Submitted URL: http://offside.com.ua/
Effective URL: https://offside.com.ua/
Submission: On November 27 via api from GB — Scanned from GB

Summary

This website contacted 91 IPs in 16 countries across 101 domains to perform 346 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is offside.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2022. Valid for: a year.
This is the only time offside.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
108 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a03:90c0:41:... 199524 (GCORE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 212.7.203.129 60781 (LEASEWEB-...)
1 3 88.212.201.204 39134 (UNITEDNET)
5 2a00:1450:400... 15169 (GOOGLE)
3 45.135.120.147 56630 (MELBICOM-...)
1 88.198.49.154 24940 (HETZNER-AS)
2 95.211.229.247 60781 (LEASEWEB-...)
3 2a00:1450:400... 15169 (GOOGLE)
1 66.254.114.171 29789 (REFLECTED)
2 209.197.3.25 20446 (STACKPATH...)
1 66.254.122.20 29789 (REFLECTED)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.253.14.29 202492 (SGHL1-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 9 204.62.13.72 46636 (NATCOWEB)
2 185.83.69.178 55081 (24SHELLS)
1 7 185.172.90.252 49981 (WORLDSTREAM)
3 51.89.9.254 16276 (OVH)
2 2 199.115.119.227 30633 (LEASEWEB-...)
8 8 52.29.215.78 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
3 34.98.67.61 396982 (GOOGLE-CL...)
1 2 194.247.175.26 196831 (BEMOBILE-AS)
9 9 185.64.190.79 62713 (AS-PUBMATIC)
7 9 142.250.184.226 15169 (GOOGLE)
6 15 185.64.189.110 62713 (AS-PUBMATIC)
1 3 198.47.127.20 3257 (GTT-BACKB...)
2 193.200.65.6 6681 (GIVEME-CLOUD)
6 8 185.89.210.122 29990 (ASN-APPNEX)
2 185.83.69.242 55081 (24SHELLS)
2 2 203.195.121.141 7979 (SERVERS-COM)
4 4 3.126.56.137 16509 (AMAZON-02)
2 2 99.81.44.108 16509 (AMAZON-02)
2 2 137.74.6.209 16276 (OVH)
2 8.2.108.194 46636 (NATCOWEB)
1 183.110.238.136 4766 (KIXS-AS-K...)
1 8.2.110.206 46636 (NATCOWEB)
1 83.222.114.189 42632 (MNOGOBYTE...)
1 3 185.184.8.90 204995 (RTB-HOUSE...)
1 82.145.213.8 39832 (NO-OPERA)
2 216.52.2.48 30282 (AS-INAPCD...)
1 3 35.204.74.118 396982 (GOOGLE-CL...)
2 2 217.65.2.150 29076 (CITYTELEC...)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 2 168.119.88.34 24940 (HETZNER-AS)
1 2 172.64.154.237 13335 (CLOUDFLAR...)
6 15 52.73.233.198 14618 (AMAZON-AES)
6 185.172.90.250 49981 (WORLDSTREAM)
2 2 184.24.9.113 16625 (AKAMAI-AS)
4 23.205.235.133 16625 (AKAMAI-AS)
2 205.234.175.175 23352 (SERVERCEN...)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
3 4 35.227.248.159 15169 (GOOGLE)
5 7 37.157.2.239 198622 (ADFORM)
5 52.223.40.198 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
1 3 185.64.190.78 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 99.81.236.184 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
2 2 185.86.137.110 201081 (SMARTADSE...)
4 54.77.35.234 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 54.76.86.77 16509 (AMAZON-02)
2 52.30.146.240 16509 (AMAZON-02)
1 157.90.211.246 24940 (HETZNER-AS)
3 3 151.101.194.49 54113 (FASTLY)
1 13.32.99.36 16509 (AMAZON-02)
1 1 52.70.254.182 14618 (AMAZON-AES)
4 7 67.220.228.203 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
2 2 54.228.118.174 16509 (AMAZON-02)
2 11 69.173.144.138 26667 (RUBICONPR...)
1 67.202.105.34 32748 (STEADFAST)
2 35.214.223.115 15169 (GOOGLE)
3 23.35.236.201 16625 (AKAMAI-AS)
2 15 62.149.1.122 15497 (COLOCALL ...)
3 3 213.19.147.44 26120 (RHYTHMONE)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2 35.186.253.211 15169 (GOOGLE)
2 2 34.246.215.174 16509 (AMAZON-02)
1 37.157.5.142 198622 (ADFORM)
4 13.225.78.97 16509 (AMAZON-02)
2 51.158.29.13 12876 (Online SAS)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 4.78.226.234 3356 (LEVEL3)
1 1 52.89.41.173 16509 (AMAZON-02)
2 63.251.232.165 32475 (SINGLEHOP...)
2 2 103.229.206.240 30419 (MEDIAMATH...)
2 2 213.155.156.182 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
4 35.175.58.50 14618 (AMAZON-AES)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 3 54.171.40.8 16509 (AMAZON-02)
1 1 54.208.68.206 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 162.55.120.196 24940 (HETZNER-AS)
1 1 141.94.242.206 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
1 35.186.193.173 15169 (GOOGLE)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.150 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.89.210.244 29990 (ASN-APPNEX)
2 3.127.178.105 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 1 34.205.150.35 14618 (AMAZON-AES)
346 91
Apex Domain
Subdomains
Transfer
109 offside.com.ua
offside.com.ua
3 MB
36 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 857
image2.pubmatic.com — Cisco Umbrella Rank: 1258
image4.pubmatic.com — Cisco Umbrella Rank: 1287
image6.pubmatic.com — Cisco Umbrella Rank: 871
ads.pubmatic.com — Cisco Umbrella Rank: 635
simage2.pubmatic.com — Cisco Umbrella Rank: 819
simage4.pubmatic.com — Cisco Umbrella Rank: 1455
aud.pubmatic.com — Cisco Umbrella Rank: 7133
42 KB
18 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3720
mwzeom.zeotap.com — Cisco Umbrella Rank: 3118
5 KB
18 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1243
eus.rubiconproject.com — Cisco Umbrella Rank: 735
pixel.rubiconproject.com — Cisco Umbrella Rank: 411
token.rubiconproject.com — Cisco Umbrella Rank: 732
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2574
25 KB
18 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 38602
inv-nets.admixer.net — Cisco Umbrella Rank: 3700
203 KB
15 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2376
11 KB
15 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4248
s.e-planning.net — Cisco Umbrella Rank: 7718
u-ams03.e-planning.net — Cisco Umbrella Rank: 54718
i.e-planning.net — Cisco Umbrella Rank: 7850
8 KB
14 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 7563
sync.adtelligent.com — Cisco Umbrella Rank: 5072
7 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
6 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
204 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
secure.adnxs.com — Cisco Umbrella Rank: 577
7 KB
8 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1200
tags.crwdcntrl.net — Cisco Umbrella Rank: 1438
sync.crwdcntrl.net — Cisco Umbrella Rank: 1079
35 KB
8 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4184
cm.adform.net — Cisco Umbrella Rank: 1638
c1.adform.net — Cisco Umbrella Rank: 865
3 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 381
2 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 914
5 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 373
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1261
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 576
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
1 KB
5 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 17132
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 19062
2 KB
5 gstatic.com
fonts.gstatic.com
147 KB
5 google.com
maps.google.com — Cisco Umbrella Rank: 2634
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
189 KB
4 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 8626
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 620
1 KB
4 adtng.com
a.adtng.com — Cisco Umbrella Rank: 13138
hw-cdn2.adtng.com — Cisco Umbrella Rank: 8859
ht-cdn2.adtng.com — Cisco Umbrella Rank: 10194
97 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
maps.googleapis.com — Cisco Umbrella Rank: 486
3 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 690
2 KB
3 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 4508
35 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 652
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 876
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 639
usermatch.krxd.net — Cisco Umbrella Rank: 1754
942 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1152
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 581
922 B
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1265
523 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 983
3 refpa6781648.top
refpa6781648.top — Cisco Umbrella Rank: 552577
3 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 6424
2 KB
3 exdynsrv.com
a.exdynsrv.com — Cisco Umbrella Rank: 54984
syndication.exdynsrv.com — Cisco Umbrella Rank: 36965
28 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
221 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1568
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 6386
626 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1285
2 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 9169
pixel.onaudience.com — Cisco Umbrella Rank: 3958
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1168
s.tribalfusion.com — Cisco Umbrella Rank: 2651
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5967
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 602
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1694
565 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1083
969 B
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7242
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 642
655 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1980
535 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1057
2 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 31974
427 B
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1890
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 17088
682 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1886
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 251
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1952
751 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
2 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 16634
543 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3936
646 B
2 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 34163
549 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
554 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 7235
258 B
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 11065
541 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 23757
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2179
1 KB
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 95205
702 B
2 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 140504
466 B
2 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 10638
764 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1166
363 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1314
554 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4355
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2942
555 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 926
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4207
104 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5290
369 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 11024
367 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 7905
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6342
279 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1021
621 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 956
589 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 786
363 B
1 storygize.net
www.storygize.net — Cisco Umbrella Rank: 2045
430 B
1 mxptint.net
rbp.mxptint.net — Cisco Umbrella Rank: 6528
694 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6169
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 650
145 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 49132
208 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2580
361 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 649
529 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8696
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 13987
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 770
162 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2097
467 B
1 com.ru
rtb.com.ru — Cisco Umbrella Rank: 35993
240 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 20436
510 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 9741
904 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 4067
523 B
1 refpa53115.top
refpa53115.top — Cisco Umbrella Rank: 287223
149 KB
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 2819
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 961
469 B
1 covivado.club
covivado.club — Cisco Umbrella Rank: 202570
410 B
1 adpool.bet
z.cdn.adpool.bet — Cisco Umbrella Rank: 92414
504 B
346 101
Domain Requested by
109 offside.com.ua 1 redirects offside.com.ua
16 mwzeom.zeotap.com spl.zeotap.com
15 a.audrte.com 6 redirects ads.us.e-planning.net
a.audrte.com
s.adtelligent.com
offside.com.ua
12 sync.adtelligent.com 1 redirects s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
ads.pubmatic.com
11 simage2.pubmatic.com 4 redirects ads.pubmatic.com
9 cm.g.doubleclick.net 7 redirects spl.zeotap.com
eus.rubiconproject.com
9 image8.pubmatic.com 9 redirects
9 inv-nets.admixer.net 1 redirects cdn.admixer.net
offside.com.ua
ads.us.e-planning.net
9 cdn.admixer.net offside.com.ua
cdn.admixer.net
8 ib.adnxs.com 6 redirects offside.com.ua
spl.zeotap.com
8 x.bidswitch.net 8 redirects
7 pixel.rubiconproject.com 1 redirects spl.zeotap.com
s.adtelligent.com
eus.rubiconproject.com
7 aax-eu.amazon-adsystem.com 4 redirects spl.zeotap.com
eus.rubiconproject.com
ads.pubmatic.com
7 pagead2.googlesyndication.com offside.com.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 s.e-planning.net ads.us.e-planning.net
5 match.adsrvr.org spl.zeotap.com
s.adtelligent.com
ads.pubmatic.com
5 fonts.gstatic.com fonts.googleapis.com
4 cs.yellowblue.io ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
4 token.rubiconproject.com 1 redirects eus.rubiconproject.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 u-ams03.e-planning.net ads.us.e-planning.net
vid.vidoomy.com
4 ups.analytics.yahoo.com 4 redirects
4 image2.pubmatic.com 2 redirects ads.pubmatic.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
3 vid.vidoomy.com s.adtelligent.com
ads.us.e-planning.net
3 sync.1rx.io 3 redirects
3 ads.pubmatic.com s.adtelligent.com
ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 bcp.crwdcntrl.net spl.zeotap.com
tags.crwdcntrl.net
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 dmp.adform.net 2 redirects spl.zeotap.com
3 um.simpli.fi 1 redirects offside.com.ua
ads.pubmatic.com
3 creativecdn.com 1 redirects offside.com.ua
s.console.adtarget.com.tr
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 odr.mookie1.com offside.com.ua
spl.zeotap.com
ads.pubmatic.com
3 onetag-sys.com inv-nets.admixer.net
s.adtelligent.com
3 ads.us.e-planning.net 1 redirects inv-nets.admixer.net
s.adtelligent.com
3 refpa6781648.top offside.com.ua
refpa6781648.top
3 counter.yadro.ru 1 redirects offside.com.ua
3 maps.google.com offside.com.ua
maps.google.com
3 fonts.googleapis.com offside.com.ua
3 www.googletagmanager.com offside.com.ua
www.googletagmanager.com
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 ps.eyeota.net s.adtelligent.com
offside.com.ua
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 cm.adgrx.com eus.rubiconproject.com
ads.pubmatic.com
2 ad.turn.com 2 redirects
2 js.cookieless-data.com s.e-planning.net
2 ad.360yield.com 2 redirects
2 rtb.openx.net 2 redirects
2 csync.loopme.me s.adtelligent.com
ads.pubmatic.com
2 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 sync.smartadserver.com 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 spl.zeotap.com ads.us.e-planning.net
2 i.e-planning.net ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 ssum-sec.casalemedia.com 1 redirects offside.com.ua
2 exchange.buzzoola.com 1 redirects offside.com.ua
2 an.yandex.ru 1 redirects offside.com.ua
2 match.new-programmatic.com 2 redirects
2 ap.lijit.com offside.com.ua
s.adtelligent.com
2 us.ck-ie.com offside.com.ua
2 a4p.adpartner.pro 2 redirects
2 r.scoota.co 2 redirects
2 ads.betweendigital.com 2 redirects
2 s.console.adtarget.com.tr offside.com.ua
s.adtelligent.com
2 m.trafmag.com offside.com.ua
2 pa.tns-ua.com 1 redirects offside.com.ua
2 sync.lemmatechnologies.com 2 redirects
2 s.adtelligent.com inv-nets.admixer.net
s.adtelligent.com
2 hw-cdn2.adtng.com a.adtng.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 syndication.exdynsrv.com a.exdynsrv.com
2 region1.google-analytics.com www.googletagmanager.com
1 sync.ipredictive.com 1 redirects
1 aud.pubmatic.com
1 www.google.com tpc.googlesyndication.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 www.storygize.net 1 redirects
1 rbp.mxptint.net 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 cm.adform.net s.console.adtarget.com.tr
1 ic.tynt.com s.adtelligent.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com spl.zeotap.com
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 t.adx.opera.com offside.com.ua
1 rtb.com.ru offside.com.ua
1 cs.mobfox.com offside.com.ua
1 idsync.admixer.co.kr offside.com.ua
1 dsp.nrich.ai 1 redirects
1 maps.googleapis.com maps.google.com
1 refpa53115.top refpa6781648.top
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ht-cdn2.adtng.com a.adtng.com
1 a.adtng.com a.exdynsrv.com
1 covivado.club offside.com.ua
1 z.cdn.adpool.bet offside.com.ua
1 a.exdynsrv.com offside.com.ua
346 137
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-16 -
2023-04-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2022-06-08 -
2023-06-21
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
exdynsrv.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.cdn.adpool.bet
Sectigo RSA Domain Validation Secure Server CA
2022-04-11 -
2023-04-16
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.refpa6781648.top
R3
2022-09-10 -
2022-12-09
3 months crt.sh
vivarevasta.top
R3
2022-11-25 -
2023-02-23
3 months crt.sh
counter.yadro.ru
AlphaSSL CA - SHA256 - G2
2022-10-29 -
2023-11-30
a year crt.sh
*.adtng.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2022-07-18 -
2023-07-18
a year crt.sh
*.google.co.uk
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.refpa53115.top
R3
2022-11-10 -
2023-02-08
3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-09-29 -
2022-12-28
3 months crt.sh
ads.us.e-planning.net
R3
2022-10-10 -
2023-01-08
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-14 -
2023-06-14
a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2022-11-24 -
2023-02-22
3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2
2021-11-12 -
2022-12-14
a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018
2022-04-29 -
2023-05-01
a year crt.sh
*.mobfox.com
R3
2022-09-22 -
2022-12-21
3 months crt.sh
rtb.com.ru
R3
2022-10-17 -
2023-01-15
3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-18
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.audrte.com
Amazon
2022-02-24 -
2023-03-24
a year crt.sh
*.e-planning.net
R3
2022-10-10 -
2023-01-08
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2022-02-23 -
2023-02-03
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-09 -
2023-12-10
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-10-19
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
widespace.com
Amazon
2022-02-23 -
2023-03-24
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-07 -
2023-09-30
a year crt.sh
loopme.com
R3
2022-11-25 -
2023-02-23
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-01 -
2023-10-02
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-11-25 -
2023-02-23
3 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2022-11-23 -
2023-02-21
3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-23 -
2023-03-22
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.yellowblue.io
Amazon
2022-04-23 -
2023-05-22
a year crt.sh
*.match.prod.bidr.io
Amazon
2022-01-27 -
2023-02-25
a year crt.sh
*.iprom.net
R3
2022-09-13 -
2022-12-12
3 months crt.sh
truffle.bid
R3
2022-10-03 -
2023-01-01
3 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA
2022-09-27 -
2023-03-08
5 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
eyeota.net
GoGetSSL RSA DV CA
2022-03-18 -
2023-03-18
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 59 frames:

Primary Page: https://offside.com.ua/
Frame ID: 0DAE9DA9B5B105EC7BF7748F53ADCE39
Requests: 174 HTTP requests in this frame

Frame: https://z.cdn.adpool.bet/load?z=1518821222
Frame ID: F645F9AA512F5291C2EAAC725EA26BF5
Requests: 1 HTTP requests in this frame

Frame: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Frame ID: 0E911FE8AABCEA10B4B0324737DF129E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 48082407BC58E70D6C044634579B8AF9
Requests: 1 HTTP requests in this frame

Frame: https://a.adtng.com/get/10012456?time=1614803572912&apb=oodPNZHNRbHNdXHNLM7nQjqarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rpqqqbHVz13TUTOnrpomnodK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7A
Frame ID: 04484E2A9DD9EEA99CD1F5F68AEDF82E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7140845151581295&output=html&adk=1812271804&adf=3025194257&lmt=1669526617&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Foffside.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669526617368&bpp=4&bdt=602&idt=274&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6094191968062&frm=20&pv=2&ga_vid=62263410.1669526617&ga_sid=1669526618&ga_hid=1709369219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44774292&oid=2&pvsid=3871893254437559&tmod=485082568&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: EED6C00DEE3B0F0A65E5EC0CE2296693
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 426E3F5D4A7DDA84A44A742B84B560A1
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 19B89D5DE78D8FBCA129E9E0186BCDA7
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: F91DA8C7200EF98ADA4E70E869D9717B
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 97C9A5CBF92BBD004D61684C2D808D47
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: F0C770BE657537058DD385E621C2266D
Requests: 12 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 4BF85EACD59EBBDCFF440A2D582FA5C3
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 86A72B018F08C6D9659DA1E7A5C762EE
Requests: 31 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 044B0580AED1ED8DFAE99132C34AB4B2
Requests: 12 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 9A5CF2A1B253AA6B0198153A27A12F5C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: A7EE180349DEEA8ED2CAF82E05E589F1
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: E6301A5957EAE16894E814F69B76CED4
Requests: 2 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
Frame ID: B698802FE88E611E0EA4AD4F20B53B3A
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: CDA95AD7B8096F8DAF230A23F92A1C34
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 72636201A156E5261A871459DBBB0F14
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 540CB7C13E7CCBAAA633608300542FE4
Requests: 3 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 7D0EC54E700101AE5503A7065D853C94
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 300C3E7FB76F1E0E3AFE02D792588535
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 60CE1CDE3D696707B7552C905C089964
Requests: 17 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: E31E1E4169AC81C72BF7D544A0E19864
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Frame ID: 8AB173F6751FD78DBB6EAB0E97898579
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: D92B13C15AB098D761F5E459E69F1689
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=admatic
Frame ID: 8DAC945D45476D1B8E52F17C5038E3C1
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=738101&extuid=${UID}
Frame ID: BF82F3F3655013FCD70E5A75001326CB
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 69511EA8F4C00422B4621C2A4802EEA9
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=a981e504221f38cf&uid=2799041a3515fb48b172c141f80c0fdc
Frame ID: AE63E108BCCD0A8C8CD2B6F755FD401D
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ABTUR2HCDFtHa9UW
Frame ID: 5B1C35C098EAB110156EF9D38371B9D7
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 81F9D7D37A600D6E9052FC6A46C3B440
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=116c3b434851f937&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 89E47ABE82C94CF8CB3895F279BB1F47
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABTUR2HCDFtHa9UW
Frame ID: B8CB8EBB485AFAEC5B038AE314D0A39E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent=
Frame ID: 068142ADA340258150885FC9BC58A957
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80b36382-f45c-4700-a349-cb746816a245&gdpr=0&gdpr_consent=
Frame ID: 1F2A918B12393263B0721099288A9C23
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3345251833063677006
Frame ID: 62B9530C856E38248D79BA378BE0A93D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 007EFD5663493FFB6FD545F4439EF7AE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 645B807F88BC4B485612E9781F56B22D
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Frame ID: E59FBBBA7250B54B6382D6F9A4BC1408
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf
Frame ID: 1830DC1AE97B9E1C8B20E3AAA5FE091D
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Frame ID: CC9FA1CA626B06F6759CF66AEC5335C6
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 3283C12998EF50431707FB3E9C815D72
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tlCOYiJFTSZjzMvyrBTYQNmKxGU
Frame ID: 97BED43A460126BF823B683E25A7F507
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Frame ID: 5F5FEBE02C993A3556EF68CA6888B3B7
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: BE2B4836F60848530F3777A2EC6DC572
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AA0897DFEF331B8197FA029A9BBAE311
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3294D2748AB4A2AEB9DF966E1A10E179
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7783286988
Frame ID: 290B92734FD9C20A4B55FA99C9086C85
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 542EA472ED8D0055A82F60AB0387343F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C4E926C1BCD82EC2067A0AC28C95A253
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2906f105f18b735/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhXRaUMbaVMbShTYV
Frame ID: A8FC39FDA018A268F478A7ACA42273BB
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2FCACA8E92FFE036851A29550B747F12
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Frame ID: 53BAABDA92EB443D3716847CF9E87EEB
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
Frame ID: 59F0705347C8AA0859802D6902B94795
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C4E83582E97C414DECCD650E8207927
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B8D99512894A6EF684E76047D98C7484
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
Frame ID: 1A705362EE7C4FDFF41957559ACEE5F7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Главная - Offside

