e577dbbfede"
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
64201
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
KlK7upubnrEBOJ4z7g-CVA2K9PkZMykTn8OwTUojIqsMAWVHEL5slg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 1E60 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Tue, 12 Jul 2022 07:00:16 GMT
etag
W/"601b131c-27c"
expires
Sun, 11 Jul 2027 07:00:16 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame B55D 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AKY7puKlhTIvP4OF
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Jul 2022 07:00:17 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
GS.d
js.cookieless-data.com/ Frame 1E60 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657609217144
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
ptrack
a.audrte.com/ Frame 17BF 		368 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.38&p=M1353665098&artime=2022-07-12T07:00:17.263Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=b2Zmc2lkZS5jb20udWEv
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-7-162.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4c3e568a51d26eaf8e3a6f95a642fef37773344d8a88b99138fc01d73ab944d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
261
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 17BF 		155 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Jul 2022 23:17:04 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
age
27794
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
R75-XarzqBuoo0_WhmA-1b-cLAP6CxUwbZWhOF4E6q2xUeGQpbiu9g==
data
bcp.crwdcntrl.net/6/ Frame 17BF 		20 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:17 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.27.55
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
p
a.audrte.com/ Frame 17BF
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3165299387303551005
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
54.81.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-7-162.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 17BF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Content-Type
application/javascript
Content-Length
1207
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 17BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5f1zuKvPDgPTtiJDzgcvXmJqg&gdpr=0&gdpr_consent=&google_gid=CAESEFqqXWXs7FP57itWYYe5_E4&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
54.81.7.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-7-162.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 12 Jul 2022 07:00:17 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5MF0YH07SE&gtm=2oe7b0&_p=776932370&_z=ccd.v9B&gdid=dZGIzZG&cid=2120219989.1657609214&ul=en-us&sr=1600x1200&_s=2&sid=1657609214&sct=1&seg=0&dl=https%3A%2F%2Foffside.com.ua%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20Offside&en=scroll&epn.percent_scrolled=90&_et=57
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 07:00:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offside.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af9dbc27afe64ede92ebd03476ac8706c9f6c18f3174ae9106af70bc6f662810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jul 2022 07:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10837
x-xss-protection
0
common.js
maps.google.com/maps-api-v3/api/js/49/8/ 		244 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/49/8/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f3f4441058208dc79fcbe616809b3938bb501414967de8fff4231d7fe7f2aa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68884
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:31:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 19:41:20 GMT
util.js
maps.google.com/maps-api-v3/api/js/49/8/ 		155 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/49/8/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b5b6c96309746983e83f02889b4880d9d3e0c9f0f0e1ad1d53d603ef6a0bcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 19:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58610
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:31:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Jul 2023 19:19:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 07:00:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCB3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
5268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 05:32:32 GMT
expires
Wed, 12 Jul 2023 05:32:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6D85 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
02fe66db67d5a7d175b76925014e6d6ba405fee36245100e36cc6717b2782b80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uQukjOesmkqPqaTNtQ4EYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-uQukjOesmkqPqaTNtQ4EYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jul 2022 07:00:20 GMT