Page URL History Show full URLs

  1. http://offside.com.ua/ HTTP 301
    https://offside.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

346
Requests

82 %
HTTPS

21 %
IPv6

101
Domains

137
Subdomains

91
IPs

16
Countries

4025 kB
Transfer

8287 kB
Size

137
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://offside.com.ua/ HTTP 301
    https://offside.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.34639849441001713 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.34639849441001713
Request Chain 157
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 159
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D923672e933cf4b91800cab6c268cb029 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=a61e746f-6e13-11ed-a669-801844df107c HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=ee215f43-d1ee-42e9-9868-5fd386e3c346&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=cf08ae2e-6b1f-4b65-8b22-078dcdcf1753&expires=1&user_group=5&ssp=lemma&bsw_param=ee215f43-d1ee-42e9-9868-5fd386e3c346 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=ee215f43-d1ee-42e9-9868-5fd386e3c346 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=a61e746f-6e13-11ed-a669-801844df107c HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ee215f43-d1ee-42e9-9868-5fd386e3c346&ssp=lemma&gdpr=&gdpr_consent=
Request Chain 160
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=923672e933cf4b91800cab6c268cb029 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z895FFF440A041A1AF07D02C46AE9611&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=923672e933cf4b91800cab6c268cb029
Request Chain 161
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkQzNURGQjgtNEU3My00QjIxLTk3NDktREZGQUUwQTIzNzYw&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D6D35DFB8-4E73-4B21-9749-DFFAE0A23760 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
Request Chain 163
  • https://ib.adnxs.com/setuid?entity=533&code=923672e933cf4b91800cab6c268cb029 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D923672e933cf4b91800cab6c268cb029
Request Chain 165
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=8c2f1654-6acc-544b-8621-d2ace5a326f7
Request Chain 166
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-CbQac75E2uHAMKlVEIkD3iiJewm6ilheMbRRkug-~A
Request Chain 167
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=923672e933cf4b91800cab6c268cb029&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=923672e933cf4b91800cab6c268cb029&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=7a25f043-5a7f-4350-883a-ac49aad285f6&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=ee215f43-d1ee-42e9-9868-5fd386e3c346&gdpr=&consent=&gdpr_pd=
Request Chain 168
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=586580a3-573d-439a-bf4a-edc4b164db89
Request Chain 175
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 178
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D923672e933cf4b91800cab6c268cb029 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=0 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=0&piggybackCookie=CAESENttWABeaf6gm_fhrFeQOMw&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=0
Request Chain 179
  • https://match.new-programmatic.com/userbind?src=admixer&id=923672e933cf4b91800cab6c268cb029 HTTP 302
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/ HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
Request Chain 180
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=923672e933cf4b91800cab6c268cb029 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=923672e933cf4b91800cab6c268cb029
Request Chain 181
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Request Chain 184
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da981e504221f38cf%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=a981e504221f38cf&uid=6687655417498589274
Request Chain 186
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 191
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b8e8a41c-4500-4b5f-be8d-b6d097884265&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Request Chain 196
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Request Chain 197
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=37feae50-42cb-4809-aefc-6f8a9798a1a2&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 198
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=68eb6297-4d13-4614-4b88-4e22ea492a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=68eb6297-4d13-4614-4b88-4e22ea492a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=49052870068861857271704152623333851001&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Request Chain 200
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7170562228408285338&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Request Chain 201
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=68eb6297-4d13-4614-4b88-4e22ea492a4b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=68eb6297-4d13-4614-4b88-4e22ea492a4b
Request Chain 202
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=68eb6297-4d13-4614-4b88-4e22ea492a4b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=68eb6297-4d13-4614-4b88-4e22ea492a4b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361&bounce=1&random=3244477788 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=pYkfp9Y9y/4sBlhBtNcmR.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Request Chain 203
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 205
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-T4WhwaRE2opzcr5Di6Ylafz5_0NWUa2Yew--~A&zpartnerid=570&env=mWeb
Request Chain 206
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=15jyDNu27w28fnHmYpWDpK%2FEwae1oLh2%2BS41iYitP1U%3D
Request Chain 210
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361&_test=Y4L0WwALHaahNgAr HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4L0WwALHaahNgAr&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361&_test=Y4L0WwALHaahNgAr
Request Chain 212
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Request Chain 213
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=68eb6297-4d13-4614-4b88-4e22ea492a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=68eb6297-4d13-4614-4b88-4e22ea492a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361&dcc=t
Request Chain 215
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Request Chain 217
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=68eb6297-4d13-4614-4b88-4e22ea492a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ee215f43-d1ee-42e9-9868-5fd386e3c346&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Request Chain 226
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=586580a3-573d-439a-bf4a-edc4b164db89
Request Chain 227
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1669526619175 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2715919165
Request Chain 228
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6687655417498589274
Request Chain 230
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=f7045891-2677-4ac2-b997-5053af46f405
Request Chain 231
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=34d1352b-9d47-42c1-aee6-5738afaea70a
Request Chain 232
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6687655417498589274
Request Chain 234
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=923672e933cf4b91800cab6c268cb029
Request Chain 238
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D116c3b434851f937%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=116c3b434851f937&uid=6687655417498589274
Request Chain 240
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 248
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dcf41f14e-d46b-49e3-6680-831bc1174c1b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=cf41f14e-d46b-49e3-6680-831bc1174c1b&zdid=1361
Request Chain 255
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=897052c61d319b7c
Request Chain 270
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XNEfRrJjTJmEwiEy8-4ziw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XNEfRrJjTJmEwiEy8-4ziw
Request Chain 272
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 273
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8178258092603399877&expires=60&gdpr=&gdpr_consent=
Request Chain 274
  • https://rbp.mxptint.net/sn.ashx HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1B341_F9FDD0F0_13E25B37D&expires=60
Request Chain 275
  • https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Request Chain 277
  • https://c1.adform.net/serving/cookie/match?party=14&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent=
Request Chain 278
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80b36382-f45c-4700-a349-cb746816a245&gdpr=0&gdpr_consent=
Request Chain 279
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3345251833063677006
Request Chain 281
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 282
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6687655417498589274&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Request Chain 283
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf
Request Chain 284
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7170562228408285338&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Request Chain 285
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMG1VN0hCZWtBQUNBSGFueDMwdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 286
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tlCOYiJFTSZjzMvyrBTYQNmKxGU
Request Chain 287
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4L0WwALHaahNgAr&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Request Chain 289
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 291
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7783286988
Request Chain 294
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2906f105f18b735/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhXRaUMbaVMbShTYV
Request Chain 296
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:94D78BDA05374341A761C91AFA074DA1&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bTXfuE5zSyGXSd_64KI3YA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 299
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd246382-f45c-4200-8673-fe5ee3b31e6b
Request Chain 300
  • https://pixel.onaudience.com/?partner=214&mapped=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3268580196313880769
Request Chain 304
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ee215f43-d1ee-42e9-9868-5fd386e3c346&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 306
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BTzOHJ9E2uUkD6Va3nT6vdcRAhiQ81I-~A&gdpr=0&gdpr_consent=
Request Chain 308
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8538546062793039557&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 310
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:30f90087-ad4c-4320-baa3-858c69dc628d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 311
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6687655417498589274
Request Chain 315
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3268580196313880769 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEIJWK9nRH3EYwn7gSV3kbpE&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 316
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent=&google_gid=CAESEIJWK9nRH3EYwn7gSV3kbpE&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent=&google_gid=CAESEIJWK9nRH3EYwn7gSV3kbpE&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 323
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3268580196313880769 HTTP 302
  • https://a.audrte.com/p
Request Chain 338
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&addseg=11,34,40
Request Chain 339
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 341
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760 HTTP 302
  • https://a.audrte.com/p
Request Chain 342
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=47ed509c-3224-4ac4-9247-092b2a0e295c&gdpr=0&gdpr_consent=

346 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
offside.com.ua/
Redirect Chain
  • http://offside.com.ua/
  • https://offside.com.ua/
167 KB
29 KB
Document
General
Full URL
https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
64387d4792b2111f3eae08c1500965d163131034c2ddeabd5fe4d10e4c5369a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77086ec13db17725-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 05:23:36 GMT
link
<https://offside.com.ua/wp-json/>; rel="https://api.w.org/" <https://offside.com.ua/wp-json/wp/v2/pages/3775>; rel="alternate"; type="application/json" <https://offside.com.ua/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B90Vi3LlmEqYRbsdY443dCUQ0px1K5FzPX4yx3koRJrYEoGzyM9F8w5YooFu7vnJ3eOe7%2B60oU3vW0jM9yq4tIjYgWcl6o6ekRS7OBIizw%2BfJBIh%2B0X8o1f3lHh6Di6eFiZS1tAVRSIUBRwwHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-pingback
https://offside.com.ua/xmlrpc.php
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
77086ec07ed57201-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 27 Nov 2022 05:23:35 GMT
Expires
Sun, 27 Nov 2022 06:23:35 GMT
Location
https://offside.com.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn6S%2FJTw4FiPQB2kVU7MKTPF675cz%2BUcu4yNabQcodTSTm3SG4FGDbFfZkiUQsdT%2B4qLdMsZuULagyvpwLgtmF1sOalNYxKL8nzcYwxw7%2BQh0ZnIKx%2F62dtYeBoZznIh4OraaXjcA%2B9GaSx%2FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/
202 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46da2ce5ce28b26d5cdee5cf69e27ca2da762573c8cc5d6aa914ba6e73027a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74397
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Nov 2022 05:23:36 GMT
sbi-styles.min.css
offside.com.ua/wp-content/plugins/instagram-feed/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3666c237dfc004679d0009a45702814420164d6248978309842dfdf6fcda23

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 13 Nov 2022 08:35:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
249635
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5RXdqxqxZ8S8mneGtkPtigFFobQqaSBR3m0dRNCxeYJPO9tqeLG0TnH8nqSxkqB2csj%2FJGxdkQujVTE8BjaQaljp%2BoB9OZMNSfbwW1bw7BP0g0QLqTBb21VWVsy6%2Fbkmi%2BW7mpVJNYhi%2B6FsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc297725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 08:03:01 GMT
style.min.css
offside.com.ua/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Oct 2022 18:20:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
331575
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRBsrEGyM6m%2Fjfa%2BHQIQd5ioqC3OhUBXSm%2BdKRhcId8A6xXlzrDfODvDHFKHJx45hiZTm2R4B050oemUnXlm5aKN8ONxxUHfwKCB4HCCVqz2HJiK%2BCGIPQPQSqd3eMBciw0zx41m3F%2BA2eCjfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc2a7725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 30 Nov 2022 09:17:21 GMT
main-custom-1464ba8a0e277d8820e8bcf7034a7fe494d8b7276d9fe55dbd738935741aa90f.min.css
offside.com.ua/wp-content/plugins/anycomment/static/css/
72 KB
10 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/static/css/main-custom-1464ba8a0e277d8820e8bcf7034a7fe494d8b7276d9fe55dbd738935741aa90f.min.css?ver=9b87b6e21a74caabf02f75b28bb0fb66
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5fb47e39b757be7fd84e8b5b1e0f6a2915cb234a8c3d0fcae5df712e954606a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 17:17:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
337417
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkO4OBbaPIagNKUisSnTgCQtXlPYkCVHubXVGDrce3GCeKimS7S%2FNlHeVIz0yVgfvAxZSq1pJV7LeW7xAMAfyRCOHYA4p4iCCbub0hPopgFLEB1cuQLk12aMANiYzxlio7vAW%2F56iGMXyRJZ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc2d7725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 30 Nov 2022 07:39:59 GMT
css
fonts.googleapis.com/
5 KB
786 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700&subset=cyrillic&display=swap&ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 04:33:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Nov 2022 05:23:36 GMT
styles.css
offside.com.ua/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331575
cf-polished
origSize=2731
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 20 Jun 2022 13:26:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCKZ6HTUd0ynxM0zbKOetyfhTs57M75o%2FT0fxcQD5eSc8brflGXxINQK42p4neEo%2BjryJqhJbRjhsspoBcHAuDlWpYaYeCoOnaVAxsXCZbShDsp7hy1EqUdEAe9GbgsdXAsm8BoXlBHH%2B%2BSBFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc2e7725-LHR
expires
Wed, 30 Nov 2022 09:17:21 GMT
rcl-awesome.min.css
offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/
34 KB
7 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d94be650a5c60bab1cd8019486a3e88695f59d181b3b8fa30c8f5abb6949c44

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
201959
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kp%2F3dgBtivbh2nG5XQ0OI16bjSQbB7LPbnWsijEZROtPmuQHSz7InpEny%2FD6t%2FHH70PRvvqBcZ2AJgZfzqTz6sdkq6PKTouN%2FTe4VJZXdb9tiIM5w0Lw%2B1PUQHlcjRl%2F7YbAuOp%2BXVZLlneFOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc2f7725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 21:17:37 GMT
animate.min.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/animate-css/
17 KB
3 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
201961
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvA2lg73jkMdyj2SX5SV68KPtVUBLCIReMmgMgxxXIDq%2FZFb0VnmNcKWeA6a8QpuYeAKLEWVxMf9nd8yYiX%2B%2BSJ2KSf42KTl%2BMSHYxw2vFrKCy9x4jjxB3nCV%2BZ7ftGapqgLWKIWyp2mxNM30A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc317725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Dec 2022 21:17:35 GMT
core.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/
33 KB
8 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c40c2335d26ad0f3b506969c3a67660523d137b0c8cc198911c2826a27316c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532866
cf-polished
origSize=51449
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG0lGh7l61iwIXfi3Owd7Nq6uXPcePzK5zC9W%2FP47%2Bl0K%2Fo%2Bdr8bwQpmmwn6KKxgs2ZmBktfyK%2FngdAd6juDKNRAwM9ljgp6RYYZh2aBFvduBe0GKrvgDSfbIC00WxXpIR1gZ7JBW9zJShA6GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc327725-LHR
expires
Mon, 28 Nov 2022 01:22:30 GMT
users.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4c1d4ad985cef08104a09919ae8be0221ed3a7ddde5654213e464ae4d944a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331575
cf-polished
origSize=7912
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmcO7EXn3FAlTRNUHbG6esJ7OzeT3U5WUQcPOGPeJvW%2B6BqX%2FmhWNutcEMHQAgfIz%2B9f%2BKZnI0Zy8poqZNuDuG2xDWiOlmjGsMyFs6PNHWz1v5GSVjfCY7rIRGPZW45wspsuc3B%2F9rBYMFNWEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc337725-LHR
expires
Wed, 30 Nov 2022 09:17:21 GMT
regform.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8a38df89acc13ff49e34007ff20f89e1d20785d3363c0c1c14cdf5d1934219

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcWmQJa9xbrdS1NNnOqeIVaNK2pdjE1PuW4kVOQ0o6%2FVROVovxG0dr3APv7qDytRpLp%2F6DWJIzkn%2BhGSnghKaylmvGB0myy5VnQ3GrIadMgPu3OJC3vJYDw37hBpQrG8ocZ1nWJtP55rmBsfDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc347725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:36 GMT
recallbar.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/recallbar.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1883b0f4dbcd3ed4077a13a7599c50e023fd1d8d3de4452d2c5d9952d0fb2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331575
cf-polished
origSize=6715
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAs1HGfnXAULKuXfmvAgP8N0YEeeU%2F5q8cD3lEf5J95UiUy73lT5IrKvpdSc%2BVmvHxDX7zK8eNEB%2FjPvv4JQF%2F0PUL2Nf%2Fnqr0gbZ%2Fu%2BBxCTNZQw7qklpGtFv%2BzOuiQXEEEtnmM3Qxmyf4DlNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecafc357725-LHR
expires
Wed, 30 Nov 2022 09:17:21 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/theme-sunshine/
6 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87038e38170c8ee523a5abcfc8c0a25ef98523caa85851b24ed1e195f90f482b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
357070
cf-polished
origSize=9774
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btzO%2FiXZfG1icg%2Fn%2F8b2vyJOX2z4JgnruCe9yTSyfhYfLqfCD0sJ%2FkRF4koBzjPRz%2FJPD23FuFxlvW8VLJF2WTqnA68tuzU%2FY%2FD2wzgWK9irfD2RaCu3om%2FzDhm4EMRgW4kUPL2LJHB6ikMeRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c5d7725-LHR
expires
Wed, 30 Nov 2022 02:12:26 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/
6 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2438b4fd59796fa354af36092272f00a446507a7979243c7849dd589eaa5f1b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
125855
cf-polished
origSize=8701
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGGRFsCDecOutO2YzPrcJtsUIugbRGPTIULH9dhMSM%2BLwb06IjtNi7XkhLhk7KnV3rBbz6CTarN%2FMfLvRPIHTFIGqqcH63a%2FZvq0ngffreqLOAeOjMTX%2B74teDsJraPJfWy40NqckOfTe5LoQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c5f7725-LHR
expires
Fri, 02 Dec 2022 18:26:01 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/
7 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc8c33419378a34dc5449ee25e421efe99767a5d5897e3c4b5f3a14ee15115d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532865
cf-polished
origSize=9252
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MiBLNScXFxdiKp9ZkRgTANVxcEg4Ou7mmUz7fmaxVL7fCAtFwq9W46umGmIyyXAnsyqwAjLN3tyzNh8HIRmHNLsw%2BL7F7fmzxsdCcZg534HlCxvryzbrhWxQO%2BTQyLMTqJLoOzBG9Vsb06ImQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c607725-LHR
expires
Mon, 28 Nov 2022 01:22:31 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/
10 KB
3 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c91639d6dbcb6709cf1878dd5b3c7a84071470c0d31dbf7ca84ee01832151

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520164
cf-polished
origSize=13356
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flPqMy4sTOQbaPD4h6R6Jskc5NdBid7IcwF7wnrKXR7%2B0SmGLNm8nZT4Q2P%2F%2Bf3r1sM9%2Ftclz9GpEta%2BWRH0TIg8iIGj2EJGse3kkhrYSV4Qc%2Bgn%2Fwn4eZ0LRl06z%2BR3lMOnC%2FW3rmctK3j7Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c617725-LHR
expires
Mon, 28 Nov 2022 04:54:12 GMT
style.css
offside.com.ua/wp-content/themes/urbanmag/
77 KB
14 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd692e17ffbdd6c487f570808045f74c6d3b93d61b6cd7a0296ae8c451eacd0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331575
cf-polished
origSize=93053
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 20 Feb 2022 20:14:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFeOX3MbomaVssVxGUcykqeRSYD61hItQd%2F9yJnJQIBf0N1E%2FIGDFO%2FHIDmfq5VWsaD%2BkRVVi9TwsQnDsRv7vNA3WHY4N28FAjSD5Hd4xi4OdfrbhABvnW0QaH6ZN0O8u89m8St%2FAjbXohTBAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c627725-LHR
expires
Wed, 30 Nov 2022 09:17:21 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4da6ec1389494a756e302de69d0a3dd8cc2307d0f0fd26cf3d296df3cba2e08f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 04:22:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Nov 2022 05:23:36 GMT
css
fonts.googleapis.com/
3 KB
622 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 04:41:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Nov 2022 05:23:36 GMT
superfish.css
offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/css/superfish.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0e159198a059b9f2d63a751e130b15eaf24a46a5f1f20c1c69c25d6f80d12d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qT13ovL1WsK1GrIkImTXOAPtKBqeXw%2BM9%2B46JHofmsVaO7f8EiY8n3BqNKawNA41sbjecMPDbyyQSl18nkdnjoMM4Woxxw3D4KoLNF4q%2FaiuFilGL1grg%2FlDd2HhDBNEsj1dQI1AIki%2FZut06A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c637725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:36 GMT
component.css
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/
13 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/component.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6039ce729a6c8041b44b7285bf244469b4d369991d6ad1f63711d079dad29b07

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331575
cf-polished
origSize=15900
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GtAMpkG2n6Rl5d%2FosOsPc69Qj9%2FXW2WBBKNmnfkiDPrH0fhEGZt4crcqKGqbggrp735Nkh%2BclGjBSA9CRvLrrPgiNmvirT18duK1IiMC1gn8FxT2bwKIx%2BEzYpKwSd3dgd%2F%2FmD%2FbtwkDu7lXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c657725-LHR
expires
Wed, 30 Nov 2022 09:17:21 GMT
font-awesome.min.css
offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
331575
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCEgwOS3G23aWGCIU5FrLDfss1wJPZx9EQukLKt2MHcgZqmOjOfTKPCZT69RcnLDGIEEj8DtG4sLG%2B6fwBFeflyjrtnwL9jQ2Ak%2BtRmsuNivURWOx5hR4YGa2LEd4LCYkwQi%2BfnKF2bBdcbdpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c667725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 30 Nov 2022 09:17:21 GMT
jquery.fancybox.css
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/
4 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/jquery.fancybox.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce087d1d736beb8d869939f28b6be10aa4660be34796429d59150527054b500f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331575
cf-polished
origSize=5633
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofiIXZ73Djc1ShDbCAgPKljUXTQg7gbbrzRledkJ8R%2BhJCPcu%2ByGLeNwqJyBK%2BRxD8lor2YtBxbAGVoR1ipLzPelDHpiSEGSZfj6%2Bh16b04qMoE2E186eS%2Bquw0xTM1qIf9eFGBDLkaWpEYrMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c677725-LHR
expires
Wed, 30 Nov 2022 09:17:21 GMT
flexslider.css
offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/
2 KB
1 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/flexslider.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4640640359f504d069e542951660e3aa43220471c2fc5a27a3aaf7e414cdef4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249635
cf-polished
origSize=3632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEPKUpQD53cv3fayKnpghSGS75MScNWmmmsUGw95ae5NjSNtgyB60JnM%2F9RJlGbg4%2BM0Hxo0e7WsRDx%2BT8%2FzULdlA9roq8tQZGVvTQ%2Bg9yf4yiBMUyNc%2BBLxjYfGqM2lIozVYq%2F3cBD5Ukit0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c687725-LHR
expires
Thu, 01 Dec 2022 08:03:01 GMT
style-responsive.css
offside.com.ua/wp-content/themes/urbanmag/stylesheet/
5 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-responsive.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5484ef447d51f1402aada17408f1a7322315241f3df6354f931242cd51450d5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331575
cf-polished
origSize=6666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QHMGeYQV6WtpAw8Pntrb238k1SJefJQxStVjZz4Mxv7siyM%2FAJ6SWpHSbimrsOkvD0%2FLkHUj0uT3%2FVkbWwz%2FBomd1oUJ%2F2vuXR9EVcq%2BPV6%2BHAUIFVWGnm9Cjs%2Fr6VQghQVxbJ6vWHlgguMDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c697725-LHR
expires
Wed, 30 Nov 2022 09:17:21 GMT
style-custom.css
offside.com.ua/wp-content/themes/urbanmag/stylesheet/
37 KB
6 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6527aa400c84ad7f1e7d474027b6823a39662321e6c6e31732f14d4051d46b41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331575
cf-polished
origSize=40629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Jul 2022 14:12:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3%2B55OziSvO6ehmhn4WFy%2BjnOwXGhwW8%2B2CnOorJR6cZbSgSNBY0099iKdZF3Dbb0RZ4eQlBFgf01w1os9hWuVDMy%2BGBMXKDL%2F7aeB8y%2FTW6LUrrT2zJrZAIkBYhkA6KP8liN3SMuGJsOiT2%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c6a7725-LHR
expires
Wed, 30 Nov 2022 09:17:21 GMT
sassy-social-share-public.css
offside.com.ua/wp-content/plugins/sassy-social-share/public/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.42
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7001aa094389a4e85c7b731e35f87a7a85f7575b2d69f16092f65842f3b68a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337414
cf-polished
origSize=9700
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MkpUETzLIuvO9Y9UMfwHcTve9ReOudigBsPlw1Sgpm4EEgRN54q%2Bb52gDyERQb69VFZLqwjeLNkMzx1%2FCPTV0fn%2FDoqOZSQvxt0gOXuMw%2Fd%2ByRutwDMGRz3l3NZ2xUw87OMwfG62OW7mIiPwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c6b7725-LHR
expires
Wed, 30 Nov 2022 07:40:02 GMT
frontend.css
offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6dc0b8e451822061daba4be79dc084125a2810b8f3bd7a520c788eab3d5377