expires
Tue, 12 Jul 2022 07:00:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame CCB3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 10:23:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
160598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 10:23:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6D85 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=1183762574062160&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CCB3 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?aTjUeA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:00:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=1183762574062160&bg=!SUqlSg7NAAaYcLjmuHA7ACkAdvg8WmNRvcXl-b9FViWmKx7xT_0OnN-vVWoVQbF5Li2IYVxNEZ8f6gIAAABfUgAAAAJoAQeZAqhM09agYwkFncYaQqHADHD5IIrGZFpNjJ2qRlm5apP2KRpLJ-Rhr9Ywf7o2Xi5FLgLn4gqwXNLfdJfkh8Dq86E-AqVEJPPgAQM-YDIhaBB_KWYO9IxPctX4_T-FFSeDmqY7U9HicYY7z0Mn1lycqxkhOjjiT0zZnOYarQcF1_LPsER4fe_shjn-UkTcOjBcgWQMKTuSDIm-INRJBuYZBhruotSFS8nAYPpNhupe02PCtN_Yuu-20dRpGtfRR_1h7m4718GfUhkjNF2adzzEkJFynBIJI2bsLrTo1mIOckqtlco6O6fo45yIPuOp1ggPwpwpfuDYQVWHfPthhilQMQ5urzepJc3kSsiRT5CHCpl2hJC7b6WRFNClBJ4JoU3etrIWJphQX61rJGj5bhmKt0eX6Hkg2xwqTKnhK6A_LU9cYvVotUL4hi6oBwZCRtFl-_JRO3-RLj2pbg7Yek1M05U0AKD_8Bpk7dYqFaSG1FK0VAweHL5_0fWT685pzzkS_JBCwreoG7lUTnoKl8sS1hn8PwDfQKyqOzH2ySV3ha4GeEPse_2_tepNbP83wIa2GSHBzbjqVSTHDG2YBxvBwS66sn8wzD7h4HsQQu2UI6EGuJyK2Ik_66ml8zvvBlGxrz7MtnTJADbdNFbEUzQSU07LLKKIKUngOypNfIIWf51ZteaJ61QpDKujoYjwZbql5X49tRgUmlq-ig60bbcBHtJ8yBnxxc9uRF58vjYhUsG5clczzgaTuQMDy2B69KaqB0sKGT1IbH515CTAqlFSYKzm4e49TqIqho2prdJQubzdoq31PsVwsDO4kVAdIbquuBbIbz046WMJacfn4Wq4sYMVZga0-Phh45ClK97wEGyzw8Q9S6gg3b_AeO55wqvAlTZxBwpK68JNQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

310 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| rcewpp function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery object| Rcl object| rcl_actions object| rcl_filters object| rcl_beats number| rcl_beats_delay object| rcl_url_params function| rcl_do_action function| rcl_add_action function| rcl_apply_filters function| rcl_add_filter function| rcl_get_value_url_params function| rcl_is_valid_url function| setAttr_rcl function| rcl_update_history_url function| rcl_init_cookie function| rcl_add_dynamic_field function| rcl_remove_dynamic_field function| rcl_rand function| rcl_notice function| rcl_close_notice function| rcl_preloader_show function| rcl_preloader_hide function| rcl_setup_datepicker_options function| rcl_show_datepicker function| rcl_remove_datepicker_box function| rcl_init_field_file function| rcl_init_runner function| rcl_init_range function| rcl_init_color function| rcl_init_field_maxlength function| rcl_init_ajax_editor function| rcl_setup_quicktags function| rcl_add_ajax_quicktags function| rcl_add_quicktags function| rcl_proccess_ajax_return function| rcl_ajax function| rcl_submit_form function| rcl_send_form_data function| rcl_check_form function| rcl_add_beat function| rcl_remove_beat function| rcl_exist_beat function| rcl_init_table function| rcl_table_search function| RclForm function| rcl_chek_form_field function| rcl_init_iconpicker object| RclUploaders function| RclClassUploaders function| RclUploader function| rcl_init_uploader function| rcl_init_dropzone function| rcl_delete_attachment function| rcl_add_attachment_in_editor function| rcl_update_require_checkbox function| rcl_init_update_requared_checkbox function| rcl_init_ajax_tab function| rcl_get_options_url_params function| rcl_add_dropzone function| passwordStrength function| rcl_manage_user_black_list function| rcl_show_tab function| rcl_init_recallbar_hover function| rcl_add_class_upload_tab function| rcl_add_preloader_tab function| rcl_init_get_smilies function| rcl_init_hover_smilies function| rcl_init_click_smilies function| rcl_init_close_popup function| rcl_init_click_overlay function| rcl_init_click_float_window function| rcl_init_loginform_shift_tabs function| rcl_init_check_url_params function| rcl_init_close_notice function| rcl_init_login_form function| rcl_show_login_form_tab function| rcl_show_float_login_form function| rcl_hide_float_login_form function| rcl_setup_position_float_form function| rcl_beat function| rcl_get_actual_beats_data function| rcl_close_votes_window function| rcl_edit_rating function| rcl_get_list_votes function| rcl_view_list_votes object| rcl_public_form function| rcl_setup_async_upload function| rcl_init_click_post_thumbnail function| rcl_get_post_thumbnail_html function| rcl_remove_post_thumbnail function| rcl_delete_post function| rcl_delete_thumbnail_attachment function| rcl_edit_post function| rcl_preview function| rcl_save_draft function| rcl_check_publish function| rcl_publish function| rcl_check_required_fields function| rcl_get_prefiew_content function| rcl_preview_close function| rcl_init_public_form function| rcl_init_thumbnail_uploader function| rcl_set_post_thumbnail function| rcl_switch_attachment_in_gallery object| rcl_chat_last_activity object| rcl_chat_beat number| rcl_chat_write number| rcl_chat_contact_token number| rcl_chat_inactive_counter number| rcl_chat_important number| rcl_chat_max_words object| rcl_chat_sound function| rcl_chat_init_sound function| rcl_chat_inactivity_cancel function| rcl_chat_inactivity_counter function| rcl_chat_scroll_bottom function| rcl_reset_active_mini_chat function| rcl_chat_counter_reset function| rcl_chat_add_message function| rcl_chat_clear_beat function| rcl_set_active_mini_chat function| rcl_init_chat function| rcl_chat_close function| rcl_chat_write_status function| rcl_chat_write_status_cancel function| rcl_chat_add_new_message function| rcl_chat_navi function| rcl_get_mini_chat function| rcl_chat_words_count function| rcl_chat_remove_contact function| rcl_chat_message_important function| rcl_chat_important_manager_shift function| rcl_chat_delete_message function| rcl_chat_delete_attachment function| rcl_chat_shift_contact_panel function| rcl_chat_init_beat function| rcl_chat_beat_core function| rcl_chat_beat_success function| rcl_get_chat_window object| globalAmlAds string| ms_grabbing_curosr string| ms_grab_curosr object| atOptions object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| twemoji object| wp object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| hb_dmx_res object| AdProvider string| hts object| ExoLoader object| ExoSupport object| VastResolver function| instantiateViewability function| ExoAdsRefresh object| anyCommentApiSettings object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| html5 object| Modernizr function| yepnope object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| ClipboardJS object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$geometry$spherical object| module$exports$mapsapi$poly$polylineCodec object| wpgmp_local object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb function| parcelRequire function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| _0x5a83 function| _0x3edf string| ms_cf_catfish number| time number| ms_cf_cwidth string| ms_cf_mobile string| ms_cf_transparent number| ms_cf_timeout string| ms_cf_logactive string| ms_cf_allactions string| startOrientation string| bWidth string| bHeight object| setelem undefined| ms_64144_a object| doc object| __ds3dcV__ function| html2canvas function| _open object| GoogleGcLKhOms

102 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: bb260eba93a0441fa3afe0a58a7babec
.offside.com.ua/ Name: _ga_83HN7YJGYM
Value: GS1.1.1657609213.1.0.1657609213.0
.offside.com.ua/ Name: _ga
Value: GA1.1.2120219989.1657609214
.yadro.ru/ Name: FTID
Value: 1YpHlz3Z_NeM1YpHlz001OVI
.offside.com.ua/ Name: _ga_5MF0YH07SE
Value: GS1.1.1657609214.1.0.1657609214.0
offside.com.ua/ Name:
Value: store.test
.yadro.ru/ Name: VID
Value: 3NY_E807l0eM1YpHl-001OXP
offside.com.ua/ Name: pll_language
Value: ru
.offside.com.ua/ Name: __gads
Value: ID=235930da403ad7b4-22ec1fa7cccd00be:T=1657609214:RT=1657609214:S=ALNI_MYMcFKAiEo000ug3trcFcSLxCijiQ
.admixer.net/ Name: am-uid
Value: bb260eba93a0441fa3afe0a58a7babec
offside.com.ua/ Name: am-uid
Value: bb260eba93a0441fa3afe0a58a7babec
ads.us.e-planning.net/ Name: CT
Value: 1
.adx.opera.com/ Name: UID
Value: 36387fe7f4b24e0a9de8996189c3e864
.e-planning.net/ Name: E
Value: AKY7puKlhTIvP4OF
.bidswitch.net/ Name: tuuid
Value: bf59dbcb-8194-4c1a-9d9c-97b67474b6c0
.bidswitch.net/ Name: c
Value: 1657609215
.bidswitch.net/ Name: tuuid_lu
Value: 1657609215
.creativecdn.com/ Name: u
Value: ytgqEnqc9jnzUu9jfcGD
.creativecdn.com/ Name: ts
Value: 1657609215
.sitescout.com/ Name: ssi
Value: a58185df-ce2a-4dbf-9155-4dfbc56d702c#1657609215554
.zeotap.com/ Name: zc
Value: 2129b988-513a-4a67-490d-ab5c1562bc32
.yahoo.com/ Name: A3
Value: d=AQABBP8bzWICEN9w-D7GAgYsgT-FjtIes-YFEgEBAQFtzmLWYgAAAAAA_eMAAA&S=AQAAAgpqDP6DsOq-3Ce1KYe06Rw
.casalemedia.com/ Name: CMID
Value: Ys0b--UUM4kDusOwTjCe7AAA
.casalemedia.com/ Name: CMPS
Value: 1134
.openx.net/ Name: i
Value: 7d2e5a23-c0ff-44e4-aa86-54cb9a73fbff|1657609215
.lemmatechnologies.com/ Name: uid
Value: 4834642a-01b0-11ed-8d99-801844df107c
.analytics.yahoo.com/ Name: IDSYNC
Value: 1985~25yu
.sitescout.com/ Name: _ssuma
Value: eyI0IjoxNjU3NjA5MjE1NjU0LCIzOSI6MTY1NzYwOTIxNTY1NCwiNzAiOjE2NTc2MDkyMTU2NTR9
.zeotap.com/ Name: zsc