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249635
cf-polished
origSize=4181
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Da%2FXpDPBKQnDMTSMAga5ggZH%2BtCkhkuZB6FAz%2FRu3M%2BOfS1dRoQ0MsTDfqwBou5M9cEFLrhm7zWlcIHki8k%2BLqKlo1HRYMUAJaDdQib7Vgkh%2FfX3iSGEj6PbDshbKAulV743kibSznJ8s2IiBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c6c7725-LHR
expires
Thu, 01 Dec 2022 08:03:01 GMT
masterslider.main.css
offside.com.ua/wp-content/plugins/master-slider/public/assets/css/
55 KB
7 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1285c19a66f8d009fc6ecdbd27373eaec80e05cb07cc75d47554f912b2fa06b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520166
cf-polished
origSize=64689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 08:19:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1pS8qxPLyGcEWVre4G%2FHT0urJTkFYK1D17NNFwFQglVXMGgb3Y4z9z%2F%2B2Fvm%2F%2F7JIW4G9ulfKpgHRGkCxaCdzCc1Vq4Rf8FMf8t6e81sNO1urB76bgmejS6uyZ8wMcZeaLWZAUG6SH4cGNPtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c6d7725-LHR
expires
Mon, 28 Nov 2022 04:54:10 GMT
custom.css
offside.com.ua/wp-content/uploads/master-slider/
0
341 B
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/uploads/master-slider/custom.css?ver=1.4
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337413
cf-polished
origSize=266
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 08:19:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86Q8Eo4xHusjdrD5DdrJIJzLxIuS0DOgxlSgiKOt2EJfdXLQGZ%2Bo2osnT9Bgjq4Cx52UH9K69EC4k1wUmb1DujIfL5mpixEHSFLuzlmTrEhHhHcMJ%2FD5a4Yi%2BlOF%2FJHLac82hSCSJNAu8aDRbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086ecb2c6e7725-LHR
expires
Wed, 30 Nov 2022 07:40:03 GMT
soccer-info-front.css
offside.com.ua/wp-content/plugins/soccer-info/css/
12 KB
2 KB
Stylesheet
General
Full URL
https://offside.com.ua/wp-content/plugins/soccer-info/css/soccer-info-front.css?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6488dfa2efd57445f30050510665ebb17f4345c2c62214f88e408a82154e276e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 18 Mar 2021 16:55:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62D%2BOtxFAz6QX4zYNl1cO2O%2BWjyFVogZmjN5EqpNX1UsVdqi6ZFOG37WpjmVVfK5E2Fkrk%2BypaMtQwR82ZkgsKks81s0Uov8wasOG8zOnhZn49GD15eW7wqY2HbySFZhehLdadYZkjkjFC%2BffQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2c6f7725-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:36 GMT
wp-emoji-release.min.js
offside.com.ua/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://offside.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXXHTBRTyWkzmERsqxJEvc8wBKovQD6%2BOjq5ia2DID%2FFU92rB8k6m7znzEgK07TRGFboBpoOp5ZJ%2BqcAEnXKVjFZEa7LSMg0AVa8rIPJodGvG6wD7GNpBQn3DXS4RT61T4cG11PyaylKxauQog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf6306dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
frontend-gtag.min.js
offside.com.ua/wp-content/plugins/google-analytics-for-wordpress/assets/js/
12 KB
4 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 Jun 2022 06:06:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnLmhM9Wloi%2B6ssXGa%2BvzyYMlravIt5vrVFwAMVUCfOaiKdW69R9dqBTet6RTfrKslTjsswpoeQ6nPxtNOQb0fvtkHpQdBpI9P3D%2FDJLGeavYjgEJRTvglKRebZPaPkPmaUbJVEMDSDZmnXfQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2e8106dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:36 GMT
jquery.min.js
offside.com.ua/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://offside.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 21:37:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40377
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Npe25cqD61dCUi4wJReBHyahs%2B54EzZqi1fDF1Pzg1QqJs3guRPmWRswSjaWYi%2F362q4okeuIHSWHFjh%2FcX3ykXKUPJEYpgttC%2BybZBkg6PvZG1XYyoGfT4PeMelJftNEz1lxjguMHHQx%2FTJFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2e8306dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 03 Dec 2022 18:10:39 GMT
jquery-migrate.min.js
offside.com.ua/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://offside.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 12:36:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40377
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrxRIROv2I7cJtJEutNS6xb9ZRHjh%2BjYnTzEjgi1CQ6Tiq280bv%2B8pa18GzD413c8nHnaqZ24Ea7Gnr8DWk91Aw63BujqGKHA8Ze2mqAqLjvZ9JD4ZQJDzovs%2BQIvrPWUXBjHJVT%2FCSxu0tsgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2e8406dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 03 Dec 2022 18:10:39 GMT
core.js
offside.com.ua/wp-content/plugins/wp-recall/assets/js/
49 KB
12 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd54b8fcb95379bc52d782a7224898af40953c092a34279bc83b36f9f4840de6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YV6l%2BDkNah4yya2%2F8gcXGEOOi5skcKHYciApTCAmWQ4%2FO1kQs%2FoATQK5%2FuBxoMT8HB2CLHreqwl99%2FhuVFf34nSA7cuspIYJYRDrbmmxUcJGs2SOVO%2BCO7rjIBUsSylXNfsVqYrHN7tDASKlOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2e8506dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:36 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/assets/js/
16 KB
4 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901c3fdbcd77b88cbd1ff6c3771b83c2eefd6794de26dfa44f7b5f37a7e98599

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcK5%2F973EEb8N08I6uY0WVWw511LhPqyE42WR26hK6A1xXNtEuu8%2FVaddDbRJnyCBe6qo2T%2F4%2FVogBl6lngogQLpwFpP%2FK0WI8v96kWkvv2L8i%2BIJ3cO3JC5K2phQjScJvtsZNsfPjRbWis4Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2e8606dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:36 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/js/
2 KB
1 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
807eb1593cffbaecc4ede4ca6e52691b9db2a9e943deeaae66652b31398a7616

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7%2FNsz9b0xWX74p9ltOPqJFBEDLP6CB%2BGxWjxpRdbSb9cZIwgWHodszIWW14W04gCqtJtWGLRK6DIyPBwrx%2BazmGB6BYORRd4dSrf%2BbY8pwnvJ7wjBlvs0d53H%2FqT6BeKAfndkapUPJSYP%2FiNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2e8706dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:36 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/js/
17 KB
4 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e09dcf5ae39b3188fa21f136192f64ca6b8269c11752237ce3a308ae6f5a85d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBsgv2cJ4NOwz%2FWPI2c%2BWBDAOaewDrI31GVexUIZgkarx55py%2BAQCRwEhtY0VEjrvWqVhrvTiffF%2FGnOdb3VxB7wkS%2BSwH2OUKI5LKH7I7Y4DPD%2B%2F1Km33abMuP%2FRFmMkL06JH%2B1Vh3%2B4MFaeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2e8806dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:36 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/js/
15 KB
4 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5346e1a1343f6f33d953371d82c8c8a7cc5e7e07a58689ec49d7d9e4452c6f7d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYyclgbzmqR2gImgqi1rLW4bzIM1mDetxY2HBKuHI771W8INUVNmd4gw4Ses564DGXZR6zTs4lTX%2FFmIMKnNwPoUbucjyAnj2IEi3JaJyht9%2BTHMiIQiejSSJ2dAB9z1CTwKOz5JtDQtKRjrqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecb2e8a06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc11
date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:42 GMT
server
nginx
etag
W/"6375fd62-2c101"
x-cached-since
2022-11-27T05:22:02+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 17 Nov 2022 09:34:09 GMT
js
www.googletagmanager.com/gtag/
211 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32923f60e6e09cbbd78370a1455b49ec63c656a2160e079a18172a113796e714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75870
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Nov 2022 05:23:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35aee3e3a0bc05a1c2ed6917b747eb555802f06bae98356067e7d4a55ef1a04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49133
x-xss-protection
0
server
cafe
etag
5815842120477639748
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 05:23:37 GMT
1-min-1.jpeg
offside.com.ua/wp-content/uploads/2021/12/
235 KB
236 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2021/12/1-min-1.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c3747d29a27dcd07c6cb7d4dee61fccb8de904505e145bce04230b762190e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40376
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
241119
last-modified
Mon, 27 Dec 2021 21:05:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Bw4hZA9J%2BuRWKuXXfBEm7q4YlpDW6V%2FPBhC1hkj5Jrw4G%2FjEOENXOjjYsCuLVjszAo%2Bmu%2BNGWFVEM8ens2cFL0TvZTgOySP9ywA50nQRU0pYAoV7PxrjrKX5qJjPjqTSjYnebX7lAoPZBDONw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6506dd-LHR
expires
Sat, 03 Dec 2022 18:10:41 GMT
facebook.png
offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/
3 KB
3 KB
Image
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/facebook.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f616744c5212f524a7ff47e22a04d7f2ba7b2075512f932923a3fad65040150

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNGuuX%2BOtUSlLGnkWk7ly0Mx%2BKr9yymjtCG8YWoQn8rcfTH%2BfMQRevwyAvB%2F3cqjHNvYZV6D4rl1sEtr8bdySiHjwkKJj9TTELmNifv8jJbAH5MM7OFGglGFN6r4EJZJZcT14tUKyNNE8mDTwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6606dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2963
expires
Sun, 04 Dec 2022 05:23:37 GMT
twitter.png
offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/
3 KB
4 KB
Image
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/twitter.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52258c13dbe41865ee9bbd68e4e15cbc2105e276b5bf907c76b308b1bb952a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ey7%2FYkJCFYyMbsejmaDZfjghsYAQIfnGbyuV93xjEoDNouyNWXUrWsdhBhVYvo6k5%2FC1yiltzQJyzj4dX%2FuoAL50ojXWNS7zbv%2FFHZrXKvnGfSNcaEJygBc8Q%2FegzVCMzWCT4Ua%2FMjn0bbjy7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6706dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3146
expires
Sun, 04 Dec 2022 05:23:37 GMT
logo-big-2-2.png
offside.com.ua/wp-content/uploads/2021/03/
37 KB
38 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2021/03/logo-big-2-2.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5de0ff9f66605a6edd3434522aea6f05b020a1de93e7b3b6c8edc9e54b63a89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40376
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38108
last-modified
Sun, 21 Mar 2021 09:02:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr7SCnb3QlVH6gd7E9E1q0J5sPeAFgMfcEsEYQLZvUqnlEuN6i8pXhsHJKAztN%2FpoNEB2oMRJ9Q55fcTG8%2BH1STWMlta2V2Fl2NilkYjGHd2kAC2bS1a37lrzuiqOM5MHR9BGLP9L%2FYWuaz6hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6806dd-LHR
expires
Sat, 03 Dec 2022 18:10:41 GMT
1983848585858-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/11/
41 KB
42 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/1983848585858-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4091ba7312a58a2065b6e148417e5d0c981ba31efdb0cc5d1093ceba085c291c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Nov 2022 01:08:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGfyaHNucF5T5oOrFd9HZJWd6WgMdjEf2MyIFUzGgAwtS%2BzUgIYFx5mOgupb417reEcsQPHkE2ajwS7UoWtgUWdgK42BrhL%2FQP8ovjgBlBY9Ljv2kXvlhCAeHnkvBUg4YXG8qMQNHXxS%2BXn3nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6906dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42069
expires
Sun, 04 Dec 2022 05:23:37 GMT
109394848585-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/11/
51 KB
51 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/109394848585-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea00920ed7318060183a8424901b39e1b6e4d78c62d649ea9738a2c06e5a3275

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 14:58:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrRHZYGo2hFdUvOisQ4n19BT3BHgAXC7YsJJy3eGH%2FFkASUO84jOAMJaNQKSTpi7xWa9ZrAmdMrAgIUwLGkzUAF6zJVlilFFzEcLrf4FaTu%2BVVxd3hd1s21hO00F37i6%2B2ApJkV9S1vuTfxl9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6a06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51742
expires
Sun, 04 Dec 2022 05:23:37 GMT
01928384885-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/11/
41 KB
41 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/01928384885-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bba4579b5f773b35b368f5da967b542dae5d7c2426e5b73aaeecb93cd275a90

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 15:53:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXtm3KG6mgMYaC5M%2BSxMGFmxwzEcXXfhTfi3nmM%2Bc4QBw%2FcjWG1reukdb6pbIev7J6HlSTA%2FjPj0q24neP6LyG9mK8iwQ%2FBux%2Ftqf80MBBKiVB8Qjv0PLmsjfHfOJzrBsg3KAp5PJlyOS6j4kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6b06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41912
expires
Sun, 04 Dec 2022 05:23:37 GMT
46778888-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/11/
69 KB
69 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/46778888-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b501c818a49aa79415f0bc59dba8a05cf6f35b647f64b2bf7e944646d46b7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Nov 2022 00:53:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbAeZsI%2B7WdaYPSsYUdB7h3ahUvSic2UhhW8oGphAPiH13UwOCVvoB2MoQKWH4y%2F6xUaveChx5bptTVcD4%2BluLi762x5ga1KHFUgsohSJQCDTPL07%2F4%2FocxDr1g7JUbvyAdMTMsTuIGMktU9iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6d06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70528
expires
Sun, 04 Dec 2022 05:23:37 GMT
bruno-fernandes-3-768x512-1-670x456.jpg
offside.com.ua/wp-content/uploads/2022/11/
36 KB
37 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/bruno-fernandes-3-768x512-1-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79dfd90ba5cbc2499a72932121b7765b3e981b55495a3f62e9221301b37e63ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 14:44:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Fdotj3I%2Ble6as9vv2x4pWj75JzyuZ16aMZ4Ye9f3MTUiQm29cBKZGc2%2BQacHqM4KJ6zmDbGJb7tDI86W7kUKh4Li%2Fdg5rDHA%2BIrZvL%2BdAInVW8iXQJnrwWu4gsUFe%2FehjhTYzDRPZj7CbNgLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6e06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37022
expires
Sun, 04 Dec 2022 05:23:37 GMT
0192838485885-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/11/
59 KB
59 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/0192838485885-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a82c77ffec67310857083139d4b91ed0a81d89504972e4d5325b7756cef1edf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 15:40:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQASdjQjjxpbatHhhBgsB1qSYcmgPG3mpta0vdZ2XplxrIdX4Pn0GNX0f2ptwiKY0W2x21A5j9271rglaz2q4kjoXy8lAayH1iSI0nPdPPhnCdYzouOZGSwT5AftWFGEWhTr7QYb4zHn5hz2yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf6f06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60166
expires
Sun, 04 Dec 2022 05:23:37 GMT
19284774774-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/11/
77 KB
78 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/19284774774-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69f25badb1efa9f4b38586a50bbae6c0eece2ecb1a079ba0115a2446945e755

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 15:28:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rzexJDNeyuTkfUD8Aif%2FBoG9HJYcdvgz5xSTcA4ocdq2xwwTftExYakaZouCX6L7N2wx%2BuyLvT6YDJ25R7dEvL2J5cDKRd0F%2FavOfH%2BzGn8yiWkGVwj4thw8d3ouFyDA4OyK3USG3UTQtOgCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7006dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79179
expires
Sun, 04 Dec 2022 05:23:37 GMT
xtcktkpturbxy9jnmjimzbhzdrlmjg4ytc1nznkotywzdnhm2q4n2zmzs5qcgeslqmbam0i-80fdzuczqfqamld-670x456.jpg
offside.com.ua/wp-content/uploads/2022/11/
43 KB
43 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/xtcktkpturbxy9jnmjimzbhzdrlmjg4ytc1nznkotywzdnhm2q4n2zmzs5qcgeslqmbam0i-80fdzuczqfqamld-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b81ba8b9eac604af2d53f1f44b758d738d2520d369f89e0ea13337ac7841729

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBqEo32dDe%2BA1fEQi8tRznjFJfVKhuS2bdk3tajgaJmLadHAjMC2vkvAvmdswmbLguZi8W%2FkNfyd0veU0mw78%2BeERegEquUZ7UjF06XRkPffA0Q0q4haO4s1seD%2BYqA%2Fwb9ouc%2F6bstnXMrLEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7106dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43831
expires
Sun, 04 Dec 2022 05:23:37 GMT
109394848585-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/11/
23 KB
23 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/109394848585-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e51023959cb317d00841117e136e1adba5e63ac3d89dfad79fab98c69aa9fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 14:58:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGHn8f2Dppsw%2FZh236rOCrx%2F8EgmlAIXFmbld%2B0L%2BN56jjnY9K0UJcROM1kX3wyZedfd57sFRSwMiwMExl1fPDPj9gUJdb1kiMxgQhqbkdrtfE0TFbZ%2BzBRdSNlrspBPS7pyEjY9SQQeRt2%2BXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7206dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23463
expires
Sun, 04 Dec 2022 05:23:37 GMT
01928384885-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/11/
20 KB
21 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/01928384885-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33d0c7daf6dcd6175b083a50c6c192dc0fe4caea466bb70d5ff28440a435064a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 15:53:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYQHoM3dXx4Z0x8k7tFo%2Bpz5sytUbdPFgHqromKS%2FmiQkTE37SgtIWRhwAA%2FfbG9dNIeYv6U5clhbYBr9oHjHKdR8pIeoYe2lWiac5k%2F7IkQdcDjl4DqB7SnOAuEYf9RnajQ62OXUTzgZJ3wCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7306dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20507
expires
Sun, 04 Dec 2022 05:23:37 GMT
46778888-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/11/
32 KB
32 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/46778888-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631e19dc924050fd144dbec9537eeb3d0bd3e8585b9ff7d31661df9cd26655b3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Nov 2022 00:53:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Un53btXPpb%2BBYyBOuyO7B8Q8452YKvuWlQibe5F9kHmGU0SZajWB%2BjEDYVf3boA1T38vvvO%2BFRSBgoO4vl86V0E3xxaWwvU4FKyEnH%2BpndTd3t0QtLYaAKnrU2WTBN7kn666%2BCx7s6qG9OLgsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7406dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32421
expires
Sun, 04 Dec 2022 05:23:37 GMT
paredesarsenal-768x512-1-670x456.jpg
offside.com.ua/wp-content/uploads/2022/11/
47 KB
47 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/paredesarsenal-768x512-1-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f2de7c1c92058fa7d46eb1042d017353071a1b89110897778598922b8316b39

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 13:19:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J62USZPZ6b2bBdYrCSyaoXVujxQZTZhUKqS%2BAcS6b%2FJ6qA3AblBJ5Wt3RFd1DPvcLPoOYVqNzNGWWHAKebSSdYtIX0EZgBnmUGBXz%2BJBkvdC9ig%2BGXk7cvlyAJ5oDAP2o8Z5n5R3AnG3aG9cVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7506dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48075
expires
Sun, 04 Dec 2022 05:23:37 GMT
92837474747-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/11/
17 KB
17 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/92837474747-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb79ba225f6ebf5246c403dd71f3def82f243d80a0dae11f169d17c5a48cdf07

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 12:37:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V94%2FxFJL0mJxdXBiwnoaIGCvMdYfAk3lJzQNL1UXbv9ob5lrj4a1tkwbl7tvIH%2Fmu5%2BQIqYwlB1MQJH1%2BMwfaaaV1HCXA%2FmP4y%2BQbi8vJF7ANdwy3N6WG%2B%2FC57XvompgHLkh%2BNHiD58AahnYkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7706dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16901
expires
Sun, 04 Dec 2022 05:23:37 GMT
davies-1-768x512-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/11/
16 KB
16 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/davies-1-768x512-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4096e95444de81291a48db18ecd6898d6158ec08a7f4710050a30b0e59b3b8b2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Nov 2022 12:07:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueK54eYbqtoL%2BMlxNAgGAmndnTQv%2BW6EphsFOW7ocvbTtttCV%2BlKM%2FtLGDh1xioz7PZ%2FyRMoaB18FMNnrN7FvdSL6zPJFFsuTSQ4%2Fg3aj27Mh3VfDawC0uneTWoHSfYQZcJ2aN6y2R31PuNscQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7806dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16365
expires
Sun, 04 Dec 2022 05:23:37 GMT
10394884858585-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/11/
19 KB
20 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/10394884858585-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
791f9c427f78a6f55171f9a1dd4518da2f061980ef2b7344fe84d59e76f37471