Value: %23y%FF%8F%C9S%C5B%EFs%B7h1%90G%81%A9%00%27z%3E%E4%1227b%16%E4YU%40%ED%04%962%F2%8E%86%E6%BEp%1A%12R%92%9BW%03%DB%21%18%ED%BAO%22%DCiBS%9A%FC%A1%AC%3F%0D%F8%D1%EC%E9%0EW%12%99%25%F7%DE%F0%DD%92%84k2%04+o%B09-%9A%0D%E8%C0P%DE%BB%CBz%EE%8BpX%D3%D4%E3%D4%A4%CBX%09%8F%B7%03%9A%1F%D9%8E%B5r%13%1C%81%0A%D1%97%7F%19%E8%F4%21%D4%CC%BCNn5%D7%05g%86%E6k%82B%FFK%0A%8A%B7%8BAvo%293%A5%0A%D5%BBR%CCl%27%D8YVY%C0%EC
.adform.net/ Name: C
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: e30a3ab5-eac6-4c1e-80c3-1b64bdc5d675
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: fe5a76ff-3314-52c1-b176-c90ad3bbd2f5
.betweendigital.com/ Name: ss
Value: 1
.casalemedia.com/ Name: CMPRO
Value: 1145
.casalemedia.com/ Name: CMST
Value: Ys0b-2LNG-8A
.360yield.com/ Name: tuuid
Value: 22e745db-6d58-41f3-b6a4-0d874f0d434d
.360yield.com/ Name: tuuid_lu
Value: 1657609215
.adnxs.com/ Name: uuid2
Value: 9155233303628206019
.adform.net/ Name: uid
Value: 3165299387303551005
.tapad.com/ Name: TapAd_TS
Value: 1657609215774
.tapad.com/ Name: TapAd_DID
Value: 2d7d5c2e-cc4b-47eb-84fa-c6d1756f4feb
.casalemedia.com/ Name: CMRUM3
Value: 4962cd1bff05a0&1a62cd1bff05a0&4162cd1bff05a0&0462cd1bff05a0&6962cd1bff05a0&9862cd1bff05a00&4062cd1bff05a0&bf62cd1bff05a0&2d62cd1bff05a0&ce62cd1bff05a0&2762cd1bff0b40&e662cd1bff2760&f162cd1bff05a0&2e62cd1bff05a0&8262cd1bffa8c0
a4p.adpartner.pro/ Name: apuid
Value: 7e78147c-0dbd-41e0-bd71-8ccc9477b6b0
.betweendigital.com/ Name: ut
Value: Ys0b_wAL9oD_PAp9dLWFSsh0sPBngDdajLgTzA==
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3252e0f7-9383-4ef6-b460-9fd6bfcfe1e1-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.demdex.net/ Name: demdex
Value: 05653383960842244761962696355871741144
.dpm.demdex.net/ Name: dpm
Value: 05653383960842244761962696355871741144
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.yandex.ru/ Name: yuidss
Value: 4657737451657609215
.yandex.ru/ Name: yandexuid
Value: 4657737451657609215
.tidaltv.com/ Name: tidal_ttid
Value: 23b7d37d-d3ee-438a-89a0-69333cb1dc00
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2InAwNRRv!]tbPl1MzM)t2#mUY7X8SiWPQ?TP#0Y7N2]D=XGJDXthyY<cWYKzE-PG=p^Xr=CLr<QG=%9sk@3@'s>TqX$k4
.adfarm1.adition.com/ Name: UserID1
Value: 7119377367994267794
.weborama.fr/ Name: AFFICHE_W
Value: Yt-nHLn609Ji51
.turn.com/ Name: uid
Value: 2395229435552301717
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjQ3szK0MAIAbTp8iAkAAAA="
.theadex.com/ Name: axd
Value: 4299593314187101713
.theadex.com/ Name: tis_CwL
Value: CwLeAroy
.brand-display.com/ Name: _knxq_
Value: ec6be229-b75b-31e3-b7db32cc.1657609216.0.1657609216.1657609216
.doubleclick.net/ Name: IDE
Value: AHWqTUkcjXhPbA5c-r-JQVg7jfO7aza201mvESWyb_ot7wxDp9kDmGV5bGE4BHzy4KI
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
rtb.com.ru/ Name: as-user
Value: 62cd1c009ab4d27d704bab3c
.adtelligent.com/ Name: a584890
Value: 7064435012117703281
.krxd.net/ Name: _kuid_
Value: O88oX77r
.adtelligent.com/ Name: a319130
Value: e30a3ab5-eac6-4c1e-80c3-1b64bdc5d675
.adtelligent.com/ Name: a307971
Value: AKY7puKlhTIvP4OF
.adtelligent.com/ Name: vmuid
Value: 4479fa1b55e367bb
.richaudience.com/ Name: avcid-zeo-uid
Value: 2129b988-513a-4a67-490d-ab5c1562bc32
.exchange.buzzoola.com/ Name: uuid
Value: 8b957665-cea6-4714-7f0c-c9d6457128d8
.adtelligent.com/ Name: a309255
Value: 975ceab5-d0e7-48fa-9bdc-5c367f0f0a8f
.adtelligent.com/ Name: a297253
Value: 9155233303628206019
.casalemedia.com/ Name: CMTS
Value: 1128
pa.tns-ua.com/ Name: uid
Value: ZF68C9C3CBDD4D20A0B3DE93A68265A5
.nrich.ai/ Name: _nauid
Value: 726f1250-5f59-408b-ab8c-f45bcf7dce0e
.adtelligent.com/ Name: a307558
Value: 7e78147c-0dbd-41e0-bd71-8ccc9477b6b0
.adtelligent.com/ Name: a289656
Value: 22e745db-6d58-41f3-b6a4-0d874f0d434d
.console.adtarget.com.tr/ Name: vmuid
Value: 2e657114c0662886
.console.adtarget.com.tr/ Name: a307457
Value: 3165299387303551005
.mathtag.com/ Name: uuid
Value: cf1862cd-1c00-4d00-bb02-6b27a9124e72
.cdn.adpool.bet/ Name: AU
Value: d73701ab7810cf28
.adtelligent.com/ Name: p440467
Value: bb260eba93a0441fa3afe0a58a7babec
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ys0cAAAPhVT_HQAj
.fwmrm.net/ Name: _uid
Value: "e3bc7_7119377372268960097"
prodmp.ru/ Name: rai
Value: cd5a6a14e46097e0391aa4472896147f
prodmp.ru/ Name: rai_new
Value: 1f8767ecb4df0a854f67c3d754409a8e
.admixer.co.kr/ Name: __auid
Value: 1b40a12f13575a3b7e570ce3a504d12a
.admixer.co.kr/ Name: __puid_103
Value: bb260eba93a0441fa3afe0a58a7babec
.admixer.co.kr/ Name: __id_utm
Value: 20220712
.admixer.co.kr/ Name: __id_inf_103
Value: 0_bb260eba93a0441fa3afe0a58a7babec
.agkn.com/ Name: ab
Value: 0001%3AET1KMFkw%2BqmY2GNVYKFuEhLy%2FQKb5qRH
.audrte.com/ Name: arcki2_ddp
Value: CAESEFqqXWXs7FP57itWYYe5_E4!20210804!1657609217038
.audrte.com/ Name: arcki2_adform