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Nov 2022 21:30:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sV2G0IYhly8A8eHnxH3yJPcYZXphgReKk5g9YANf%2FSnSGDd8Zf9GkaXXVCDAXmE677smA84h2IuDOZrwiO75aE4TEP11fw9xXHSGPAmbJGcv%2BG4OXQnFtJD4kJnJ83muwyd9e5u4Fzp35T%2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7906dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19616
expires
Sun, 04 Dec 2022 05:23:37 GMT
paredesarsenal-768x512-1-700x400.jpg
offside.com.ua/wp-content/uploads/2022/11/
43 KB
44 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/paredesarsenal-768x512-1-700x400.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ac1269977330827d9add82b8e069ed1eabcfd2d982dcd185a939dd322d0e09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 13:19:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRrQ0i0fP71QlmOZM%2BCBUcNP6CIWkUJ6BAuNU9JUiL1YnXiB%2F2bj9ymPECOEZdX6qdS%2Fo2UHflzbrXZieGrlw8wXE1G0W5yo%2FxtQq1yDPr7v6rTd%2FB7zw0Bx8N6HGDSCkOyjBtXDTSLi1ERqLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7a06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44324
expires
Sun, 04 Dec 2022 05:23:37 GMT
20221026_sipausa_423549631-768x512-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/11/
14 KB
14 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/20221026_sipausa_423549631-768x512-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab91735fa0d3545dc86b29da865e4a39df8b9421eab4586ceac2b1cb25004ad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Nov 2022 15:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FHs6fNx6hcpX3g%2FZnWU1j2bNxYyDehZ1YaY5QWF7seMFYMDPoA2C364qUsP%2Fc8oTXSFZ9oHaJAwQc8c%2BOsYH0WJId4ADgV%2BB5Yoklhy4a6ol%2BWPceB8LR9rREkGdLxfQRA59VUdknbpd0OVgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7b06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14200
expires
Sun, 04 Dec 2022 05:23:37 GMT
ukraina-3-768x512-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/11/
27 KB
27 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/ukraina-3-768x512-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cacd497325701e683df564cbe1c9133ecbfb3c4b16396512e3dc4a7b630a9ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Nov 2022 12:36:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHhCJAPuHhn%2FFj5zAfkMPE0j%2Bas97VjY4Bd8cit9oZUeUkVFj7sUjTjjjDSI7ZbQ4iDktjL38ASsJEY7%2BKqavrbVyyeTIJa9vC%2BjRO4Mx%2BTf7UHeRP1RcHOxt2Q8ADuTT12KamxhZ8mbINhccg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7c06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27361
expires
Sun, 04 Dec 2022 05:23:37 GMT
6363773557-400x300.jpg
offside.com.ua/wp-content/uploads/2022/10/
14 KB
14 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/10/6363773557-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
348d15ed9c81c4c8f236013b49d86b29d3cebfa4720ee291c76cf70fa834e158

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Oct 2022 19:22:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3q8CiImecMLqiyYwtX5o3TPwHMoN0nJbWMvxuwqDvi2uZuEI5gze%2B2mZfrjIzR%2BGL7yuTeaQem10HBuFyd3qWt4Mi34BbMPVCFjvLvDSS8sM8T9m503Srnnt%2B6IZN6gOIl1fo7ZUFrxe%2BYyiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7d06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14219
expires
Sun, 04 Dec 2022 05:23:37 GMT
478284995-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/10/
31 KB
31 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/10/478284995-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e926a49247c363a9cbb763656f465445e32089a11fb2bb734fd3c6892b2ab2c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Oct 2022 17:57:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoUmplLI7K2L%2FMR8oyNSZP3A10p85gfXDdk0KzQJbLvAsVRgKYrOMoJDA40VvHdAnO5m2j3DFcRURwEwuRtFwVIx8MejYGZMvhUQ9NEWVJ%2F7oOftmN3E3zZmBhpMXJNhs1Gib3OV9VWFb%2BpcqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf7f06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31725
expires
Sun, 04 Dec 2022 05:23:37 GMT
5474476-400x300.jpg
offside.com.ua/wp-content/uploads/2022/10/
19 KB
20 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/10/5474476-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6476e84f6a8c360745e7a06271f3bbe92e44936f059ae579563c376d7bf834

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Oct 2022 06:47:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr4kK3q2EeR1eoMTmGeHFl3xaFFfK30oo1EjTFVdjPsyUg7vl%2FXcAAfdtpRs30fslAOvH3DkjjXeWk3vL6ayDJI41dw%2F1CMB%2BGc7k%2BiCTnGOpOg56YKNbJhQmddPvd7sTOVgPWiXMhwwB%2F50%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8106dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19455
expires
Sun, 04 Dec 2022 05:23:37 GMT
7785884-400x300.jpg
offside.com.ua/wp-content/uploads/2022/10/
22 KB
22 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/10/7785884-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfa3e854613ec7867f5772f85da75e4f5afb20d783833e737630ed97c573215

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Wed, 05 Oct 2022 15:35:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8aUlz9mt6%2BypDiv8NNfF45%2BQqAaUh27Q4JR6H%2FYs24ugN4lyyZJqpEsRNhx4piPrVakNujSjr8080on2huxigoieryCdwOMQOjgZoK9nIkoDzPXCIZd4pSPyKbUS5A%2B%2Bl8PL%2F401dV13xFzYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8206dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22380
expires
Sun, 04 Dec 2022 05:23:37 GMT
ukrsco-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/09/
23 KB
23 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/ukrsco-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccba3325d1054036ca9b97100a703207868c08ec29f17ea2307ca3f8b7242a1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 02:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOqzKcWUfNdgM6jhw1JhB2ikAzWThlHSNX2AJSQvyihUvv7DocvhDT%2BB2LctNdI3zuunpiS%2FCHET77AARbwoMnQdsA0aU%2FSQU1JeaBoDyU6y4mVWAltYgQtfx5oVzt4OpKgnWqd9x%2Fku2yIkwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8306dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23475
expires
Sun, 04 Dec 2022 05:23:37 GMT
resizer_16642610976791-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/09/
25 KB
26 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/resizer_16642610976791-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb7859de3585c9832f31955532cb32fe3ffecdfaf050c0192d348bcfc100801

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Sep 2022 06:45:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQqBi0%2BKt19ucshz%2FwqbtAEpE07RAYWTOhaLaVRPQEKJ80IoPpfKpcRPRJ8t1VuvNP7guKjkfbCFs7S7bm8g%2BJchRwyTUszTxiUsN00cijHZnylFw99lelOlOBRYC%2FO3SZyjFV96SnSv6MNlpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8406dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25972
expires
Sun, 04 Dec 2022 05:23:37 GMT
18384875-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/11/
16 KB
16 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/18384875-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1696a37e648b7aa3375f832b26f0d3b2a6622931eeba341accbf755a4534ac9f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Nov 2022 09:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgVured5GBbfIregQmKorNZdN%2F2p%2F58lAkPPoOWOufGNGvmHgb3iq5TUmumsE4L7gQa018l%2FybAT9xrIs0V1ZKgFCXVQXFleyVXwhjLEKGHk7jASNCgDnVLqSGtza2rfo6C%2B5nt60u5jgTTn1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8506dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16237
expires
Sun, 04 Dec 2022 05:23:37 GMT
252626635-400x300.jpg
offside.com.ua/wp-content/uploads/2022/11/
23 KB
23 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/252626635-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4517561f8210d1ddf394d1748f821a1549a1612eccdb061e5a6dd758fe791677

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Nov 2022 17:53:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhIf087vNHAOKHAkCDTjVaJW4PozpjVVbg%2B212qH59YtG%2Ft8d8l0M072kh5%2Fe8xn6eEGcfFPzAecS%2B33PDz%2BMNJ27lOGuxTOu2zTrscCwxt4Ewp90swzNj%2FDs1ZHLM4CjaMdbo335h7wj1KyUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8606dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23435
expires
Sun, 04 Dec 2022 05:23:37 GMT
25245426-400x300.jpg
offside.com.ua/wp-content/uploads/2022/11/
18 KB
19 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/25245426-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97697363383c4054e1e9a428dd2805c0e04ba2c8c692530bb03bda81965b1a9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Nov 2022 18:07:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDsfx60%2BCY89mAFbOLl%2FoirOXT5P43mbCoVytPYsoLr1fT8Glf3M%2FORskYMKjlSZVGHGrzcbotzUA0HMRz7d6C5EFIZSBW6NLlO0K5hFSm7WsWO4QhMNDDw0fo7k%2Bl4VPuQH14b%2BaftzrZqQRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8706dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18623
expires
Sun, 04 Dec 2022 05:23:37 GMT
1235252-400x300.jpg
offside.com.ua/wp-content/uploads/2022/11/
30 KB
31 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/1235252-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbb9e41315a3c2c583304a2dff7a7053bf1d356ac6af79376bb47d6f3cd6a25

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Nov 2022 19:26:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IBCGmlmzjEOozl4YWoGH3Eg8fWxCYB9UzqHfabR%2FyV9qwyzIuhYjkrTJpVhAd88TRS%2BGiLnCL%2Fa7dzR5qm4d8ud0d798vwKn4S7%2BFv89dbvUtUvCtVhlC4ybDlwzxpfuGAtNKCl4gbHMOOz1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8806dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30939
expires
Sun, 04 Dec 2022 05:23:37 GMT
pm_logo.png
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/
17 KB
17 KB
Image
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/pm_logo.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
427f8dcaa42e89577a4604efbbd21af5c268c39b5c6e021f12d060b93257b101

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17290
last-modified
Sat, 02 Apr 2022 14:07:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T60GPNjnt5J3CmbbRk%2BzfPBu7cwX9SXqYWYEEJRDUC8ABHePnyIue2fqtkgKX1qX%2Fsx8pOxAG2UHVRhIQq%2Fk%2FGZOpfituIWvFwWP5DrHlDf6rsXKbdLL%2FPq%2FCcJ%2BrMjtv%2B2W93fU8uemMQE7Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8906dd-LHR
expires
Sat, 03 Dec 2022 18:10:46 GMT
sapfirbet.png.webp
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/
3 KB
3 KB
Image
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/sapfirbet.png.webp
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94277769b8916ca8755e5a211d850942e94e1d6621060daa7ffb5c3976b1ce5e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2738
last-modified
Thu, 04 Nov 2021 10:44:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ee1uFa7dbnaPtB6Hxl8Txi8JlEGxLxwxvcDGKuUvU%2FG1FRPWi1wWmPo0%2FSztQ%2FXxRlnZCKW%2FtN4y9%2Fz%2B40YQepeHTJ%2F3CZzfVZ2xNPRgogbXl0JeVYVcQVV%2B1P2Qfa8vuWlqKlLsVjVUlFR1Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8a06dd-LHR
expires
Sat, 03 Dec 2022 19:33:07 GMT
Mel_blk.png.webp
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/
2 KB
2 KB
Image
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/Mel_blk.png.webp
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2877b9644f1d0214961542e44f4d78fdcba93756941da51b62f0796b5d96431

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1564
last-modified
Thu, 04 Nov 2021 10:44:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3a2r6phqSFtLrmR%2BRpCPFk7tv97ZU1h%2BA3Q%2FEYMQnxx%2BR3e9KSSbwasEJiGgBwT0XifE65pm5GdXcxlx6G7ZPaBQ4m%2FHqRsGY3sJS3m%2F2escQOUoUfBG%2B9ihYgLnwdYHFrGoPIdhyruG5X5mDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8b06dd-LHR
expires
Sat, 03 Dec 2022 19:33:07 GMT
mostbet.jpeg
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/
3 KB
4 KB
Image
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/mostbet.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d154521b7e690095bfb6cb7d50d20769a73c63299f7b35561e7266a8ad2f6f41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3513
last-modified
Thu, 04 Nov 2021 10:44:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdLIaOjweyZteytBG9GPCUY%2BWFtm2KcjU4aekWm%2BsTrq9VgVyRMsivsiQwAQ9qCriEAoKCO6qYu%2BuMDVvRniIWPZo%2BzT2%2FQgWMMCpI%2FPSIa1%2BLIc8rwR8PewVAcXJDF%2FuJJOaMOLzefhYWb0AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8d06dd-LHR
expires
Sat, 03 Dec 2022 19:33:07 GMT
1xbet.png
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/
10 KB
10 KB
Image
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/1xbet.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199a66ac6582dd904b4a006853b186b3169cceddddc159f5772e01ee3f31cac0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9893
last-modified
Tue, 15 Feb 2022 21:05:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrDrhs8SPUjEB9QSuIqxlC3wTPcAmLFhoXVaMc3BdvV%2BgyW57YkujwEruVLCMTTDKeTKjZd88r7%2F4sY7%2Fu1myM5ba15GPkoRspbVI8vIG0Do13vYYb6PQq88jaP%2FoEHoimEEANULJujCcDD91A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf8e06dd-LHR
expires
Sat, 03 Dec 2022 18:10:46 GMT
3333732-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/
30 KB
31 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/3333732-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7dedbb2327be817cb91eab8f15c83bac411f30f4fe1a88013bd85f940aff522

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Jun 2022 11:36:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OR6vZSsdG6r8ihKowLVTmEmTbB55II8D8PZMA71uv7H7CYZjnY0RtSkgQ0xbQjEzRxHublu7%2F2TFIaSiOKoxHfp0K7pM3HdZoBkHYUXVhY%2FQ5hiRPKMfbosfoZP4DH73DEKCnwg32tKpYd5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf9006dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31117
expires
Sun, 04 Dec 2022 05:23:37 GMT
74453-400x300.jpg
offside.com.ua/wp-content/uploads/2022/05/
21 KB
21 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/05/74453-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6cfcdf1e2b932ad28e31fa67aa30b6c13e15bd0e4cbd8cf973dbea4679c815f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 04:36:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cVNwOBqizvCW29yzMwlyD6WWMhPshQf0zNDYlGRyQrpNLxIBY3P2KkgGSy4nlVtaY8Ihyvozig6vwIj7EZbl5IJmIHo5D8EC4GCIhXq4le3M%2BNo9HCO83ZPu13cVg1dmt7%2BnzspuEahkqiQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf9206dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21321
expires
Sun, 04 Dec 2022 05:23:37 GMT
nayef-aguerd-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/
19 KB
20 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/nayef-aguerd-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff125f0dfe5af20434e5abc3228bcb63ba4a2a5a286e69e090e16eff29cd368c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jun 2022 15:08:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiLhuBe5NxSuoSwAZD084QX5AyiMNRxkakgZyBmSVjLLxaOrhdqTBctgonSAJQMdwa2GU1vjb3JOmY73yAyM5QaSxLad8lkZZAD2D9Ydk7EAv%2FQNfx9CvSTMY0qjI7%2Fu201YcXFByw%2BL2VxYqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf9306dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19677
expires
Sun, 04 Dec 2022 05:23:37 GMT
20221011pf_as5991-960x640-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/10/
20 KB
21 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/10/20221011pf_as5991-960x640-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c20b711bd4933c5ff4864901e62060434c55d81d26ebd100a37355eade8e9bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Sun, 16 Oct 2022 19:37:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLjJoX32N0VS47ztHQZEM%2BRwWo0aPHuWKfVuzAVn%2Fgf1uAcMp1OuMk08zQdmRADEnyPdceFJ4Z7rg1ER8jKgDhkj0pxynHCUFrWeOWTDOfTVc%2BFCCozyJX2c48XtmeozGTIHyaK6gr8NCbsBiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf9606dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20839
expires
Sun, 04 Dec 2022 05:23:37 GMT
b72ktkpturbxy84mjdlztzkndyyywjjmdcynta0nwvmztbhzjgzodazyi5qcgeslqmazkvndg3nb-evas0h0adcww-400x300.jpg
offside.com.ua/wp-content/uploads/2022/11/
19 KB
20 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/b72ktkpturbxy84mjdlztzkndyyywjjmdcynta0nwvmztbhzjgzodazyi5qcgeslqmazkvndg3nb-evas0h0adcww-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ded7a144bbe610480e74d1ec8fd8c648b27ac92df4c0cc6af7e51efcd08f74

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Nov 2022 06:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2F3s0YUgcRg3hE3PRWAVgqj72De2YIbE4HTgUQ%2Fa7SWdEah9xDHBOYthL2yk20ua1xWhVaSAfGonIigJgGHzVXnejw3iwFy1vZcY1Te1rcfnikK5VWz1ZjMr7BBOOIB1zhdcF50dnvA3lM8XKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf9806dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19641
expires
Sun, 04 Dec 2022 05:23:37 GMT
ad-provider.js
a.exdynsrv.com/
77 KB
26 KB
Script
General
Full URL
https://a.exdynsrv.com/ad-provider.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
45cfe337b29a6e95dd08b6f021f45e5dd81abd2879fb513596a25ea951d21447

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:37 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"08fd416be34548d344756381db6"
X-HW
1669526617.dop212.lo4.t,1669526617.cds201.lo4.shn,1669526617.cds201.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
26096
1983848585858-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/11/
19 KB
20 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/1983848585858-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b59c9e802af8bdfbfbe286e84e80fda36fe084c5934f68972b150e040952b3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Nov 2022 01:08:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeuO%2B%2FN479%2FDs2%2BzF8JJc40w745kQ8SjV%2Bb4kYt076eEBpnxPIbILrcjzTyVfYie7Oek7TcxfK7Mznj6dR7g6cJZCknIraq6uD%2FmP2DgNlNJt1moDc8agtsj4qmH%2F3DyICKa0DCzaNTwE%2Bh1Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf9a06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19632
expires
Sun, 04 Dec 2022 05:23:37 GMT
bruno-fernandes-3-768x512-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/11/
18 KB
18 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/bruno-fernandes-3-768x512-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0938b06ff06e45ba2bfee877946cd31929b6506f807058678faa736de5a4e6b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 14:44:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnhJykMWMgfcmCfG72mrDlFyeuvs7GfVf1FLJj4sTJ6VzlUolmy%2FGGa0NtwjSaOmoEG9PHUr1kewjXQenlaGh3QduqzPRddDBkSjU3IkhF1MUmG3GDv0Dnijkh8WVvRtypnKGdIdOf5mnZB1rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf9c06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18309
expires
Sun, 04 Dec 2022 05:23:37 GMT
0192838485885-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/11/
27 KB
28 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2022/11/0192838485885-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a9dd279c8ac798300357164114e0d70be3d0bb7ed51a98ecb00d6e6b51506ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 15:40:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RN7LU6x5r2KmVm7I3a3envmgQ3kb5ltE1663Lj1x7nUs9zduDVs0HiTrlIRDZNcA9BQRJ3Q2bIHyCrmrpQWmoXRAsc1%2FUCimwu%2BC5AJbF5aSoPSK8nIUUJgOYE2qhc%2BzCU49Pn%2Bj2gececCOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccdf9e06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28052
expires
Sun, 04 Dec 2022 05:23:37 GMT
twitter.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/
2 KB
1 KB
Image
General
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/twitter.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3abb75ebc673d5c07263ea76e8a03b2f03a12e6a56c050c6b3a37e33e78e72f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkiSzLqfUb8c5nerybmD0%2B2PyxNKoh%2BdaUp%2BzFnICP4WBW9tiFXcFIpGtxp3sjsQ3pnadCStuU8HH6gTW7l%2BWwI4tmmHVkNWsfWxQDB9JLjMdGTpPRo7%2BIeQ437rVDWrWp8umhy2GsaTPYtthQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf9f06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
facebook.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/
523 B
847 B
Image
General
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/facebook.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78764c6b55a054871a6a5b36a5704b51eaab0e4394cf6a97cddd3c0ee4d7236e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luA3hvaJnZPTEh59gWvklHyZi5K3QwmqPHMFe%2Fx38VLOvliA2ZjABD%2BKZ9s6xM7oTgHepIYBB0MA4vvOBLFm0UCvRrjHkTs8SMDcDivhs9vqaqyj2PlAsp5YPv896ZIOjkOJQ8g3OIaF2lnLcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdfa106dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
google.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/
1 KB
1 KB
Image
General
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/google.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37d6e58fbd507020bfee3d26b717393a4c78e845bc164bcea7d7374c4a5d672

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etAMGjpTCzX96z3hsliv5YZivvudm4A6pr0IyJMrL3WBYMfTAeskN3RqUSfiGO%2BhvEqkLLPpGs0GfqFj8gpwoT1SLRHH3odFZC0OfiUEZeNgf0aDcK5lI1ZWHBmdr3apjkWCK%2FWu8sOejJ9goQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdfa306dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
email-decode.min.js
offside.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://offside.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Nov 2022 13:35:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"637cd00d-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8zC4Bos7wZJ4MI3MjBtvvs7fR%2BAvUhdecUSVYm%2FLyNseSM9eFd2e01bzdOp7e%2FdtneEAWEl7EFGPW50dbUg7MUCmd%2FIYAX%2FBmskNOMTxEvKnOrJjdkl0QPpG5tt037UEue%2BGEyUZJ3sMwfBPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
77086eccbf3f06dd-LHR
expires
Tue, 29 Nov 2022 05:23:37 GMT
main.min.js
offside.com.ua/wp-content/plugins/anycomment/static/js/
2 MB
587 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/static/js/main.min.js?ver=9b87b6e21a74caabf02f75b28bb0fb66
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f010159247bf3b25e92cd7c414b38194bd825a212bf42f9adaa8587bd0253ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5ctWH7iiC8dGQz8rg7oEH2YnUYtVOFahsjlkOmRQWIpGeA5vVj2DjFrePuZODeCCCm1oTaJ%2FO0jkWv14CDXg0sKQDC7aYVhGF5IR%2BhejuSu6Fj9ajK3OFi3Q6nQD9aF8rTVh9Gf8o9g%2ByLGWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccffa606dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
regenerator-runtime.min.js
offside.com.ua/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://offside.com.ua/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
35434
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9nTEOQlUoIeFPVOZe5Ulr2ZwCI1vuwJQc%2BHQU410v3qr%2Bi9neTpxrwM%2FtIc0nIOChUIpRl0Z%2FFLPuZfImMai%2FMITSbEatZeqZ1trrJNQipcFPvOBslf3fboikaYWw8uWRsmBC%2FLyC40Rziy%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccbf4106dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 03 Dec 2022 19:33:03 GMT
wp-polyfill.min.js
offside.com.ua/wp-includes/js/dist/vendor/
19 KB
8 KB
Script
General
Full URL
https://offside.com.ua/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
35433
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3wGr957WVuWC1ADMkKDhVk1uuKCY8Xkze3mXxtWbLpuqMcc5R4zTDtVtSvAVphby8YTGw1864w%2B4fOmlAASyVt5fcY%2BrlgmJac9HA8fjxqWdgNcgZvWfBWyZJTLH%2BRaXRFBsCXRhRzD6Wg7SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086ecccf4206dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 03 Dec 2022 19:33:04 GMT
index.js
offside.com.ua/wp-content/plugins/contact-form-7/includes/js/
21 KB
7 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7abd36a2f651330420d86187c125331d679408d1be7b6cd93efa64e08eaf80c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 Jun 2022 13:26:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBqwBFCWXGHyZAVOCYhHKJzD5kfYR6a4Es%2BhgQ0U%2Biy4xVVi%2F7jMIXSLUuQBUGe0LfvtnBB7g4tz4Fa68Qqk3ukGxbPjv5FWDeZH2dgbTF5aj1Ioj3Um9OWGVA1OxwHwoBx1IO%2BS8GKBgiFBpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5006dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
superfish.js
offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/js/
5 KB
2 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/js/superfish.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419b39f3cda98241621ab9469a5b23de4b0f01a98a145efe662d4aadc510a7bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37176
cf-polished
origSize=7145
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhXHjQVXj%2B6kkfxglJCTHMNmkjbgZOOuTwYN2EpHfIdM2898e%2BdtTzCUUFhArdTRzwdqT%2B7zjp293YjJXy3Cl2HHgaVtU0L9ojmS5N103sTJfIeOq0mUyvAnl%2FD10aQbWpOu45bqobucVXJRgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5106dd-LHR
expires
Sat, 03 Dec 2022 19:04:01 GMT
hoverIntent.min.js
offside.com.ua/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://offside.com.ua/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40373
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdpUIDuQ9Q1MgygcpBZJB0hMOnkXS1EAjY3Rxk9eLH4nAG7ayuLSW%2BiYmqxP9MhzStDvtEYTcg9qijSbwAil5MQGpiNKEDLhigj3X4aWXM9oZGS0Fwg2wb%2BTO%2B0uYoUJgdFcUq1ux%2F%2FxqcKQ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5206dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 03 Dec 2022 18:10:44 GMT
modernizr.custom.js
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/
9 KB
4 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/modernizr.custom.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bed074367042548e1f1ce7d18ba273b797a7a142899b5fdafabf24aa17bb645

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8x94v3uYbITwFCjrz0YpcIC07qDoLmsNJQVi%2F9dVxmXALdH8aVnkfFTXK%2FgI1jmxmeRzHUMU1tfzr0lLFDa45RWub9jRduSHdxwgeU97KudLSK4vyM%2BUraZ7N%2FFT5zqaKJvYii%2B0qkSyMhT6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5406dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
jquery.dlmenu.js
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/
5 KB
2 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/jquery.dlmenu.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d34963b7db0da6900ddb9c2fd6b9b9d59844eeec6d2a6a99d3f7c0bc820797b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40374
cf-polished
origSize=7002
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlJlbNRwQBHJt9UASssh%2B5T6lyP8OCvT0gCKKP9BxEz5talTYK8d08reqW6Uj8ip4Qph3L969ssy3itVyjNIXXbkmt4iUHwX1tbLCy4vpdvCKMHIGfqcFrhflXhdO60o%2FT5fUrBgp0wM1BuBbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5606dd-LHR
expires
Sat, 03 Dec 2022 18:10:43 GMT
jquery.easing.js
offside.com.ua/wp-content/themes/urbanmag/plugins/
4 KB
1 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.easing.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37175
cf-polished
origSize=8097
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zstAVFtXr1sJm%2Bz1TM%2F2qWyMXY6CS%2F5q310UDThBAJLn3soymNop4j6SN%2BwmtfjCfw%2BK0dezzAmPmxWTCUW%2FvdpXetfpgCqAN%2FMg7QRUJOLmyuE6eeCahgq3qbHd9d0uew510QzQvhv9dHdnpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5706dd-LHR
expires
Sat, 03 Dec 2022 19:04:02 GMT
jquery.transit.min.js
offside.com.ua/wp-content/themes/urbanmag/plugins/
7 KB
3 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.transit.min.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40373
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IywQcTAF4QeriwJHSryDHWBEShHiPdPnaQwwD1Dn%2Fb3MgDQpJbDV5Xi14lbejMN6Kzj3jLmoJkjdt81IFo%2FqQZavuKX3OvEmSNsCX77ktjZBLXX51Wlr0QyPAbnOMiEJQ8SiyNzAFOYTTanTCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5806dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 03 Dec 2022 18:10:44 GMT
jquery.fancybox.pack.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/
23 KB
9 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/jquery.fancybox.pack.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
776ef5ab756f8e5a45a1508c934b11b7d2ae0206cb1d614bc2ab939541a1a897

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40373
cf-polished
origSize=23997
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzQ9Y4FGielX%2BQmnNDYJ4bJ4p2%2FGjvW%2Fepu5DXszMMwZMXwmYtE%2Bt14nzE%2BXXe9VosiX%2FoS53bAt1t34dm98EU6xIR5ZZuaM%2B7HxNnBIc%2FhkTj5rpQYbrrO1FgjqG9WV6%2BQc15u65Gszsmq5DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5906dd-LHR
expires
Sat, 03 Dec 2022 18:10:44 GMT
jquery.fancybox-media.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/
4 KB
2 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/jquery.fancybox-media.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1bd7d64deecbc15860d0f0a269fca9043802f24a12443c912cc507305e4cfd0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40373
cf-polished
origSize=5305
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h4W1J%2FvD6gx5Q68QCYTJeDhX1tJo6vWzpPB5FmRl3m2gapNwLLyHgwqXXCb3WpqX0sfinx2CBqaNapOxmmfA6bqMQIArYt0nLdvLcnon3eeQMJkcRdmYFSIRbD4heCDfrXIDtk5%2F%2FaFslnXIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5a06dd-LHR
expires
Sat, 03 Dec 2022 18:10:44 GMT
jquery.fancybox-thumbs.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/
2 KB
2 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad72ba5583bcd350d55c0e2b27839eb8398a6842df6c399e80bb05e37604ee5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40373
cf-polished
origSize=3836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmWp7XQ9sjC49koggF3XorRICPo%2FiNiId4km%2FgJ8LjsJT08Kd0aYmyXwbjdfUTSCkQCc6KJ6JI5%2F4AwNX%2FIunDyNIr%2FQvl0FGqBZxx5LLUoRhKpKir7Zw76bVgtpc5MLMQKOEYfnM25PT%2Bhcnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5b06dd-LHR
expires
Sat, 03 Dec 2022 18:10:44 GMT
jquery.flexslider.js
offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/
29 KB
8 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/jquery.flexslider.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c17e5fec5e26fbc519e90d9f8455d30bd9fde8c1fde9591691ef249b0741028

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37174
cf-polished
origSize=52367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1%2FQJAwU7GAxQAp0lduBH9Qnouvo2u%2F49Z%2FwLrk0Iv725tlJNJ6vt9wv2V2Oft3uaBVq7UxLFKxa9sTkKeL2kthh5qDpllkBMi2NE%2FvWekZeiRQHt1Rk9gAq8Do0UpQYXwmPgXm7vHBFY7JBmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5c06dd-LHR
expires
Sat, 03 Dec 2022 19:04:03 GMT
jquery.isotope.min.js
offside.com.ua/wp-content/themes/urbanmag/plugins/
37 KB
11 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.isotope.min.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfda5ab4fa75e77566a328adae8566973f7d2a7d1815a272daf58cad64ff8273

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqYUjOM8Jd1jr0IIW6S2p2b4VhDEvsf8WKzt7qHZ%2FOYvvc6sMh6c6nkQ1BydmN%2BhnuHi5y77%2B%2Ffz3tjRmxVuLXPBZ8R7Zoaja7Y7WyhnEYQFh%2FyT8fs9QZ9Los9nVNITzXdtw72OrFfhwH511g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5d06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 04 Dec 2022 05:23:37 GMT
gdlr-script.js
offside.com.ua/wp-content/themes/urbanmag/javascript/
24 KB
6 KB
Script
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/javascript/gdlr-script.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4cff9965d17a5e644e1610d150796343dd8a51556b6d7a7fd3c390b82288f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40373
cf-polished
origSize=32833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vjri%2BzKnBSzvcr18RJSvSG4Owq0%2F81qGScSzzdSWxdTNioCOfftz9W4k4uIA54NeyW4qKTmBNDvdys8wZvpnPcQkaaC%2BRt9YnVevx7Z4%2B719DZ35gMmCZ0yBPQyWDdVXDENSl66tJGlaFn8K2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf5f06dd-LHR
expires
Sat, 03 Dec 2022 18:10:44 GMT
sassy-social-share-public.js
offside.com.ua/wp-content/plugins/sassy-social-share/public/js/
113 KB
39 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.42
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba86c4e74026c9c80d215b10cf1aecbc0576d7aaef6ceac9eea652d48a787bf4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37174
cf-polished
origSize=121779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1hqgabgDYeoTZ3C3A5fsiv1QvCg2le5JIGs%2FWoTkvHeaD95%2FcydX2pAsVY8l1FdRwlHp8Amr2W5L2FxIMLWc5LUYEnWBSoWK4bKwBOyawmlb8YnOl5z%2FMpimt%2Fc31a6%2BlTEbrRgCEvYQlQctg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf6106dd-LHR
expires
Sat, 03 Dec 2022 19:04:03 GMT
js
maps.google.com/maps/api/
176 KB
58 KB
Script
General
Full URL
https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
2135fde5fcefef36989f8d709ed4c7155e85b453c961137a86d29149daee6598
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:18:35 GMT
content-encoding
gzip
server
mafe
age
302
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=13
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58692
x-xss-protection
0
expires
Sun, 27 Nov 2022 05:48:35 GMT
maps.js
offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/js/
31 KB
8 KB
Script
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=2.3.4
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a3b8ea20c9512ec35491bea3f66fe195756a49d837c82a83013f89e0e6b1bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40373
cf-polished
origSize=56069
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVC58FR2%2BvgqdiggrWR54aPZXjw%2FReJqjU4nvG4QQCMjzlRvrdmzf04scU9DureFvt5nC6%2Fv%2Bk6qbWmgeGop4HBTmlhPP1%2BZ74qBkQq74SeUufrCC2yN5QhxESrBwWmMFHMw99s1sSn5sWT6Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
77086eccdf6206dd-LHR
expires
Sat, 03 Dec 2022 18:10:44 GMT
collect
region1.google-analytics.com/g/
0
346 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-83HN7YJGYM&gtm=2oeb90&_p=1709369219&gdid=dZGIzZG&cid=62263410.1669526617&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669526617&sct=1&seg=0&dl=https%3A%2F%2Foffside.com.ua%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20Offside&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offside.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load
z.cdn.adpool.bet/ Frame F645
35 B
504 B
Document
General
Full URL
https://z.cdn.adpool.bet/load?z=1518821222
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.7.203.129 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 27 Nov 2022 05:23:37 GMT
Expires
-1
P3P
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
nginx
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.34639849441001713
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.34639849441001713
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.34639849441001713
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:37 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Fri, 26 Nov 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:37 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.34639849441001713
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Fri, 26 Nov 2021 21:00:00 GMT
js
www.googletagmanager.com/gtag/
212 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
777b747088bd593b30b6a2f5d939b1f65eb5f7a544915f94eff47c52d9d4927c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75872
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Nov 2022 05:23:37 GMT
i1-1024x268-min-1-1.png
offside.com.ua/wp-content/uploads/2021/12/
124 KB
124 KB
Image
General
Full URL
https://offside.com.ua/wp-content/uploads/2021/12/i1-1024x268-min-1-1.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9cb9ae359a625e05528779aa81b4889ca5bbb9c3d870ea207fc3e9502d26459

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37179
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126809
last-modified
Mon, 27 Dec 2021 21:04:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zVDWk6o8CNZEiTyDXf8RQO5kc3OTOKJlooJsZiBz7yKdNx0wtN%2BYIKC2RP72Kmvd2siwJwmKQO05wNLWZMnRVdYCfigGgK7%2BeMq%2FRO8nleYScqYR8tPLLsIJgv5cYyytY3%2BPAde1D16lidEug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccffa806dd-LHR
expires
Sat, 03 Dec 2022 19:03:58 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:06:09 GMT
x-content-type-options
nosniff
age
393448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 16:06:09 GMT
truncated
/
252 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c88d61050399e0f93184e6e6fe946329df48ef9c7bc23b521ebdd28e10e563

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
1Ptug8zYS_SKggPNyCkIT5lu.woff2
fonts.gstatic.com/s/raleway/v28/
25 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCkIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 03:35:12 GMT
x-content-type-options
nosniff
age
438505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25640
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 03:35:12 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 17:43:57 GMT
x-content-type-options
nosniff
age
473980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21276
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 17:43:57 GMT
fontawesome-webfont.woff
offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/fonts/
64 KB
64 KB
Font
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0.3
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6LLecUqTGEUH5a7ELpcHkua7wcZ8DKPil2gkTy5h6%2FL8x9UwYzmremhGFTfddG%2FYDa6AA94Qy4SbBHQeAL5CDvS7CNS8t%2F7HArpoAUho0Aos3x7d11%2FuJbgMQI%2FzCJVsufZ99PUMRw5euKvdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccffaa06dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65452
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/
45 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 22:05:34 GMT
x-content-type-options
nosniff
age
199083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 22:05:34 GMT
overlay-gradient.png
offside.com.ua/wp-content/themes/urbanmag/images/
2 KB
3 KB
Image
General
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/overlay-gradient.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f999ea0d328245ae7d1201632b7783931d12b0f936430c31e3fc1b2fb080f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nMQDlfosE28V07UnpE5L62r0giTfDkrWW556KrswhSoMcNeh2aLMA7f5XtKfseX5SRtmg9y28nM3j8muj4oCzm1L8X%2FaGHmb0QctxiR1M%2FtGEALafJh3eiQ0YGuX26NZZDCSzPSZOG7jIY51g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086eccffb006dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2256
expires
Sun, 04 Dec 2022 05:23:37 GMT
I
refpa6781648.top/ Frame 0E91
639 B
612 B
Document
General
Full URL
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
e49631be380c019d38aa88b39305a7bd9285b324fecac71d296997a6c4fe033c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
413
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 05:23:37 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
5.0
a9aad5ef29d93f6b001878d9ddf2bcdf-88548-600x200x70838400-[rnd].js
covivado.club/banner/
130 B
410 B
Script
General
Full URL
https://covivado.club/banner/a9aad5ef29d93f6b001878d9ddf2bcdf-88548-600x200x70838400-[rnd].js?e=vb600x200x53539&rand=0.6424055406219151
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
b3a4dc93cb491425d6552342960777015f434ed0c89b8adf0fc2a84c4063d93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:37 GMT
strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
server
nginx
expires
-1
rcl-awesome.woff2
offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/
80 KB
81 KB
Font
General
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5c1ffb80e8c6b709daf7cd8f06a977335f3a35f90332e9bd9a5e605717ccfe

Request headers

Referer
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4Uiha4eEAUi%2FeJ7srQJ9xV%2FPrG63qf02BzYuazN1GBl1GXgu8Qj2%2Bnfe%2Fr0zghyNv%2BNn4Fm%2Bm8owrCLR0w01YjiVulATL6GG8mX0IJ6%2FrHE%2BaFLoYOKKNTf4kSfUrYLflIuUSQAAuV7HncVVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77086ecd3fc906dd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81956
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 07:57:00 GMT
x-content-type-options
nosniff
age
422797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25036
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 07:57:00 GMT
logo
counter.yadro.ru/
240 B
513 B
Image
General
Full URL
https://counter.yadro.ru/logo?14.15
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e159378d94ed38aa4029194c7f61e8213ff334ffc1ec4d2ed581b8d4f05ea35a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:37 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
Cache-control
no-cache
Connection
keep-alive
Content-Length
240
Expires
Fri, 26 Nov 2021 21:00:00 GMT
api.php
syndication.exdynsrv.com/v1/
1 KB
1 KB
XHR
General
Full URL
https://syndication.exdynsrv.com/v1/api.php
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ccbba26502ca361b0401549d5365a56fde6a78f5a81434ccb18b92896c387742

Request headers

Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 27 Nov 2022 05:23:37 GMT
Access-Control-Request-Method
POST
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://offside.com.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
Authorization, Content-Type
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5MF0YH07SE&gtm=2oeb90&_p=1709369219&gdid=dZGIzZG&cid=62263410.1669526617&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669526617&sct=1&seg=0&dl=https%3A%2F%2Foffside.com.ua%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20Offside&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offside.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/
355 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e881fdceb28f9eb4e41f93f2c9b4615309a691d90f1fa4da8b4f5789e2ad0718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119605
x-xss-protection
0
server
cafe
etag
6073815630492264189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 05:23:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 4808
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
67290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:42:07 GMT
etag
10353107486223812946
expires
Sat, 10 Dec 2022 10:42:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cimp.php
syndication.exdynsrv.com/
0
760 B
XHR
General
Full URL
https://syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11Qy07EMAz8FX6g0djOy3tESNxBfECatLAHtoeCtEj+eJIu2gOaWHLsmbFlBvNENHF6AE4sJ0nGlBxJdqTREcieH1/Mk23rup/b4ur26b6LSW8zLCUgJ1OfRdl80KwcLaDnrDEkbz7nRPCw/tjQQSH4NDIHdH+Fvb0+HUEdbAJcOXTeMdpomPUPrkM8L2GGLJXWgqgrVFubva8clbjOyyD+3xU3OBDlY8JfweJQCdk0RBy9EIt9bPvX+fJu1msHq+w/l2p2V90Q7j5kFmVFrbPEVrjfI5bWogQNoov4gPYLXH80eGgBAAA=
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://offside.com.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
10012456
a.adtng.com/get/ Frame 0448
4 KB
2 KB
Document
General
Full URL
https://a.adtng.com/get/10012456?time=1614803572912&apb=oodPNZHNRbHNdXHNLM7nQjqarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rpqqqbHVz13TUTOnrpomnodK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7A
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/ad-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.171 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
ade74efab08237d9c2e51a69189ce2b83eb3c6c865982dda83700c5391ff4081

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 05:23:37 GMT
server
openresty
x-request-id
6382F459-42FE72AB01BB59AB-3EC1A408
vortex-simple-1.0.0.js
hw-cdn2.adtng.com/delivery/vortex/ Frame 0448
5 KB
5 KB
Script
General
Full URL
https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10012456?time=1614803572912&apb=oodPNZHNRbHNdXHNLM7nQjqarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rpqqqbHVz13TUTOnrpomnodK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:37 GMT
Last-Modified
Fri, 02 Nov 2018 14:17:11 GMT
ETag
"1541168231"
X-HW
1669526617.dop225.lo4.t,1669526617.cds256.lo4.shn,1669526617.cds256.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10758668
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5027
945688_banner.png
ht-cdn2.adtng.com/a7/creatives/39/1393/805208/945688/ Frame 0448
72 KB
72 KB
Image
General
Full URL
https://ht-cdn2.adtng.com/a7/creatives/39/1393/805208/945688/945688_banner.png
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10012456?time=1614803572912&apb=oodPNZHNRbHNdXHNLM7nQjqarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rpqqqbHVz13TUTOnrpomnodK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.20 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
5cfd0889bddf20b0426add84fb0e0f596ef7dd653d3d22c8f5b63238a80a2088

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:38 GMT
last-modified
Tue, 26 May 2020 10:07:31 GMT
etag
"11fc9-5a68a43751ec0"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=10504666
x-cdn-diag
fra1-11015-1-39527-h-0-0---;11015-46-31672----0-0-0
accept-ranges
bytes
content-length
73673
expires
Wed, 28 Dec 2022 03:58:36 GMT
IntersectionObserver.js
hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 0448
16 KB
17 KB
Script
General
Full URL
https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10012456?time=1614803572912&apb=oodPNZHNRbHNdXHNLM7nQjqarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rpqqqbHVz13TUTOnrpomnodK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:37 GMT
Last-Modified
Tue, 05 Apr 2022 20:54:54 GMT
ETag
"1649192094"
X-HW
1669526617.dop225.lo4.t,1669526617.cds256.lo4.shn,1669526617.cds256.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10657883
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16885
cookie.js
partner.googleadservices.com/gampad/
395 B
469 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=offside.com.ua&callback=_gfp_s_&client=ca-pub-7140845151581295&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
902b9e024ebd88a6f82811f4c42de65b3c4d3c7ade1b66b848c41d57fad73e79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Foffside.com.ua%2F&tn=DIV&id=recallbar&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EED6
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7140845151581295&output=html&adk=1812271804&adf=3025194257&lmt=1669526617&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Foffside.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669526617368&bpp=4&bdt=602&idt=274&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6094191968062&frm=20&pv=2&ga_vid=62263410.1669526617&ga_sid=1669526618&ga_hid=1709369219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44774292&oid=2&pvsid=3871893254437559&tmod=485082568&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 05:23:37 GMT
expires
Sun, 27 Nov 2022 05:23:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
9a550fcc-885a-4caa-9132-06c004e73115.gif
refpa53115.top/img/AdAgent_1/ Frame 0E91
149 KB
149 KB
Image
General
Full URL
https://refpa53115.top/img/AdAgent_1/9a550fcc-885a-4caa-9132-06c004e73115.gif
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.14.29 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
db9bacda467d38f3afc52d07d44734b5d48543fb9600f71f5018b1ed09b87c62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://refpa6781648.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Wed, 01 Apr 2020 17:14:06 GMT
server
nginx
etag
"083e8f2488d61:0"
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
152123
checker.js
refpa6781648.top/checker/ Frame 0E91
6 KB
2 KB
Script
General
Full URL
https://refpa6781648.top/checker/checker.js
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 10 May 2022 06:49:25 GMT
server
nginx
etag
W/"627a0af5-1843"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
expires
Sun, 27 Nov 2022 06:23:37 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
449 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://offside.com.ua
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
c.html
cdn.admixer.net/scripts3/51428/ Frame 426E
738 B
518 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 05:23:37 GMT
etag
W/"6375fd72-2e2"
expires
Sat, 18 Nov 2023 09:24:10 GMT
last-modified
Thu, 17 Nov 2022 09:22:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:10+00:00
x-id
fr5-up-gc11
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/51428/
23 KB
8 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc11
date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:56 GMT
server
nginx
etag
W/"6375fd70-5d41"
vary
Accept-Encoding
x-cached-since
2022-11-23T09:16:52+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 24 Nov 2023 09:16:52 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/51428/
75 KB
20 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc11
date
Sun, 27 Nov 2022 05:23:37 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:47 GMT
server
nginx
etag
W/"6375fd67-12c39"
vary
Accept-Encoding
x-cached-since
2022-11-23T09:16:52+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 24 Nov 2023 09:16:52 GMT
dsp.aspx
inv-nets.admixer.net/
6 KB
2 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8425006667366526&cpv=9609f604-01bf-e280-4358-e1a9bf2a39fb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22f4074acc-58dd-ac6e-662e-e795ecea2da4%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22c999fe86-50be-dceb-2385-237554a8704f%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22fd14b314-fa29-02a7-1dcf-d8359714f4e1%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22543fe7bd-9686-2aab-8840-a49551889a9e%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22e4a5ac7a-9c31-6e52-4160-3e7343f0dd3d%22%2C%22tagid%22%3A%229bec7333-3f7e-475f-9fc1-14ea4a77a4b5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_9bec73333f7e475f9fc114ea4a77a4b5_zone_106628_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A4%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ce15ddcedd7427a33e15cfe70dfd6934236664bb77cf82f5a3d843251ccd817b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
1803
X-Xss-Protection
0
/
refpa6781648.top/redirect/stat/run/ Frame 0E91
14 B
230 B
XHR
General
Full URL
https://refpa6781648.top/redirect/stat/run/
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/checker/checker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
x-requested-with
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private
content-length
49
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/51428/
28 KB
11 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/51428/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc11
date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:01 GMT
server
nginx
etag
W/"6375fd75-702f"
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:11+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Nov 2023 09:24:11 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/51428/
42 KB
18 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/51428/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc11
date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:02 GMT
server
nginx
etag
W/"6375fd76-a793"
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:11+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Nov 2023 09:24:11 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/51428/
13 KB
5 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/51428/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc11
date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:54 GMT
server
nginx
etag
W/"6375fd6e-326c"
vary
Accept-Encoding
x-cached-since
2022-11-23T09:16:54+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 24 Nov 2023 09:16:54 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/51428/
11 KB
4 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/51428/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc11
date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:53 GMT
server
nginx
etag
W/"6375fd6d-2a79"
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:11+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Nov 2023 09:24:11 GMT
f744d5275c14e0b3b41a.b.js
cdn.admixer.net/scripts3/51428/
216 KB
75 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc11
date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:02 GMT
server
nginx
etag
W/"6375fd76-360b6"
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:12+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Nov 2023 09:24:12 GMT
sync.html
s.adtelligent.com/ Frame 19B8
4 KB
2 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8425006667366526&cpv=9609f604-01bf-e280-4358-e1a9bf2a39fb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22f4074acc-58dd-ac6e-662e-e795ecea2da4%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22c999fe86-50be-dceb-2385-237554a8704f%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22fd14b314-fa29-02a7-1dcf-d8359714f4e1%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22543fe7bd-9686-2aab-8840-a49551889a9e%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22e4a5ac7a-9c31-6e52-4160-3e7343f0dd3d%22%2C%22tagid%22%3A%229bec7333-3f7e-475f-9fc1-14ea4a77a4b5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_9bec73333f7e475f9fc114ea4a77a4b5_zone_106628_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A4%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.178 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
100550dfccbc9bfba8e9ef1cd9b391764706818df1985728faaa9eb5ba8cec14