Value: 3165299387303551005!20210804!1657609217106
.audrte.com/ Name: arcki2_TTT
Value: 1657609217107!5f1zuKvPDgPTtiJDzgcvXmJqg!H4sIAAAAAAAAAB1WO7JEtwpcjGKqJEAShA5e8MplBy5vQEiw/yW4z9zkztRIfJruRiM619RLrCdIczzyrE76Vsm4NaO8jVKe/BbhzCGN5WR8mGKFc9rSPbzZrSNsk1JYSWUtOimDlnnlHTFy93afWfS7CCmT9JpQWDFx4JS86by8cc5rfpluIpNGTophQd087M3KqNk8/ehZQae2kdh0OndN8rvGzqHZtVr0ZDU3ekcm6UBiPyFkemT5WWlcbd1VuQzldEeLrJPOLLRQPMcdvcfRtjIfK2+a5o90hiHT22QiPSP763GbDkuTd2n5TpLsRd61U9S6Q4OHKLdtxoACV/EJkR4O8byEH70ex5AcbfDbwf3StgHElyohdFDxe5fv3dtme+qjLtCpt1C9S1HI6nTDkdsmqpQGiOOcpzQUOEhdId81KNM35wu7j9spxoDO+2oegOAF+UJN7+rqde4sIJ4++mMAc44AnX0m2UB3p+NmoCUzb84XJFmPIkEqvbLQJ3Ji6FPtRFhUyxlHfGAsshEp89B5t6ir6J4yWTCW/bzYkW4Lqtce4FMgcQ7MKt7yqtdm98mei17nQyKZmMi5HwRccrjPyHYGcx+F2VaBT4zqHPBQzdHXRE2rHxyapjO/sXaAaUjsdxStM+J0THgUagoR25PBIoFG9CiF30NzPb9qLA+HnqmCWEkesgGBM1nYx0w9+9WaPb3dFXZ4C2Z7gdNjxNzhlPU01aS6GnCSZ66LWAqkyw4hQGz4dHcfW4ZwbwKpzeqLLojxRQL2Eh8fFhtEAhlXKx+OKQmtXABzBdJNP8QbnSaGgr8G0YB9U+iAfYDgoYUJPuW56bXWhn4aT0z6gxACxyFwlux14LD6smAW2dIWH8j2GwvkRBILMddU6hMa8x4FjjR5Hv2BAOyBwg8KO5X8lQgk3t16ejuWBSkfgqzRUxgUDAWQYB65VzxegUN2LjOG5YZIge4OZoac1d9R/YyjzZ0J3AZ67u/r7qJPATP9Oe4bmLfb3k/fO5t2uXxU2eRqA554ZWCuUnO2nnNjkkrlGxBs/RATRyT8i8FLTjb4mdV9DyaGmnVssEB1wImuxn59XkSqiTAuQSsS6aZcis9iB8jxAeoxdkNlr0yZ3jgFIfBAJsjUDuxJbt/gaQNMcYMNYMKYfxZ9licNkN827HHJbtrBEfAZuuMvXcJVHFo36S/mWMOuwseHfdZPbx3BlHcHkTGbdy/C7MW7eltj3W4fKdHsVxNMzs6Cv2yB8my7aCtF/9+hFRs/zfexoMPWJ9qG1fkta4rT62tn1ydz/tF3bDhRJJq+ps/arnx7wwmh5EFwUdR8EZMHn+MqaPo08DGhyEH3Z6wFycX0SVBMQtsbArgtjw9dSGIYAlhwOkEAMOMF3ZX7gvOCvj3R6/mEgHT+4AobHBYI8vrKs+210bF/gD50/bnKUwjBEamw6Goueww+/f/vv/7458///UtoaRMDJ+fdpuFDAWI1hSfvO8BXeMm32QLrDrYOh7CTOie4AR7gPvwLEsFXY74AWXYJ7JZdMXmwLD6+YmJYtEzjuu6OZfB0o+cLoUE0mB24MQfkAUJjPR9eENidXVqvEv32CEMHILV/qxIWL1hsGjAhiY10s3eY2Wdo346fv8IT7u7GDoMI7S0L8k3sLrRS346H9U24uzzYtjEYx9FupXRGd7jWP0MCX9EM7rwcdgRW8qCh3U9UUb7PJL854b2Bxwd+QAMLSgOB4N5Zxt+KiG93oXBsSOyJY3zxusCab9wDJnUGVuVnkhOk9Y0WQBXI5CFUjbZ6jkJ6QBhfTfrojMLK/xj2BNf3bODPSgHLYAuIxB2I1wFBUp1tyFWMnbGgo28U/j2tsHh/O35R73lhuZxxs8XbHZsb7xK59j1OHNaGzRzJ/dnaivUB454D2jUa325SxTPF9aImKegsh5xvfZ9z3UHl/T0k9OEldx5YgPChiBBPR+Of8aDmT8U4BH+EUeLhBz/Ee6skt/4H3eTASw4KAAA=
.adtelligent.com/ Name: a318342
Value: 2e657114c0662886
.eyeota.net/ Name: mako_uid
Value: 181f1356584-32c60000010f56d6
.eyeota.net/ Name: SERVERID
Value: 22230~DM
.aidata.io/ Name: __upin
Value: 4kAJhUtCYsx4pva2EzxbZw
.aidata.io/ Name: __upints
Value: 1657609217
.audrte.com/ Name: arcki2
Value: 5f1zuKvPDgPTtiJDzgcvXmJqg!20210804!1657609217787
.dmg.digitaltarget.ru/ Name: viuserid
Value: gCX5D40fMT-CiPk7A-k1
.1dmp.io/ Name: uid
Value: 4a0e33b2-01b0-11ed-8677-901b0e934d81

13 Console Messages

Source Level URL
Text
javascript warning URL: https://offside.com.ua/(Line 653)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/15ba3ff22a033198c506d7c00839843c/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://offside.com.ua/(Line 653)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/15ba3ff22a033198c506d7c00839843c/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.effectivedisplaycontent.com/15ba3ff22a033198c506d7c00839843c/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://offside.com.ua/(Line 1085)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/783e5138ef26bb20b7684a6985d43be6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://offside.com.ua/(Line 1085)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/783e5138ef26bb20b7684a6985d43be6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.effectivedisplaycontent.com/783e5138ef26bb20b7684a6985d43be6/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7140845151581295&output=html&adk=1812271804&adf=3025194257&lmt=1657609214&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffside.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657609214090&bpp=2&bdt=723&idt=682&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=805628118330&frm=20&pv=2&ga_vid=2120219989.1657609214&ga_sid=1657609215&ga_hid=776932370&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068105%2C44766558%2C31068196%2C42531606&oid=2&pvsid=1183762574062160&tmod=2075173734&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=703
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://tags.bluekai.com/site/87734?id=2129b988-513a-4a67-490d-ab5c1562bc32&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2129b988-513a-4a67-490d-ab5c1562bc32&reqId=24187f12-6e2e-4ba3-4c2b-ae34fb5b1145&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://adx.com.ru/adspend-sync?uid=62cd1c009ab4d27d704bab3c&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FQqESupYsVN6gUhBQxC2Yw4%3Fsign%3D2213836553%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62cd1c009ab4d27d704bab3c
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.exdynsrv.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
adx.com.ru
an.yandex.ru
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
bidswitch-eu.splicky.com
bn01.er.bemail.it
c1.adform.net
casale-match.dotomi.com
cdn.admixer.net
cdntechone.com
cm.adform.net
cm.g.doubleclick.net
cm.p.altergeo.ru
cms.analytics.yahoo.com
content.admixer.net
counter.yadro.ru
covivado.club
creativecdn.com
cs.mobfox.com
csync.loopme.me
d.adroll.com
datatechone.com
dmg.digitaltarget.ru
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.e-planning.net
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
loadm.exelator.com
m.trafmag.com
maps.google.com
maps.googleapis.com
match.adsrvr.org
match.new-programmatic.com
match.prod.bidr.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
offside.com.ua
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prodmp.ru
ps.eyeota.net
r.casalemedia.com
refpa3966353.top
refpa6781648.top
region1.google-analytics.com
rtb.com.ru
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s3t3d2y8.ackcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.1dmp.io
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.extend.tv
sync.lemmatechnologies.com
sync.richaudience.com
sync.taboola.com
sync.tidaltv.com
syndication.exdynsrv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.effectivedisplaycontent.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
x01.aidata.io
z.cdn.adpool.bet
104.18.18.126
104.18.19.126
104.89.20.125
104.92.72.137
138.201.139.144
141.226.228.48
142.250.181.226
146.0.227.109
151.1.205.165
151.101.2.49
162.55.236.225
168.119.9.59
172.217.16.130
178.253.35.215
18.66.248.33
183.110.238.136
185.15.175.147
185.15.245.83
185.184.8.90
185.64.190.78
185.89.210.180
188.34.131.134
188.34.190.35
188.42.191.196
192.243.59.20
192.82.242.208
193.106.93.124
193.200.65.6
194.247.175.26
199.115.119.227
2.20.157.2
2001:4860:4802:34::36
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::11
205.234.175.175
212.7.203.129
212.82.100.182
212.83.160.162
213.19.147.44
216.52.2.30
217.65.2.150
23.227.139.243
23.35.228.210
23.75.240.210
2600:1f18:6593:f600:d00c:d52c:5371:efa
2606:4700:10::6816:1957
2606:4700::6813:ac6c
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a02:6b8::90
2a02:6ea0:c700::19
2a02:6ea0:c700::20
2a02:fa8:8806:20::2040
2a03:90c0:41:2801::254
2a04:4e42::300
2a05:d018:24:b001:736:16ab:a44d:3496
2a05:d018:d29:3602:cba9:630b:f07c:688c
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
3.122.214.165
3.126.56.137
34.111.131.239
34.111.151.213
34.252.17.141
34.254.143.3
35.156.83.159
35.227.248.159
35.227.252.103
35.71.131.137
37.157.5.142
37.252.172.250
37.48.68.71
45.135.120.147
46.249.52.249
5.178.65.246
5.178.65.253
51.255.68.171
51.75.86.98
52.17.103.74
52.202.236.184
52.208.103.128
52.209.232.242
52.30.130.246
52.46.143.56
52.57.150.184
54.164.129.77
54.194.115.18
54.229.182.75
54.239.38.253
54.38.197.123
54.81.7.162
62.149.18.58
66.155.71.149
66.155.71.25
67.202.105.32
69.173.144.138
69.173.144.139
78.46.100.125
8.2.108.175
8.2.110.206
82.145.213.8
83.222.114.188
85.114.159.118
88.198.49.154
88.212.201.198
89.108.119.43
95.211.229.247
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02fe66db67d5a7d175b76925014e6d6ba405fee36245100e36cc6717b2782b80
04adc8f6ddd45cceef28032419c3afaad0abc2c4be2760db0c7e51793c036730
04ba4cb5383e0757aa5be26ab4d85f048e2d027a0d3f5f567c91c5ecd1b515d3
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384
0a7ddc211091d3a157721e4e9dfb27ac4c9cbee13616967d628c5f773ab85e4e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d94be650a5c60bab1cd8019486a3e88695f59d181b3b8fa30c8f5abb6949c44
0de9663e110e1a0c97d1c8dc3494bab3000b4801c49286ce1df6d3149cd6ffd3
0f4e0c3fe251b64bd36e2eab19db80e2093f18732ba081cd65382ff6ca57eafa
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1298b9e957de0974cfedbce7cefca76dc7986856847f1593a32d8328916c54a3
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
199a66ac6582dd904b4a006853b186b3169cceddddc159f5772e01ee3f31cac0
19d1662ab265a1b1c6264d999bac5f24fac78f744ee892f49d304556189d25d4
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1fd692e17ffbdd6c487f570808045f74c6d3b93d61b6cd7a0296ae8c451eacd0
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
278b654444df259096a79624ab2e21e427234a7b98bfe89b853f84c057ab3684
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cf06971b4faa1bc7a53a866698974f8697faf3fdb5531a85ff2efa6f468995e
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5179b2c1bccbc0928bd11c657e540b380344cefe963c98ce576e5ecd5d9fc0
317af32e29c965d8becb782a826d1d17aeeb8bc52ce4df04d4ceaec8534e4e49
33c40c2335d26ad0f3b506969c3a67660523d137b0c8cc198911c2826a27316c