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://offside.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1354
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 05:23:38 GMT
Server
Adtelligent
X-Robots-Tag
noindex
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame F91D
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
1 KB
993 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8425006667366526&cpv=9609f604-01bf-e280-4358-e1a9bf2a39fb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22f4074acc-58dd-ac6e-662e-e795ecea2da4%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22c999fe86-50be-dceb-2385-237554a8704f%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22fd14b314-fa29-02a7-1dcf-d8359714f4e1%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22543fe7bd-9686-2aab-8840-a49551889a9e%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22e4a5ac7a-9c31-6e52-4160-3e7343f0dd3d%22%2C%22tagid%22%3A%229bec7333-3f7e-475f-9fc1-14ea4a77a4b5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_9bec73333f7e475f9fc114ea4a77a4b5_zone_106628_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A4%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
35fde07b00f81eb537945883df583523d1da797b7ba2b5c93ac65fc21b2bcc16

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 05:23:38 GMT
expires
Sun, 27 Nov 2022 05:23:38 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sun, 27 Nov 2022 05:23:38 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
/
onetag-sys.com/usync/ Frame 97C9
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8425006667366526&cpv=9609f604-01bf-e280-4358-e1a9bf2a39fb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22f4074acc-58dd-ac6e-662e-e795ecea2da4%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22c999fe86-50be-dceb-2385-237554a8704f%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22fd14b314-fa29-02a7-1dcf-d8359714f4e1%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22543fe7bd-9686-2aab-8840-a49551889a9e%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22e4a5ac7a-9c31-6e52-4160-3e7343f0dd3d%22%2C%22tagid%22%3A%229bec7333-3f7e-475f-9fc1-14ea4a77a4b5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_9bec73333f7e475f9fc114ea4a77a4b5_zone_106628_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A4%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D923672e933cf...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=a61e746f-6e13-11ed-a669-801844df107c
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=ee215f43-d1ee-42e9-9868-5fd386e3c346&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=cf08ae2e-6b1f-4b65-8b22-078dcdcf1753&expires=1&user_group=5&ssp=lemma&bsw_param=ee215f43-d1ee-42e9-9868-5fd386e3c346
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=ee215f43-d1ee-42e9-9868-5fd386e3c346
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=a61e746f-6e13-11ed-a669-801844df107c
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ee215f43-d1ee-42e9-9868-5fd386e3c346&ssp=lemma&gdpr=&gdpr_consent=
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ee215f43-d1ee-42e9-9868-5fd386e3c346&ssp=lemma&gdpr=&gdpr_consent=
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ee215f43-d1ee-42e9-9868-5fd386e3c346&ssp=lemma&gdpr=&gdpr_consent=
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=923672e933cf4b91800cab6c268cb029
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z895FFF440A041A1AF07D02C46AE9611&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=923672e933cf4b91800cab6c268cb029
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z895FFF440A041A1AF07D02C46AE9611&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z895FFF440A041A1AF07D02C46AE9611&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=923672e933cf4b91800cab6c268cb029
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-cache
server
nginx/1.18.0
content-length
0
expires
-1
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkQzNURGQjgtNEU3My00QjIxLTk3NDktREZGQUUwQTIzNzYw&gdpr=0&gdpr_consent={consent}
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent}
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D6D35DFB8-4E73-4B21-9749-DFFAE...
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
date
Sun, 27 Nov 2022 05:23:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
1px-matching-admixer.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 27 Nov 2022 05:23:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=923672e933cf4b91800cab6c268cb029
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D923672e933cf4b91800cab6c268cb029
43 B
848 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:38 GMT
AN-X-Request-Uuid
60640a93-be85-40ce-890e-ecc9be9ffba2
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:38 GMT
AN-X-Request-Uuid
2b36e84e-d466-4033-bacb-84af4e28f637
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D923672e933cf4b91800cab6c268cb029
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.html
s.console.adtarget.com.tr/
0
0
Image
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.242 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=8c2f1654-6acc-544b-8621-d2ace5a326f7
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=8c2f1654-6acc-544b-8621-d2ace5a326f7
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=8c2f1654-6acc-544b-8621-d2ace5a326f7
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-CbQac75E2uHAMKlVEIkD3iiJewm6ilheMbRRkug-~A
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-CbQac75E2uHAMKlVEIkD3iiJewm6ilheMbRRkug-~A
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:38 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-CbQac75E2uHAMKlVEIkD3iiJewm6ilheMbRRkug-~A
date
Sun, 27 Nov 2022 05:23:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=923672e933cf4b91800cab6c268cb029&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=923672e933cf4b91800cab6c268cb029&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=7a25f043-5a7f-4350-883a-ac49aad285f6&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=ee215f43-d1ee-42e9-9868-5fd386e3c346&gdpr=&consent=&gdpr_pd=
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=ee215f43-d1ee-42e9-9868-5fd386e3c346&gdpr=&consent=&gdpr_pd=
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
//inv-nets.admixer.net/bs/cm.aspx?id=ee215f43-d1ee-42e9-9868-5fd386e3c346&gdpr=&consent=&gdpr_pd=
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=586580a3-573d-439a-bf4a-edc4b164db89
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=586580a3-573d-439a-bf4a-edc4b164db89
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:38 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=586580a3-573d-439a-bf4a-edc4b164db89
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
1px-matching-go2net.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 27 Nov 2022 05:23:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sfaf25.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
idsync
idsync.admixer.co.kr/
43 B
904 B
Image
General
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27-Nov-2022 14:23:40 +0900
Content-Type
image/gif;
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/
42 B
510 B
Image
General
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=923672e933cf4b91800cab6c268cb029&redir=[RED]
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
admixer-sync
rtb.com.ru/
0
240 B
Image
General
Full URL
https://rtb.com.ru/admixer-sync?uid=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.189 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
mmr445.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B
Image
General
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT, Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Sun, 27 Nov 2022 05:23:39 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
t.adx.opera.com/
35 B
467 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Nov 2022 05:23:39 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
pubmatic
um.simpli.fi/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D923672e933cf4b91800cab6c268cb029
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=0&piggybackCookie=CAESENttWABeaf6gm_fhrFeQOMw&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=0
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 26 Nov 2022 05:23:39 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=0
date
Sun, 27 Nov 2022 05:23:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
208
content-type
text/html; charset=utf-8
/
an.yandex.ru/mapuid/targetrtbis/
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=admixer&id=923672e933cf4b91800cab6c268cb029
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
43 B
108 B
Image
General
Full URL
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 27 Nov 2022 05:23:39 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 27 Nov 2022 05:23:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 27 Nov 2022 05:23:39 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 27 Nov 2022 05:23:39 GMT
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=923672e933cf4b91800cab6c268cb029
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=923672e933cf4b91800cab6c268cb029
43 B
130 B
Image
General
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=923672e933cf4b91800cab6c268cb029
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
168.119.88.34 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.34.88.119.168.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=923672e933cf4b91800cab6c268cb029
date
Sun, 27 Nov 2022 05:23:39 GMT
server
nginx
etag
W/"ccdc1c14f3c80b50293a58c3ce7f7d837796f86a64c141bd5d808d1ad4337403"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
43 B
878 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqZytj9Umd4nfm10NR%2FLUmpFEzl34bMnCkd0u0XpaxIwxnYQFU76gVFtwwF8D76DtFWmJYHAnZ8zhQEZU4NCY4q7MmDNnXiJxpX20k7SoOG739Hu2x3gQ7UFscXJhtXHvLx19ZX%2ByR3UTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77086edb682c3601-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6D0c%2Bqx25Gjx38dgsdWkIC1biSSsGxc49JAiTUnIjrG3GOMhGSSJMn0U106PzNGxm6hC3mJPcvY8yXsnUKAg5RFQ%2FzQFhvTAYniGaiYAVy7w7NqCw049as3G6qOX6w%2F5u1PizltjN76Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
cache-control
no-cache
cf-ray
77086edaed1e3634-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ptag
a.audrte.com/ Frame F91D
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
822ac4e66e48087992e258c5ef7b94a7dd2e7b28af07db80684802b83108cabf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1649
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame F91D
566 B
521 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 26 Nov 2027 05:23:38 GMT
um
u-ams03.e-planning.net/ Frame F91D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da981e504221f38cf%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=a981e504221f38cf&uid=6687655417498589274
42 B
104 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=a981e504221f38cf&uid=6687655417498589274
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Sun, 27 Nov 2022 05:23:38 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:38 GMT
AN-X-Request-Uuid
c8fe274f-5a12-442b-965e-ea2c5289276f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=a981e504221f38cf&uid=6687655417498589274
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame F91D
478 B
514 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 26 Nov 2027 05:23:38 GMT
usync.html
eus.rubiconproject.com/ Frame F0C7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 05:23:39 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 27 Nov 2022 05:23:38 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 4BF8
1 KB
1010 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 27 Nov 2022 05:23:38 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
d20cc9c81a8caa656ac880c8a98cffc0
x-cf-tsc
1668083227
x-cf1
29080:fD.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame 86A7
8 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42be544dc6ed5298999387290acc34903763f83f2491e7d0565b8ce137ce8e32

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
77086ed7cd67dd77-LHR
content-encoding
br
content-type
text/html
date
Sun, 27 Nov 2022 05:23:38 GMT
server
cloudflare
vary
Origin
via
1.1 google
getuid
ib.adnxs.com/ Frame 86A7
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 86A7
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=b8e8a41c-4500-4b5f-be8d-b6d097884265&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d...
95 B
175 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=b8e8a41c-4500-4b5f-be8d-b6d097884265&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086ed96e68dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=b8e8a41c-4500-4b5f-be8d-b6d097884265&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 86A7
0
331 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 86A7
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6297-4d13-4614-4b88-4e22ea492a4b%26reqId%3Dbbd8f8ea-a511-4c0d-62f2-eba040b1b6a8%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 86A7
0
162 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 27 Nov 2022 05:23:38 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1669526619.987745,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4276-LON
u
dmp.v.fwmrm.net/ad/ Frame 86A7
0
411 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f01:4121:4821:f664:be Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086eda7f33dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
date
Sun, 27 Nov 2022 05:23:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=37feae50-42cb-4809-aefc-6f8a9798a1a2&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=37feae50-42cb-4809-aefc-6f8a9798a1a2&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086eda6f28dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=37feae50-42cb-4809-aefc-6f8a9798a1a2&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=68eb6297-4d13-4614-4b88-4e22ea492a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=68eb6297-4d13-4614-4b88-4e22ea492a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=49052870068861857271704152623333851001&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=49052870068861857271704152623333851001&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086ed9aeb7dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v045-0a2056b15.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fhxPv0IrQ+A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=49052870068861857271704152623333851001&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 86A7
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7170562228408285338&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7170562228408285338&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086ed9cec2dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7170562228408285338&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 86A7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=68eb6297-4d13-4614-4b88-4e22ea492a4b
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=68eb6297-4d13-4614-4b88-4e22ea492a4b
95 B
122 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=68eb6297-4d13-4614-4b88-4e22ea492a4b
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=68eb6297-4d13-4614-4b88-4e22ea492a4b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=68eb6297-4d13-4614-4b88-4e22ea492a4b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=68eb6297-4d13-4614-4b88-4e22ea492a4b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=pYkfp9Y9y/4sBlhBtNcmR.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=pYkfp9Y9y/4sBlhBtNcmR.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086eda6f2bdd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:38 GMT
via
1.1 google
last-modified
Sun, 27 Nov 2022 05:23:39 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=pYkfp9Y9y/4sBlhBtNcmR.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086edabf64dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tpid=68eb6297-4d13-4614-4b88-4e22ea492a4b
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 86A7
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=68eb6297-4d13-4614-4b88-4e22ea492a4b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.41
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-T4WhwaRE2opzcr5Di6Ylafz5_0NWUa2Yew--~A&zpartnerid=570&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-T4WhwaRE2opzcr5Di6Ylafz5_0NWUa2Yew--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086edacf78dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-T4WhwaRE2opzcr5Di6Ylafz5_0NWUa2Yew--~A&zpartnerid=570&env=mWeb
date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=15jyDNu27w28fnHmYpWDpK%2FEwae1oLh2%2BS41iYitP1U%3D
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=15jyDNu27w28fnHmYpWDpK%2FEwae1oLh2%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086eda9f4add77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=15jyDNu27w28fnHmYpWDpK%2FEwae1oLh2%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 86A7
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=68eb6297-4d13-4614-4b88-4e22ea492a4b&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 86A7
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.146.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-146-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n015-dub-prod.krxd.net
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1669526619
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 86A7
95 B
361 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=68eb6297-4d13-4614-4b88-4e22ea492a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Sun, 27 Nov 2022 05:23:39 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4L0WwALHaahNgAr&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4L0WwALHaahNgAr&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361&_test=Y4L0WwALHaahNgAr
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086edc7888dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-lcy-eglc8600022-LCY
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669526620.533549,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y4L0WwALHaahNgAr&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361&_test=Y4L0WwALHaahNgAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 86A7
0
208 B
Image
General
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-36.fra60.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Irk328s3SFf9GbAMgZz7X6F3FYPxLNijLj6ouC-RaNZ0zyGiWULqVg==
x-cache
Miss from cloudfront
usermatch.gif
beacon.krxd.net/ Frame 86A7
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.30.146.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-146-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1669526619
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
date
Sun, 27 Nov 2022 05:23:39 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a008-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 86A7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=68eb6297-4d13-4614-4b88-4e22ea492a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b8...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=68eb6297-4d13-4614-4b88-4e22ea492a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b8...
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=68eb6297-4d13-4614-4b88-4e22ea492a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EG9RG4GTWD97PY3ZNMR6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FTPT3PEJKNFJS3MBWNGK
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=68eb6297-4d13-4614-4b88-4e22ea492a4b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 86A7
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=68eb6297-4d13-4614-4b88-4e22ea492a4b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086edb2faddd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
date
Sun, 27 Nov 2022 05:23:39 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 86A7
0
214 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=68eb6297-4d13-4614-4b88-4e22ea492a4b&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 86A7
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=68eb6297-4d13-4614-4b88-4e22ea492a4b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=ee215f43-d1ee-42e9-9868-5fd386e3c346&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d1...
95 B
181 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=ee215f43-d1ee-42e9-9868-5fd386e3c346&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086ed88dd8dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=ee215f43-d1ee-42e9-9868-5fd386e3c346&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame 86A7
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086edb0f9edd77-LHR
access-control-allow-headers
*
content-length
95
/
ads.us.e-planning.net/uspd/1/ Frame 044B
1 KB
872 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c85c9075780a3eb4f26ed8b2cd69b058fc41c6aefd73a056e88c652a96342ee4

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
Sun, 27 Nov 2022 05:23:39 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
d
ic.tynt.com/r/ Frame 9A5C
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
/
onetag-sys.com/usync/ Frame A7EE
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame E630
2 KB
1 KB
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.242 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ed5ee38ef79da92870bcb636d72d65cc1b81cf7991b94be08c744d45e81c163d

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
806
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 05:23:38 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
csync.loopme.me/ Frame B698
0
0
Document
General
Full URL
https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
server
_
sync.html
s.adtelligent.com/ Frame CDA9
2 KB
1 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.178 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
856
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 05:23:38 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7263
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168660
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 29 Nov 2022 04:14:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 19B8
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=586580a3-573d-439a-bf4a-edc4b164db89
0
404 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=586580a3-573d-439a-bf4a-edc4b164db89
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
294ce44dff6cb5cd
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=586580a3-573d-439a-bf4a-edc4b164db89
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 19B8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1669526619175
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2715919165
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2715919165
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
RX5bfde722a04c49608a2cf44aad65a068003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2715919165
cache-control
no-store, no-cache, must-revalidate
expires
0
csync
sync.adtelligent.com/ Frame 19B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6687655417498589274
0
387 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6687655417498589274
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
294ce44dff6cb5cd
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
AN-X-Request-Uuid
a78317f3-0473-4c96-b8c4-1043dc6497c9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6687655417498589274
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ Frame 19B8
0
0
Image
General
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

csync
sync.adtelligent.com/ Frame 19B8
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=f7045891-2677-4ac2-b997-5053af46f405
0
404 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=f7045891-2677-4ac2-b997-5053af46f405
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
294ce44dff6cb5cd
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=f7045891-2677-4ac2-b997-5053af46f405
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
vfarsesc3h7gdohp4o8ocebhdvctj4as
csync
sync.adtelligent.com/ Frame 19B8
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=34d1352b-9d47-42c1-aee6-5738afaea70a
0
404 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=34d1352b-9d47-42c1-aee6-5738afaea70a
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
294ce44dff6cb5cd
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=34d1352b-9d47-42c1-aee6-5738afaea70a
access-control-allow-origin
*
date
Sun, 27 Nov 2022 05:23:39 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 19B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6687655417498589274
0
387 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6687655417498589274
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
294ce44dff6cb5cd
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
AN-X-Request-Uuid
9e3f8938-0240-4424-a4ed-300bb7347ca1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6687655417498589274
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame 19B8
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Nov 2022 05:23:39 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 19B8
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=923672e933cf4b91800cab6c268cb029
0
400 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=923672e933cf4b91800cab6c268cb029
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
294ce44dff6cb5cd
Content-Length
0

Redirect headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=923672e933cf4b91800cab6c268cb029
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
usync.js
eus.rubiconproject.com/ Frame F0C7
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 10:32:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18479
Connection
keep-alive
Content-Length
10066
Expires
Sun, 27 Nov 2022 10:31:38 GMT
ptag
a.audrte.com/ Frame 044B
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
822ac4e66e48087992e258c5ef7b94a7dd2e7b28af07db80684802b83108cabf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1649
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 044B
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 26 Nov 2027 05:23:38 GMT
um
u-ams03.e-planning.net/ Frame 044B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D116c3b434851f937%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=116c3b434851f937&uid=6687655417498589274
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=116c3b434851f937&uid=6687655417498589274
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Sun, 27 Nov 2022 05:23:39 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
AN-X-Request-Uuid
f106d2fc-9a3b-4517-bcf0-29ca6185ac38
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=116c3b434851f937&uid=6687655417498589274
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 044B
478 B
514 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:38 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 26 Nov 2027 05:23:38 GMT
usync.html
eus.rubiconproject.com/ Frame 540C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 05:23:39 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 27 Nov 2022 05:23:39 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 7D0E
1 KB
1010 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
a26b29ae0443e018985280cc36c199a8
x-cf-tsc
1668083227
x-cf1
29080:fD.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame 300C
552 B
727 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7cfbb1fd4b37176f87d8c82cfba04e233ee31ff3d94d033be54c69136625fd

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
77086ed9aeb1dd77-LHR
content-encoding
br
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
server
cloudflare
vary
Origin
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60CE
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168660
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 29 Nov 2022 04:14:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E31E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.php
pixel.rubiconproject.com/exchange/ Frame CDA9
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
csync
sync.adtelligent.com/ Frame CDA9
43 B
320 B
Image
General
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
294ce44dff6cb5cd
Content-Length
43
Content-Type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame F0C7
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 300C
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D68eb6...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=cf41f14e-d46b-49e3-6680-831bc1174c1b&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=cf41f14e-d46b-49e3-6680-831bc1174c1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086edb1fa0dd77-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=cf41f14e-d46b-49e3-6680-831bc1174c1b&zdid=1361
date
Sun, 27 Nov 2022 05:23:39 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 300C
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=cf41f14e-d46b-49e3-6680-831bc1174c1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77086ed9feebdd77-LHR
access-control-allow-headers
*
content-length
95
usync.js
eus.rubiconproject.com/ Frame 540C
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 10:32:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18479
Connection
keep-alive
Content-Length
10066
Expires
Sun, 27 Nov 2022 10:31:38 GMT
csync
sync.console.adtarget.com.tr/ Frame 8AB1
0
390 B
Document
General
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 27 Nov 2022 05:23:39 GMT
Etag
897052c61d319b7c
Server
Adtelligent
cookie
cm.adform.net/ Frame D92B
43 B
106 B
Document
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Sun, 27 Nov 2022 05:23:39 GMT
server
nginx
cm-notify
creativecdn.com/ Frame 8DAC
42 B
243 B
Document
General
Full URL
https://creativecdn.com/cm-notify?pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
content-type
image/gif
date
Sun, 27 Nov 2022 05:23:39 GMT Sun, 27 Nov 2022 05:23:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
csync
sync.console.adtarget.com.tr/ Frame BF82
0
390 B
Document
General
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=738101&extuid=${UID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 27 Nov 2022 05:23:39 GMT
Etag
897052c61d319b7c
Server
Adtelligent
csync
sync.adtelligent.com/ Frame E630
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=897052c61d319b7c
0
384 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=897052c61d319b7c
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
294ce44dff6cb5cd
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=897052c61d319b7c
Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Adtelligent
Etag
897052c61d319b7c
Content-Length
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame F91D
52 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 19:00:23 GMT
content-encoding
gzip
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
37397
etag
W/"b3509b007a9d747642c6a762ce4aed79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
2tatoo9pLHyMMTIGNqDuVKtbX-IW-r-vS8aQYWxGQL7vRetF4etpbg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 6951
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
W/"601b131c-27c"
expires
Fri, 26 Nov 2027 05:23:39 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame AE63
49 KB
17 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Da981e504221f38cf%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AcO1rgXHtBeh
x-77-nzt-ray
25b021318a2fe2d85bf4826313593910
x-77-pop
frankfurtDE
x-accel-expires
@1670563419
x-cache
MISS
adxcm.aspx
inv-nets.admixer.net/ Frame 5B1C
43 B
463 B
Document
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ABTUR2HCDFtHa9UW
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 27 Nov 2022 05:23:39 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
khaos.jpg
token.rubiconproject.com/ Frame 540C
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GS.d
js.cookieless-data.com/ Frame 6951
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1669526619307
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 044B
52 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 19:00:23 GMT
content-encoding
gzip
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
37397
etag
W/"b3509b007a9d747642c6a762ce4aed79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
-GdBREHk0Nzt_-lnMfTewE_N7CoQaHdxdZ6YhQHFhq56T7Ui1PcdoQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 81F9
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
W/"601b131c-27c"
expires
Fri, 26 Nov 2027 05:23:39 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 89E4
49 KB
17 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D116c3b434851f937%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AcO1rgWbvX6h
x-77-nzt-ray
25b021318a2fe2d85bf48263ae983016
x-77-pop
frankfurtDE
x-accel-expires
@1670563419
x-cache
MISS
csync
sync.adtelligent.com/ Frame B8CB
0
384 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABTUR2HCDFtHa9UW
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 27 Nov 2022 05:23:39 GMT
Etag
294ce44dff6cb5cd
Server
Adtelligent
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame F0C7
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GS.d
js.cookieless-data.com/ Frame 81F9
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1669526619402
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 60CE
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17664296&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7676d695d20a1253ad1cd9f7834d2a3cb01646236de2caa17cd8a6f97859a43d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 05:23:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync.php
pixel.rubiconproject.com/exchange/ Frame F0C7
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F0C7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XNEfRrJjTJmEwiEy8-4ziw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XNEfRrJjTJmEwiEy8-4ziw
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XNEfRrJjTJmEwiEy8-4ziw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9X624EP9T3VEE5KBXQQ4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XNEfRrJjTJmEwiEy8-4ziw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame F0C7
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=36584
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F0C7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F0C7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8178258092603399877&expires=60&gdpr=&gdpr_consent=
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8178258092603399877&expires=60&gdpr=&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8178258092603399877&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame F0C7
Redirect Chain
  • https://rbp.mxptint.net/sn.ashx
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1B341_F9FDD0F0_13E25B37D&expires=60
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1B341_F9FDD0F0_13E25B37D&expires=60
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R1B341_F9FDD0F0_13E25B37D&expires=60
Date
Sun, 27 Nov 2022 05:23:39 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-352513419; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
227
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame F0C7
Redirect Chain
  • https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma
no-cache
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
expires
0
bridge
cm.adgrx.com/ Frame F0C7
43 B
283 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
match
c1.adform.net/serving/cookie/ Frame 0681
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent=
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 1F2A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80b36382-f45c-4700-a349-cb746816a245&gdpr=0&gdpr_consent=
42 B
326 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80b36382-f45c-4700-a349-cb746816a245&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 27 Nov 2022 05:23:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 27 Nov 2022 05:23:40 GMT
Expires
Sun, 27 Nov 2022 05:23:39 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master hkg-pixel-x25 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80b36382-f45c-4700-a349-cb746816a245&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 62B9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3345251833063677006
568 B
623 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3345251833063677006
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 05:23:38 GMT
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3345251833063677006
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 007E
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
Sun, 27 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
568411
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 645B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 27 Nov 2022 05:23:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3Z6XNQ7XDG4N1RKE7ZCT

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 27 Nov 2022 05:23:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YYK3YENEDKG7YDD3Q61P
cs
cs.yellowblue.io/ Frame E59F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6687655417498589274&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
0
280 B
Document
General
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.58.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-58-50.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Sun, 27 Nov 2022 05:23:39 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 05:23:38 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 1830
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf
42 B
356 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 27 Nov 2022 05:23:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
cs
cs.yellowblue.io/ Frame CC9F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7170562228408285338&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
0
281 B
Document
General
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.58.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-58-50.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Sun, 27 Nov 2022 05:23:39 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 05:23:38 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
adx
match.prod.bidr.io/cookie-sync/ Frame 3283
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMG1VN0hCZWtBQUNBSGFueDMwdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
433 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.40.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-40-8.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
gunicorn
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 97BE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tlCOYiJFTSZjzMvyrBTYQNmKxGU
42 B
383 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tlCOYiJFTSZjzMvyrBTYQNmKxGU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 27 Nov 2022 05:23:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 27 Nov 2022 05:23:39 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tlCOYiJFTSZjzMvyrBTYQNmKxGU
cs
cs.yellowblue.io/ Frame 5F5F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4L0WwALHaahNgAr&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
0
280 B
Document
General
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.58.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-58-50.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Sun, 27 Nov 2022 05:23:39 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 05:23:39 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
csync.loopme.me/ Frame BE2B
0
0
Document
General
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame AA08
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
410 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77086ede0d5174e9-LHR
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77086edccce874e9-LHR
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
8167
cookiesync
core.iprom.net/ Frame 3294
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 27 Nov 2022 05:23:39 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-21f2b38cfaeb@version_1.531
X-core-time
0ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame 290B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7783286988
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7783286988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 27 Nov 2022 05:23:39 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 27 Nov 2022 05:23:39 GMT
etag
RX5bfde722a04c49608a2cf44aad65a068003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7783286988
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pub
matching.truffle.bid/sync/ Frame 542E
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame C4E9
43 B
282 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2906f105f18b735/gdpr=0/ Frame A8FC
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2906f105f18b735/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B
Document
General
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2906f105f18b735/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhXRaUMbaVMbShTYV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.21.201

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2906f105f18b735/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhXRaUMbaVMbShTYV
cm
ipac.ctnsnet.com/int/ Frame 2FCA
43 B
369 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 27 Nov 2022 05:23:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cs
cs.yellowblue.io/ Frame 53BA
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:94D78BDA05374341A761C91AFA074DA1&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
0
280 B
Document
General
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.58.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-58-50.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Sun, 27 Nov 2022 05:23:39 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 05:23:39 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=923672e933cf4b91800cab6c268cb029
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csync
sync.adtelligent.com/ Frame 59F0
0
404 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 27 Nov 2022 05:23:39 GMT
Etag
294ce44dff6cb5cd
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bTXfuE5zSyGXSd_64KI3YA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=168660
accept-ranges
bytes
content-length
5549
expires
Tue, 29 Nov 2022 04:14:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 60CE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd246382-f45c-4200-8673-fe5ee3b31e6b
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd246382-f45c-4200-8673-fe5ee3b31e6b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Server
MT3 169 32252b7 master hkg-pixel-x23 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd246382-f45c-4200-8673-fe5ee3b31e6b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 27 Nov 2022 05:23:39 GMT
generic
match.adsrvr.org/track/cmf/ Frame 60CE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
pubmatic
um.simpli.fi/ Frame 60CE
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 26 Nov 2022 05:23:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 60CE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3268580196313880769
42 B
219 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3268580196313880769
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3268580196313880769
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 60CE
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
odr.mookie1.com/t/v2/ Frame 60CE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ee215f43-d1ee-42e9-9868-5fd386e3c346&ssp=pubmatic&gdpr=0&gdpr_consent=
43 B
61 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ee215f43-d1ee-42e9-9868-5fd386e3c346&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H3
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ee215f43-d1ee-42e9-9868-5fd386e3c346&ssp=pubmatic&gdpr=0&gdpr_consent=
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
6D35DFB8-4E73-4B21-9749-DFFAE0A23760
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 60CE
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6D35DFB8-4E73-4B21-9749-DFFAE0A23760?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:2256:d6d3:539d:24e0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 60CE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BTzOHJ9E2uUkD6Va3nT6vdcRAhiQ81I-~A&gdpr=0&gdpr_consent=
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BTzOHJ9E2uUkD6Va3nT6vdcRAhiQ81I-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BTzOHJ9E2uUkD6Va3nT6vdcRAhiQ81I-~A&gdpr=0&gdpr_consent=
date
Sun, 27 Nov 2022 05:23:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 60CE
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 60CE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8538546062793039557&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8538546062793039557&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8538546062793039557&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 60CE
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 60CE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:30f90087-ad4c-4320-baa3-858c69dc628d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
0
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:30f90087-ad4c-4320-baa3-858c69dc628d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:30f90087-ad4c-4320-baa3-858c69dc628d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 60CE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6687655417498589274
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6687655417498589274
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 27 Nov 2022 05:23:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 05:23:39 GMT
AN-X-Request-Uuid
c6a7028e-e777-4d9f-847a-bf7893213cec
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6687655417498589274
Connection
keep-alive
X-Proxy-Origin
217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptrack
a.audrte.com/ Frame 044B
368 B
901 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.101&p=M1353665098&artime=2022-11-27T05:23:39.582Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2089fdd7c94bb163dc84cb8767f0aeb15e8e62134c5a4516dec71df246df596e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 044B
155 B
629 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 27 Nov 2022 04:04:31 GMT
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
4760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
PcxqgJ_f1a3EnZMWsrk_GITsKnCLVggsAzzHvHYm0mJ0f3dyus0jrQ==
pixel
ps.eyeota.net/ Frame 044B
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 044B
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3268580196313880769
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEIJWK9nRH3EYwn7gSV3kbpE&google_cver=1
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 044B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent=&google_gid=CAESEIJWK9nRH3EYwn7gSV3kbpE&google_cver=1
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 27 Nov 2022 05:23:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
data
bcp.crwdcntrl.net/6/ Frame 044B
60 B
338 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6fd78c8aa95db27ab69f625976d04241a14c268deac9afae752919a254899ba8

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.29.111
access-control-allow-credentials
true
content-length
60
expires
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=33703f42-b374-4fd8-b5f3-6f9c313e8412
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Nov 2022 05:23:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ptrack
a.audrte.com/ Frame F91D
368 B
901 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.101&p=M1353665098&artime=2022-11-27T05:23:40.278Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=b2Zmc2lkZS5jb20udWEv
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
182dcaf4116131c8dc11151fc2179fdf91157ce36b9b39443b16043f517db5e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame F91D
155 B
626 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 27 Nov 2022 04:04:31 GMT
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
4761
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
cgmakSbC8upVjpeNhe_72-Q4H_FcpRQHlhfiz2i3ge5ro2YqIxZD0w==
data
bcp.crwdcntrl.net/6/ Frame F91D
60 B
338 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fd10e568b17d9adfa3f1fe782f0807c699601eac77760e8c89908dd875e7c340

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.22.112
access-control-allow-credentials
true
content-length
60
expires
0
p
a.audrte.com/ Frame F91D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent=&google_gid=CAESEIJWK9nRH3EYwn7gSV3kbpE&google_cver=1
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame F91D
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3268580196313880769
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame F91D
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=489kVslS-fBSGSSL4NagKkzdA&gdpr=0&gdpr_consent=
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:40 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
989cd208ef0d5162de46025aa76ddbce3ae9a6c9852da6eb0a725dd8f01e0982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11209
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 05:23:41 GMT
um
u-ams03.e-planning.net/ Frame 89E4
42 B
103 B
Document
General
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=116c3b434851f937&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D116c3b434851f937%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 27 Nov 2022 05:23:41 GMT
server
openresty
um
u-ams03.e-planning.net/ Frame AE63
42 B
103 B
Document
General
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=a981e504221f38cf&uid=2799041a3515fb48b172c141f80c0fdc
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Da981e504221f38cf%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 27 Nov 2022 05:23:41 GMT
server
openresty
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C4E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 05:05:32 GMT
expires
Mon, 27 Nov 2023 05:05:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B8D9
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
15f3eae8865edf271c4b41e6a6f2863b72e111368abfd3a7e8e91bf08928e358
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OMh7M74R5qMQwMEcXQefVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-OMh7M74R5qMQwMEcXQefVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 05:23:41 GMT
expires
Sun, 27 Nov 2022 05:23:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 9C4E
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 17:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 17:59:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B8D9
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3871893254437559&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

SPug
simage4.pubmatic.com/AdServer/ Frame 60CE
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame 9C4E
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?DIbeHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3871893254437559&bg=!FxSlFFDNAAbvMpMzzzI7ACkAdvg8Wkeltd6NL-gKhBNEPun7IRvzPlXlm8xgGZDy_4Q5kW7cKJ7LOgIAAAB_UgAAAAtoAQcKANZvGM27YeS9a2o1quFZ57Bn8PVDSaI4fdatCH6ZoN_9zAEXqkW8kyLIfSGZfgiFlCKVK1jal2QIDvHvasMJP-86sBPkeqFxiZpoNyL20RcBb9cuFCDCIQzvgaPoOxQZYhHGq46mMwGiLNFhKb1D9NTYo0Z_-i_gjoZu-z0JZI5AY-GjchX-i37q6f4m8zYt9_admp8jDW6g1rGKMMSg1ZM8JrdglBPmHaAFSGIKDzfLXEesgiHOJ_uJAIG3eo_yqMFMAn4u_F381uP4siLWsD5JQpy8T0memQKeM9qMLdLZqs4R5aP1zW2VCOITFnznwDeOu5g-DmLshr3ETFl4NJPG6rmrsMB74nMyPVHkg5OeoykgozEX8vljeaED144x7YyHt40G2IPO1nqp5kW72FBQX2LTEtwBsUtPcndijY3Yj3IdiQrI5JavA0MRGkyXHwVCAZMyTRiF9vWXVpst0udEhye3R6tjepaZ87xytvfPOtWxQu3njo2VEqb0VXQYAQm-dg7MHv-5oz3VtFVwFV0fQphA2D7LiSfe2GZHXQw4ciGCSnT-pC1wPKKvRrflmktNCP-goLlLBM1HyipT93XdexJJ7hH4FwX9A3vBn4wABF0W_74zxhoXrimo0FrQ6Gzd6b2UeQ2U15ehNZpG2BV3-4a687Xug-4YayvqN5F40meY1Nid_gVw7cQKSa-lgWvZLESZe2i5aak8bYhO4lAbVQnf5nZDpoMRHenyA1eMtuiZszYQ6VWBU-N_WA7MQaS_jxbKpn2GMq2RD3YSgMr2eD3oWEderuA6CPTewewXpQ6Mw9gb1NGVZLil8EFrSt5YNBMGyD6oA-tDtB2B7CddKuG-eJ9JGAVv1950UgggCOk8x9i9mdWyDXuv7a1gtlUQlRPsN_WQHLR2QjSbVsj1IZsOlEqUsv-hXexYKMWbyOBDKQMaXYYSdbat5_M18cjD5ZSKdZBWvkNv4gmStbRz4GKao0Oib27Rc3m_Qu7ldyCEBYDnb--7JhU-Ox6_SjhtZjiLMJHYIIO_V9UhqTefmVoaTdJOt6GsQJjLD_idT7t1ibChuSL9MNyjQQBJ4gWhpLVjdhEf9xrktqbBgIKvk9FWwRGzQAugF9byuQXaooIMlVpJjbAtdkRf44znkL-_ZU5y1Wz5-avLDt4Cf6yi2VQjpllQKg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

PugMaster
image6.pubmatic.com/AdServer/ Frame 7263
886 B
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44394661&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
693d2018099964feeb024f557cbdb89797a464d71f0d33de1aa0ebf0391525ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 27 Nov 2022 05:23:40 GMT
content-length
886
content-type
text/html; charset=UTF-8
csync
sync.adtelligent.com/ Frame 1A70
0
404 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 27 Nov 2022 05:23:42 GMT
Etag
294ce44dff6cb5cd
Server
Adtelligent
Artemis
aud.pubmatic.com/AdServer/ Frame 7263
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&addseg=11,34,40
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&addseg=11,34,40
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Sun, 27 Nov 2022 05:23:42 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&addseg=11,34,40
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 7263
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:52 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 05:23:52 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6D35DFB8-4E73-4B21-9749-DFFAE0A23760&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7263
95 B
193 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77086eeedc71dd77-LHR
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 7263
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6D35DFB8-4E73-4B21-9749-DFFAE0A23760
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-233-198.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:23:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 27 Nov 2022 05:23:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7263
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=47ed509c-3224-4ac4-9247-092b2a0e295c&gdpr=0&gdpr_consent=
1 B
333 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=47ed509c-3224-4ac4-9247-092b2a0e295c&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 05:23:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=47ed509c-3224-4ac4-9247-092b2a0e295c&gdpr=0&gdpr_consent=
Date
Sun, 27 Nov 2022 05:23:42 GMT
Connection
keep-alive
X-CI-RTID
b906c0d8-676d-4a88-9531-28bcf9e3cda2
Content-Length
205
Content-Type
text/html; charset=utf-8
common.js
maps.google.com/maps-api-v3/api/js/51/1/
248 KB
68 KB
Script
General
Full URL
https://maps.google.com/maps-api-v3/api/js/51/1/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db099e95eb910c80a88cff3a375d59c4533d74c328b5c94189fe32f0b0ae28a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 18:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69662
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:36:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 18:44:22 GMT
util.js
maps.google.com/maps-api-v3/api/js/51/1/
166 KB
61 KB
Script
General
Full URL
https://maps.google.com/maps-api-v3/api/js/51/1/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc4b582e1dcce5a8347546dce540c0b431f22a8f78811240328a2fc5f8eb7b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 18:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62575
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:36:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 18:44:22 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7263
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 05:23:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| rcewpp function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery object| Rcl object| rcl_actions object| rcl_filters object| rcl_beats number| rcl_beats_delay object| rcl_url_params function| rcl_do_action function| rcl_add_action function| rcl_apply_filters function| rcl_add_filter function| rcl_get_value_url_params function| rcl_is_valid_url function| setAttr_rcl function| rcl_update_history_url function| rcl_init_cookie function| rcl_add_dynamic_field function| rcl_remove_dynamic_field function| rcl_rand function| rcl_notice function| rcl_close_notice function| rcl_preloader_show function| rcl_preloader_hide function| rcl_setup_datepicker_options function| rcl_show_datepicker function| rcl_remove_datepicker_box function| rcl_init_field_file function| rcl_init_runner function| rcl_init_range function| rcl_init_color function| rcl_init_field_maxlength function| rcl_init_ajax_editor function| rcl_setup_quicktags function| rcl_add_ajax_quicktags function| rcl_add_quicktags function| rcl_proccess_ajax_return function| rcl_ajax function| rcl_submit_form function| rcl_send_form_data function| rcl_check_form function| rcl_add_beat function| rcl_remove_beat function| rcl_exist_beat function| rcl_init_table function| rcl_table_search function| RclForm function| rcl_chek_form_field function| rcl_init_iconpicker object| RclUploaders function| RclClassUploaders function| RclUploader function| rcl_init_uploader function| rcl_init_dropzone function| rcl_delete_attachment function| rcl_add_attachment_in_editor function| rcl_update_require_checkbox function| rcl_init_update_requared_checkbox function| rcl_init_ajax_tab function| rcl_get_options_url_params function| rcl_add_dropzone function| passwordStrength function| rcl_manage_user_black_list function| rcl_show_tab function| rcl_init_recallbar_hover function| rcl_add_class_upload_tab function| rcl_add_preloader_tab function| rcl_init_get_smilies function| rcl_init_hover_smilies function| rcl_init_click_smilies function| rcl_init_close_popup function| rcl_init_click_overlay function| rcl_init_click_float_window function| rcl_init_loginform_shift_tabs function| rcl_init_check_url_params function| rcl_init_close_notice function| rcl_init_login_form function| rcl_show_login_form_tab function| rcl_show_float_login_form function| rcl_hide_float_login_form function| rcl_setup_position_float_form function| rcl_beat function| rcl_get_actual_beats_data function| rcl_close_votes_window function| rcl_edit_rating function| rcl_get_list_votes function| rcl_view_list_votes object| rcl_public_form function| rcl_setup_async_upload function| rcl_init_click_post_thumbnail function| rcl_get_post_thumbnail_html function| rcl_remove_post_thumbnail function| rcl_delete_post function| rcl_delete_thumbnail_attachment function| rcl_edit_post function| rcl_preview function| rcl_save_draft function| rcl_check_publish function| rcl_publish function| rcl_check_required_fields function| rcl_get_prefiew_content function| rcl_preview_close function| rcl_init_public_form function| rcl_init_thumbnail_uploader function| rcl_set_post_thumbnail function| rcl_switch_attachment_in_gallery object| rcl_chat_last_activity object| rcl_chat_beat number| rcl_chat_write number| rcl_chat_contact_token number| rcl_chat_inactive_counter number| rcl_chat_important number| rcl_chat_max_words object| rcl_chat_sound function| rcl_chat_init_sound function| rcl_chat_inactivity_cancel function| rcl_chat_inactivity_counter function| rcl_chat_scroll_bottom function| rcl_reset_active_mini_chat function| rcl_chat_counter_reset function| rcl_chat_add_message function| rcl_chat_clear_beat function| rcl_set_active_mini_chat function| rcl_init_chat function| rcl_chat_close function| rcl_chat_write_status function| rcl_chat_write_status_cancel function| rcl_chat_add_new_message function| rcl_chat_navi function| rcl_get_mini_chat function| rcl_chat_words_count function| rcl_chat_remove_contact function| rcl_chat_message_important function| rcl_chat_important_manager_shift function| rcl_chat_delete_message function| rcl_chat_delete_attachment function| rcl_chat_shift_contact_panel function| rcl_chat_init_beat function| rcl_chat_beat_core function| rcl_chat_beat_success function| rcl_get_chat_window object| globalAmlAds string| ms_grabbing_curosr string| ms_grab_curosr object| AdProvider string| hts string| sbiajaxurl object| anyCommentApiSettings object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| ExoLoader object| ExoSupport object| resolver object| streaming object| VastSupport function| instantiateViewability function| ExoAdsRefresh object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| html5 object| Modernizr function| yepnope object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| ClipboardJS object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$geometry$spherical object| module$exports$mapsapi$poly$polylineCodec object| wpgmp_local object| admixerJSONP function| HELPER object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| hb_dmx_res object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb function| parcelRequire function| html2canvas function| _open object| GoogleGcLKhOms