37a3b8ea20c9512ec35491bea3f66fe195756a49d837c82a83013f89e0e6b1bc
37c51778d96d7c463d5ddef2a8877c63f3dcfb28fe54270fbf5d1df4540af198
3875159fa62bdedd2b91ccf9b615bbf1e1f2e9c2f9c91dc1bc301a05af6039a6
39c3747d29a27dcd07c6cb7d4dee61fccb8de904505e145bce04230b762190e8
3ba01f9c16a55d404aff94ddd5f28d63e1a2552358e661e1cf75bed93f601e88
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3c17e5fec5e26fbc519e90d9f8455d30bd9fde8c1fde9591691ef249b0741028
3c6dc0b8e451822061daba4be79dc084125a2810b8f3bd7a520c788eab3d5377
3d364588ab9e8dfb50d506853d43201eecabb33fe2fdb4c0037637651909e7ba
3e47d1fcfc215e1bc40693edf7eafa3c9ffc41ff5d9236d606b1141e258d2061
3eabedcff1f323472f8f19e8269ea2bb08db98e4ea2fa9c18fe6c813938cb335
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4cff9965d17a5e644e1610d150796343dd8a51556b6d7a7fd3c390b82288f5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
418c91639d6dbcb6709cf1878dd5b3c7a84071470c0d31dbf7ca84ee01832151
419b39f3cda98241621ab9469a5b23de4b0f01a98a145efe662d4aadc510a7bd
4226f72116bd7e494b7c9a5f22e170f222b1cb9b0736786ce1bf0d5b5a328b9e
424b42dce7c8d396da4463193fab31fe167a3fbd9ee1df5745d6fcf23b9e0a44
427f8dcaa42e89577a4604efbbd21af5c268c39b5c6e021f12d060b93257b101
42c88d61050399e0f93184e6e6fe946329df48ef9c7bc23b521ebdd28e10e563
4640640359f504d069e542951660e3aa43220471c2fc5a27a3aaf7e414cdef4d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
496659f4dc07b5a371481d5c807e80a750b91b42e63c7d9de1cd4c532b26a499
4ad72ba5583bcd350d55c0e2b27839eb8398a6842df6c399e80bb05e37604ee5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bab567b3903be4386028e78fe6e99876796d1a3f021275834041a2702a4d804
4c3e568a51d26eaf8e3a6f95a642fef37773344d8a88b99138fc01d73ab944d3
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d34963b7db0da6900ddb9c2fd6b9b9d59844eeec6d2a6a99d3f7c0bc820797b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e336df1b9f268821f3276705e6d271be80f32033531fcc8fcae62141a70a741
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
51d40c85b2b9e4dee74cd75fa28a0095a125bcfac5ec024498649ccdab5dcc15
5346e1a1343f6f33d953371d82c8c8a7cc5e7e07a58689ec49d7d9e4452c6f7d
5484ef447d51f1402aada17408f1a7322315241f3df6354f931242cd51450d5f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b5b6c96309746983e83f02889b4880d9d3e0c9f0f0e1ad1d53d603ef6a0bcc
565a3c1109b083c57031aff608ed98fab419370a31c69f3e49f96bd06a4323a7
57c4ba7e8a1a2cd472369a8e68292b6f1e53a55498c3cebd36ed3ea51458763f
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bed074367042548e1f1ce7d18ba273b797a7a142899b5fdafabf24aa17bb645
5bf646718da4352ccc6d6044501c89e83a270a597c27b0f0efae7e62cf0e71a2
5c576aa0870358e504e622f1eb8bd23a788d51adb2d649e1751ba4c9ffbee7b5
5f010159247bf3b25e92cd7c414b38194bd825a212bf42f9adaa8587bd0253ac
6039ce729a6c8041b44b7285bf244469b4d369991d6ad1f63711d079dad29b07
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62a3c8221a48fa3cdc0f7baaef06532499f8d061facf5465c0d6d02bca09aa89
66cc4f5c0e8e3d6c633b9fda10e909c30d70238b8cca7957e5af2c04efd658cc
672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6942d5eb7a1b32fc50a00610993de33c20d405ba2a939e7f22a5c1f76201d425
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
72fbc598e4a1591e0b0d4a37e2bb5b3545d0695413c7b4b620bfac9eba13d7e1
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
776ef5ab756f8e5a45a1508c934b11b7d2ae0206cb1d614bc2ab939541a1a897
78764c6b55a054871a6a5b36a5704b51eaab0e4394cf6a97cddd3c0ee4d7236e
7abd36a2f651330420d86187c125331d679408d1be7b6cd93efa64e08eaf80c7
82033caf490802d20c64e9a1585f6800464d103ba5737d788a5add2f98ad446a
82f4266a842360b89a28c06a7651ca82a1cb88202db2ff6c174d380619a1e6f3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ae01f825d8e203e574d3a82874481ed3d59d4ef60b2c92262c920932706ff8
854488771daa7e0da365f12ba7771fcaa148f0b6d3e4cc96150ab3c94756a101
87038e38170c8ee523a5abcfc8c0a25ef98523caa85851b24ed1e195f90f482b
8a44373cd2617ec6d005ef8a6e9e9d8eda6d533f0cd6b7ac67f805680fa81e32
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aca1a09ec1670859e73d7c8e95a38e3d7a980dd82a6a2ddf68a72d3be0eb2b0
8b17b3f7aaa61b87daa3b93bc11b64cd6536958c69e1ae3d6c89b8c0ae192980
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9fd04b0c4d42a58f7b00d5427d9f2ec293d329f41a4b22e37b6d18a1117679
8e8ee8a949d817501563284649dc164ccb4a0cb46497220d58eab71b7ae360ec
8fef8c3db2ad309a66c5985fc9a74b186187cebe716932d56c605faab903b6dd
93283207e11d69216e79359311251c1112430f233292d03ae19acde36f42cb36
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
93fa4326b5ee1782ff8dcb6da38f48b6cc282566de4d5d39eff0106eeec6f3ab
94277769b8916ca8755e5a211d850942e94e1d6621060daa7ffb5c3976b1ce5e
9657b0a8fad94d69d0317ab203423ac22731eb3b4116482acd110ab96f976563
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
9a002b829d4ff6c53c745ff0f57451002810b8dd72840d4db062f1f9f78c974a
9a98725eceac39b7cbb8e6bc22060dc800fb77bf3c77a7c92bb4b24abc05deb7
9b10eaf10ba9b818d7125988aa3d5e30f0094d53389b8ab1fb4355bd423044e8
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9f3f4441058208dc79fcbe616809b3938bb501414967de8fff4231d7fe7f2aa2
9f616744c5212f524a7ff47e22a04d7f2ba7b2075512f932923a3fad65040150
a0550c453d5f7713f3881f684608bc5a7a4226f2c924ae1134615c0314468525
a1285c19a66f8d009fc6ecdbd27373eaec80e05cb07cc75d47554f912b2fa06b
a44e14227086b310ffb4fd450a59ce85481174c4d0efecb9365578202a0e4752
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
ad362a61df47cf8a878f2d63a6e94afc5809e489606317f59353031a8dad5c06
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
af6ae06e3c71a81bbee6cdeb804e123e386f924e0d2e090d2ee03f16768d055c
af9dbc27afe64ede92ebd03476ac8706c9f6c18f3174ae9106af70bc6f662810
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2438b4fd59796fa354af36092272f00a446507a7979243c7849dd589eaa5f1b
b27229c8ff535c38b69572aea4474a7fb051cfe1f1f40c0497add14f13f65a92
b2877b9644f1d0214961542e44f4d78fdcba93756941da51b62f0796b5d96431
b3a4dc93cb491425d6552342960777015f434ed0c89b8adf0fc2a84c4063d93e
b540a98a0557f1f1a7cfac516193fb46f0046583af0383ef43025f09e41583de
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b9cb9ae359a625e05528779aa81b4889ca5bbb9c3d870ea207fc3e9502d26459
ba86c4e74026c9c80d215b10cf1aecbc0576d7aaef6ceac9eea652d48a787bf4
bc5c1ffb80e8c6b709daf7cd8f06a977335f3a35f90332e9bd9a5e605717ccfe
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc8c33419378a34dc5449ee25e421efe99767a5d5897e3c4b5f3a14ee15115d
becca024b2cb3805d2624e20512e03bcf5487690286ee41fa44700ab8ac12955
bfe7d136e70cb2861d42af1252f323fb95ffa3f3c506fd2c64fa78f034e10883
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28cf9531a92b13f64e6bde8578d730da9920d06883a826a944ba161e3cda818
c52258c13dbe41865ee9bbd68e4e15cbc2105e276b5bf907c76b308b1bb952a6
c5fb47e39b757be7fd84e8b5b1e0f6a2915cb234a8c3d0fcae5df712e954606a
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce087d1d736beb8d869939f28b6be10aa4660be34796429d59150527054b500f
ce9752333550003588f5331b7127dcb9c5c21de2116a21bd31364601964ff127
cfa823c0d78ac3b77487ff83ad623413f7fcc931530e1fb269ee0902b104722c
cfda5ab4fa75e77566a328adae8566973f7d2a7d1815a272daf58cad64ff8273
d154521b7e690095bfb6cb7d50d20769a73c63299f7b35561e7266a8ad2f6f41
d2ce8aeb5078f755d7899883af3de7b1181a39bcdb68249e529fa7c3d1651dbf
d3abb75ebc673d5c07263ea76e8a03b2f03a12e6a56c050c6b3a37e33e78e72f
d450eebb78e637a6106afbc9d7936b8ac6f209aee37a064f15157e2fa999e186
d62935cf553792a615bc5324e08cb2403106d5441a92a5de2295080e77c3f42c
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d6cfcdf1e2b932ad28e31fa67aa30b6c13e15bd0e4cbd8cf973dbea4679c815f
d6de8fdce0389adf4da099857373c7419ade67e4f9854fa602a97cf5b3d6a206
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
db9bacda467d38f3afc52d07d44734b5d48543fb9600f71f5018b1ed09b87c62
dbd6281d1ce9156f54a02ab4ede62b9c2e3f6be56fe38e20139f1b58f1ab4458
dc4c1d4ad985cef08104a09919ae8be0221ed3a7ddde5654213e464ae4d944a1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de4a613ce8afea727d2acc72baf646d51689d8cb1808f3fa2c1ef36cb2b7cddf
df83ce35b983dfe68c149b53116041586f6060041f29c48f07c8f666af9c6b37
e1bd7d64deecbc15860d0f0a269fca9043802f24a12443c912cc507305e4cfd0
e37d6e58fbd507020bfee3d26b717393a4c78e845bc164bcea7d7374c4a5d672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e735eaeeb3dcf7bfe26c0a6990d0e162bdcd06cacab1ba8ee0c234ddae328f
e5e9ae1458b36ebe857373cbeb07e1aca3eebc0cf67516c1c841cd98495fbec6
e7dedbb2327be817cb91eab8f15c83bac411f30f4fe1a88013bd85f940aff522
e8950ecd52e439f7dd58115df3d4ab549f15cbf980633b2d389141e2a8d0d9c2
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f5de0ff9f66605a6edd3434522aea6f05b020a1de93e7b3b6c8edc9e54b63a89
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6f999ea0d328245ae7d1201632b7783931d12b0f936430c31e3fc1b2fb080f9
f75a31cec85535e7da98dd8c6125784e952249bcbd54b01243b8164db0eb63c3
f9c0f2238eacfa69a93f98b77a31ad1da5631e66f791ce11c576eabed30410d2
faa68e2aa20f49c2941d9175f69d54b472d86db7c69b048f040263aded7ca694
faeb680b5dc7c4d7212e4da47348669c3275b7a426a608b007746a1983dbaeb9
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fb7001aa094389a4e85c7b731e35f87a7a85f7575b2d69f16092f65842f3b68a
fb78a53f736a86f446c9a007f90e4c9561b59b9176b5075730b9446dc599b027
fd33618d55990e248e3c821a48983c3432d5758deb93a6c231758b7f1e3f1b3e
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff125f0dfe5af20434e5abc3228bcb63ba4a2a5a286e69e090e16eff29cd368c
ff72d97681087613a8ff632da8a55ead188887ff0fcdfdfa819ac479b47ba5f0
ff828e8413d71d34d885f683cfbec9b21ef3c8cce757b0766a4416e817e29193