137 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: 923672e933cf4b91800cab6c268cb029
.offside.com.ua/ Name: _ga_83HN7YJGYM
Value: GS1.1.1669526617.1.0.1669526617.0.0.0
.offside.com.ua/ Name: _ga
Value: GA1.1.62263410.1669526617
.cdn.adpool.bet/ Name: AU
Value: 153c6cea4d0ab35d
.offside.com.ua/ Name: _ga_5MF0YH07SE
Value: GS1.1.1669526617.1.0.1669526617.0.0.0
.yadro.ru/ Name: FTID
Value: 1ZWlHP2aQwuS1ZWlHP002PEh
.exdynsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226382f45958e3c2.632852432450790763%22%3B%7D
.exdynsrv.com/ Name: __upt
Value: %7B%22v%22%3A1%2C%22id%22%3A%226382f45958e3c2.632852432450790763%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22502.0199%22%7D
.yadro.ru/ Name: VID
Value: 20zjl_3husOS1ZWlHP002PFr
a.adtng.com/ Name: adtool_guid
Value: Ch5KEmOC9FkNGiIE9S8kAg==
a.adtng.com/ Name: RNLBSERVERID
Value: ded7041
offside.com.ua/ Name: pll_language
Value: ru
.offside.com.ua/ Name: __gads
Value: ID=821032e599943a64-22f1ad1493d70074:T=1669526617:RT=1669526617:S=ALNI_MZXfU_kcnuVzv-xIlakcFx_0tYzaA
.offside.com.ua/ Name: __gpi
Value: UID=00000b88e4a64507:T=1669526617:RT=1669526617:S=ALNI_MYjGExfbP2yayysDWOQsUP3pTRqmQ
offside.com.ua/ Name:
Value: store.test
.admixer.net/ Name: am-uid
Value: 923672e933cf4b91800cab6c268cb029
offside.com.ua/ Name: am-uid
Value: 923672e933cf4b91800cab6c268cb029
ads.us.e-planning.net/ Name: CT
Value: 1
.adnxs.com/ Name: uuid2
Value: 6687655417498589274
.bidswitch.net/ Name: tuuid
Value: ee215f43-d1ee-42e9-9868-5fd386e3c346
.bidswitch.net/ Name: c
Value: 1669526618
.bidswitch.net/ Name: tuuid_lu
Value: 1669526618
.yahoo.com/ Name: A3
Value: d=AQABBFr0gmMCEDWoRCOOPiit6pxfGgVHz9cFEgEBAQFFhGOMYwAAAAAA_eMAAA&S=AQAAAjD5dRQTAQ6U3FUxbWIoi1U
.e-planning.net/ Name: E
Value: ABTUR2HCDFtHa9UW
a4p.adpartner.pro/ Name: apuid
Value: 586580a3-573d-439a-bf4a-edc4b164db89
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6D35DFB8-4E73-4B21-9749-DFFAE0A23760
pa.tns-ua.com/ Name: uid
Value: Z895FFF440A041A1AF07D02C46AE9611
.zeotap.com/ Name: zc
Value: 68eb6297-4d13-4614-4b88-4e22ea492a4b
.lemmatechnologies.com/ Name: uid
Value: a61e746f-6e13-11ed-a669-801844df107c
.scoota.co/ Name: tuuid
Value: 7a25f043-5a7f-4350-883a-ac49aad285f6
.scoota.co/ Name: c
Value: 1669526618
.doubleclick.net/ Name: IDE
Value: AHWqTUkf30KiipWhe1DzhzllhOjaoIO7Pez0EAGNYWokAb6LG72a8JOCvtciEstQJuk
.scoota.co/ Name: tuuid_lu
Value: 1669526619
.demdex.net/ Name: demdex
Value: 49052870068861857271704152623333851001
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1669526619027
.tapad.com/ Name: TapAd_DID
Value: 1f092d2b-2704-42e0-9c88-827795798b70
.nrich.ai/ Name: _nauid
Value: cf08ae2e-6b1f-4b65-8b22-078dcdcf1753
.dpm.demdex.net/ Name: dpm
Value: 49052870068861857271704152623333851001
.weborama.fr/ Name: AFFICHE_W
Value: peaGBOACOn6l93
.adfarm1.adition.com/ Name: UserID1
Value: 7170562228408285338
.zeotap.com/ Name: zsc
Value: K%BEY%FC%87k%60%86%BF%85_%F3%5D%225%8B%A79q%AC%A1%B6%A1%86%A7%99%AA%05%D8%7C%8C%26%C8%5C%21.%EC%88y%0A%25%EDF%D2%DF%04c%A1%AB%3DOUO%87v%B5%27%90E+%ED%B4%09%8C%D5%83%E8I%E5rx%94%3F%D1%8Fx%C2%93%C5%C3%AB%5B%0B%17%83.O%A8Dt%D9%7C%A6%3A8hLx%C9rv3%A0%5Ep%04s%D3%DD%DF~.%AEn%EC%B6A%EDn%0F%DE%FEa%1D%17%9Du%AF%80+%09%80%82c%8C%DAS%A2%7F%06%5CR-Q%E8%F2%0F%F1%EC%FC%BD%D7%19Y%06%AF-5k%C06R%DAI%9C%D3%08
.tidaltv.com/ Name: tidal_ttid
Value: 37feae50-42cb-4809-aefc-6f8a9798a1a2
.openx.net/ Name: i
Value: 1d76e807-366f-46dc-88cd-58ae4a3a0575|1669526619
.360yield.com/ Name: tuuid
Value: 34d1352b-9d47-42c1-aee6-5738afaea70a
.360yield.com/ Name: tuuid_lu
Value: 1669526619
.creativecdn.com/ Name: u
Value: wbgkdDYu0Uq64Kbe657I
.creativecdn.com/ Name: ts
Value: 1669526619
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjY0sTK0MAIAOZt6swkAAAA="
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.agkn.com/ Name: ab
Value: 0001%3AGZg94F3vzMXK33nzPGqduIfYlpS%2BJpVg
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: 8c2f1654-6acc-544b-8621-d2ace5a326f7
.betweendigital.com/ Name: ss
Value: 1
.adtelligent.com/ Name: vmuid
Value: 294ce44dff6cb5cd
.krxd.net/ Name: _kuid_
Value: POShoZVi
.richaudience.com/ Name: avcid-zeo-uid
Value: 68eb6297-4d13-4614-4b88-4e22ea492a4b
.casalemedia.com/ Name: CMID
Value: Y4L0W0AsQEoBfmo6-VBp7QAA
.casalemedia.com/ Name: CMPS
Value: 1821
.casalemedia.com/ Name: CMPRO
Value: 1821
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENttWABeaf6gm_fhrFeQOMw&KRTB&16514-CAESENttWABeaf6gm_fhrFeQOMw&KRTB&23025-CAESENttWABeaf6gm_fhrFeQOMw&KRTB&23386-CAESENttWABeaf6gm_fhrFeQOMw
.exchange.buzzoola.com/ Name: uuid
Value: bb4ae47e-9709-4aed-74ba-d5d91a4c0980
.adtelligent.com/ Name: a307558
Value: 586580a3-573d-439a-bf4a-edc4b164db89
.casalemedia.com/ Name: CMTS
Value: 1826
.console.adtarget.com.tr/ Name: vmuid
Value: 897052c61d319b7c
.fwmrm.net/ Name: _uid
Value: "o2362_7170562228406892966"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4L0WwALHaahNgAr
.adtelligent.com/ Name: a297253
Value: 6687655417498589274
.adx.opera.com/ Name: UID
Value: OPU5d473926d4024f0e9c5911fda90c4e7c
.adtelligent.com/ Name: a289656
Value: 34d1352b-9d47-42c1-aee6-5738afaea70a
.adtelligent.com/ Name: a584890
Value: 6687655417498589274
.betweendigital.com/ Name: ut
Value: Y4L0XAAG0hjir2Q8WWn98MZpiasSGEB4xxSADg==
.adtelligent.com/ Name: a307971
Value: ABTUR2HCDFtHa9UW
.adform.net/ Name: C
Value: 1
.adtelligent.com/ Name: a318342
Value: 897052c61d319b7c
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5bfde722-a04c-4960-8a2c-f44aad65a068-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adtelligent.com/ Name: a309255
Value: f7045891-2677-4ac2-b997-5053af46f405
.console.adtarget.com.tr/ Name: a307565
Value: ${UID}
.console.adtarget.com.tr/ Name: a738101
Value: ${UID}
.simpli.fi/ Name: suid
Value: CA6F781748854EE6BAE3467536BA5436
.analytics.yahoo.com/ Name: IDSYNC
Value: "1985~28it:19ah~28it:18z8~28it"
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6687655417498589274&KRTB&23339-6687655417498589274
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y4L0WwALHaahNgAr&KRTB&22978-Y4L0WwALHaahNgAr&KRTB&23194-Y4L0WwALHaahNgAr&KRTB&23209-Y4L0WwALHaahNgAr
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7170562228408285338&KRTB&23369-7170562228408285338
.turn.com/ Name: uid
Value: 8538546062793039557
.adtelligent.com/ Name: p440467
Value: 923672e933cf4b91800cab6c268cb029
.adform.net/ Name: uid
Value: 3268580196313880769
.ctnsnet.com/ Name: cid_37ee74ff666445c6accbf465e4120aca
Value: 1
.onaudience.com/ Name: cookie
Value: b2906f105f18b735
.onaudience.com/ Name: done_redirects147
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3A-lkW6HnKnnQkdQSyiCct0SSWMr8ShXot.iwYqHkvWnGusmzk5CcGRe2FHQYhLx0EdEqUx%2BSxmsh0
.adsby.bidtheatre.com/ Name: __kuid
Value: 30f90087-ad4c-4320-baa3-858c69dc628d.438740619
.quantserve.com/ Name: d
Value: ELEBCwHWJ_ijAA
.quantserve.com/ Name: mc
Value: 6382f45b-a377a-4738a-625bf
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8538546062793039557&KRTB&23150-8538546062793039557
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf&KRTB&19420-nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf&KRTB&22979-nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf&KRTB&23403-nbICMc21D2GG4Ak0nOAXN5yyAmKGtwg2yefpIKZf
.de17a.com/ Name: guid
Value: 1.3345251833063677006
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3268580196313880769&KRTB&23263-3268580196313880769
.adtelligent.com/ Name: a281178
Value: 6D35DFB8-4E73-4B21-9749-DFFAE0A23760
.bidr.io/ Name: bito
Value: AAD0mU7HBekAACAHanx30w
.bidr.io/ Name: bitoIsSecure
Value: ok
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.onaudience.com/ Name: done_redirects104
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A0y3ynf-L01ltSnE7fo70kI
.yandex.ru/ Name: yuidss
Value: 3647206881669526619
.yandex.ru/ Name: yandexuid
Value: 3647206881669526619
.audrte.com/ Name: arcki2_adform
Value: 3268580196313880769!20220908!1669526619839
.audrte.com/ Name: arcki2_ddp
Value: CAESEIJWK9nRH3EYwn7gSV3kbpE!20220908!1669526619843
.mxptint.net/ Name: mxpim
Value: R1B341_F9FDD0F0_13E25B37D.1.00000000000000000000000000000000000000000000000000000000000000000000000000000000000000006382F45B
.eyeota.net/ Name: SERVERID
Value: 22972~DM
.tribalfusion.com/ Name: ANON_ID
Value: axnseFsKBRgFmDqU7pewB1rIJt5PDF4MXEVbMHmUqEwab55CJ8u2RNRLTaM8wxHTkVC3BS3ipA3kjvxesOcB
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b6508e62-2245-4d26-63cc-cbf2ac14d840.oY0urXM%2BMZbl0KcMl7TmVWA1zy4ZreIcV2tfC%2FWhGao
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtlCOYiJFTSZjzMvyrBTYQNmKxGU.guCV%2Fy06qmSa8%2F0Cn0PYJJRjvNQU%2FnKDzGEudOSieBg
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-tlCOYiJFTSZjzMvyrBTYQNmKxGU&KRTB&23334-tlCOYiJFTSZjzMvyrBTYQNmKxGU&KRTB&23417-tlCOYiJFTSZjzMvyrBTYQNmKxGU&KRTB&23426-tlCOYiJFTSZjzMvyrBTYQNmKxGU
.audrte.com/ Name: arcki2
Value: 489kVslS-fBSGSSL4NagKkzdA!20220908!1669526620344!ip#217.138.196.101
.admixer.co.kr/ Name: __auid
Value: d7a82d9abbe46fdfa8c8f2ce47163b05
.admixer.co.kr/ Name: __puid_103
Value: 923672e933cf4b91800cab6c268cb029
.admixer.co.kr/ Name: __id_utm
Value: 20221127
.admixer.co.kr/ Name: __id_inf_103
Value: 0_923672e933cf4b91800cab6c268cb029
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:80b36382-f45c-4700-a349-cb746816a245&KRTB&16736-uid:80b36382-f45c-4700-a349-cb746816a245&KRTB&23019-uid:80b36382-f45c-4700-a349-cb746816a245&KRTB&23208-uid:80b36382-f45c-4700-a349-cb746816a245
.mathtag.com/ Name: uuid
Value: bd246382-f45c-4200-8673-fe5ee3b31e6b
.pubmatic.com/ Name: SPugT
Value: 1669526621
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1670716800%3A221_226_227_235_201_197_219%7C1669593600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1670716800%3A56_220_204_3_104_165_8_238_166_54_71_99_7_22_55_13_243_21_161_251_214_176_88_81_234_233%7C1670803200%3A35%7C1670371200%3A63%7C1672099200%3A203%7C1670112000%3A223_15_2%7C1674691200%3A69
.fiftyt.com/ Name: fifid
Value: e465a5a8-1e8f-4b13-4062-56c66268bac5
.fiftyt.com/ Name: cs
Value: MTY2OTUyNjYyMnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fH4Bln6rxlSaNSd_pZxwXZzY4zIFBqgs8y-Ew0dAT2TT
.audrte.com/ Name: arcki2_pubmatic
Value: 6D35DFB8-4E73-4B21-9749-DFFAE0A23760!20220908!1669526622580
.adtelligent.com/ Name: a558003
Value: 6D35DFB8-4E73-4B21-9749-DFFAE0A23760
.fiftyt.com/ Name: fppm
Value: 20221127052342
.semasio.net/ Name: SEUNCY
Value: 48645F9D34AC6B5D
.ipredictive.com/ Name: cu
Value: 47ed509c-3224-4ac4-9247-092b2a0e295c|1669526622943
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-47ed509c-3224-4ac4-9247-092b2a0e295c&KRTB&23011-47ed509c-3224-4ac4-9247-092b2a0e295c&KRTB&23355-47ed509c-3224-4ac4-9247-092b2a0e295c
.pubmatic.com/ Name: PugT
Value: 1669526621

7 Console Messages

Source Level URL
Text
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=68eb6297-4d13-4614-4b88-4e22ea492a4b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=68eb6297-4d13-4614-4b88-4e22ea492a4b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=68eb6297-4d13-4614-4b88-4e22ea492a4b&reqId=bbd8f8ea-a511-4c0d-62f2-eba040b1b6a8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:30f90087-ad4c-4320-baa3-858c69dc628d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3345251833063677006
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b2906f105f18b735/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhXRaUMbaVMbShTYV
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adtng.com
a.audrte.com
a.exdynsrv.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
an.yandex.ru
ap.lijit.com
aud.pubmatic.com
bcp.crwdcntrl.net
beacon.krxd.net
c1.adform.net
cdn.admixer.net
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
core.iprom.net
counter.yadro.ru
covivado.club
creativecdn.com
cs.mobfox.com
cs.yellowblue.io
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
ht-cdn2.adtng.com
hw-cdn2.adtng.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
maps.google.com
maps.googleapis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.new-programmatic.com
match.prod.bidr.io
matching.truffle.bid
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
offside.com.ua
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
r.scoota.co
rbp.mxptint.net
refpa53115.top
refpa6781648.top
region1.google-analytics.com
rtb.com.ru
rtb.openx.net
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.ipredictive.com
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.tidaltv.com
syndication.exdynsrv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
visitor.fiftyt.com
www.google.com
www.googletagmanager.com
www.storygize.net
x.bidswitch.net
z.cdn.adpool.bet
103.229.206.240
13.225.78.97
13.32.99.36
137.74.6.209
141.94.171.214
141.94.242.206
142.250.184.226
151.101.194.49
157.90.211.246
159.65.196.12
162.55.120.196
168.119.88.34
172.64.154.237
178.250.0.163
178.253.14.29
18.198.69.109
183.110.238.136
184.24.9.113
185.172.90.250
185.172.90.252
185.184.8.90
185.64.189.110
185.64.189.229
185.64.190.78
185.64.190.79
185.64.190.81
185.83.69.178
185.83.69.242
185.86.137.110
185.89.210.122
185.89.210.244
193.200.65.6
194.247.175.26
195.5.165.20
198.47.127.20
199.115.119.227
2001:4860:4802:32::36
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::11
203.195.121.141
204.62.13.72
205.234.175.175
209.197.3.25
212.7.203.129
212.82.100.182
213.155.156.182
213.19.147.44
216.52.2.48
217.65.2.150
23.205.235.133
23.35.236.201
2600:1f16:e61:3f01:4121:4821:f664:be
2606:4700:10::6816:1957
2606:4700::6812:18ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2004
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:6b8::90
2a02:6ea0:c700::11
2a02:fa8:8806:13::1370
2a03:90c0:41:2801::62
2a04:4e42::300
2a05:d018:24:b001:5701:9c55:1756:99ad
2a05:d018:d29:3605:2256:d6d3:539d:24e0
2a06:98c1:3120::3
2a06:98c1:3121::3
3.126.56.137
3.127.178.105
34.102.253.54
34.111.131.239
34.205.150.35
34.246.215.174
34.98.67.61
35.175.58.50
35.186.193.173
35.186.253.211
35.201.96.126
35.204.74.118
35.214.223.115
35.227.248.159
37.157.2.239
37.157.5.142
4.78.226.234
45.135.120.147
51.158.29.13
51.68.39.188
51.89.9.254
52.223.40.198
52.29.215.78
52.30.146.240
52.70.254.182
52.73.233.198
52.89.41.173
54.171.40.8
54.208.68.206
54.228.118.174
54.76.86.77
54.77.35.234
62.149.1.122
63.251.232.165
66.155.71.150
66.254.114.171
66.254.122.20
67.202.105.34
67.220.228.203
69.173.144.138
69.173.144.139
69.192.160.219
77.243.60.138
8.2.108.194
8.2.110.206
82.145.213.8
83.222.114.189
85.114.159.118
88.198.49.154
88.212.201.204
95.211.229.247
99.81.236.184
99.81.44.108
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08b501c818a49aa79415f0bc59dba8a05cf6f35b647f64b2bf7e944646d46b7b
0938b06ff06e45ba2bfee877946cd31929b6506f807058678faa736de5a4e6b4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d94be650a5c60bab1cd8019486a3e88695f59d181b3b8fa30c8f5abb6949c44
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
100550dfccbc9bfba8e9ef1cd9b391764706818df1985728faaa9eb5ba8cec14
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15f3eae8865edf271c4b41e6a6f2863b72e111368abfd3a7e8e91bf08928e358
1696a37e648b7aa3375f832b26f0d3b2a6622931eeba341accbf755a4534ac9f
182dcaf4116131c8dc11151fc2179fdf91157ce36b9b39443b16043f517db5e4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
199a66ac6582dd904b4a006853b186b3169cceddddc159f5772e01ee3f31cac0
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c20b711bd4933c5ff4864901e62060434c55d81d26ebd100a37355eade8e9bf
1cbb9e41315a3c2c583304a2dff7a7053bf1d356ac6af79376bb47d6f3cd6a25
1fd692e17ffbdd6c487f570808045f74c6d3b93d61b6cd7a0296ae8c451eacd0
2089fdd7c94bb163dc84cb8767f0aeb15e8e62134c5a4516dec71df246df596e
2135fde5fcefef36989f8d709ed4c7155e85b453c961137a86d29149daee6598
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b59c9e802af8bdfbfbe286e84e80fda36fe084c5934f68972b150e040952b3
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2a82c77ffec67310857083139d4b91ed0a81d89504972e4d5325b7756cef1edf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfa3e854613ec7867f5772f85da75e4f5afb20d783833e737630ed97c573215
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32923f60e6e09cbbd78370a1455b49ec63c656a2160e079a18172a113796e714
33c40c2335d26ad0f3b506969c3a67660523d137b0c8cc198911c2826a27316c
33d0c7daf6dcd6175b083a50c6c192dc0fe4caea466bb70d5ff28440a435064a
348d15ed9c81c4c8f236013b49d86b29d3cebfa4720ee291c76cf70fa834e158
35aee3e3a0bc05a1c2ed6917b747eb555802f06bae98356067e7d4a55ef1a04b
35fde07b00f81eb537945883df583523d1da797b7ba2b5c93ac65fc21b2bcc16
37a3b8ea20c9512ec35491bea3f66fe195756a49d837c82a83013f89e0e6b1bc
39c3747d29a27dcd07c6cb7d4dee61fccb8de904505e145bce04230b762190e8
3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd
3c17e5fec5e26fbc519e90d9f8455d30bd9fde8c1fde9591691ef249b0741028
3c6dc0b8e451822061daba4be79dc084125a2810b8f3bd7a520c788eab3d5377
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2de7c1c92058fa7d46eb1042d017353071a1b89110897778598922b8316b39
3f4cff9965d17a5e644e1610d150796343dd8a51556b6d7a7fd3c390b82288f5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4091ba7312a58a2065b6e148417e5d0c981ba31efdb0cc5d1093ceba085c291c
4096e95444de81291a48db18ecd6898d6158ec08a7f4710050a30b0e59b3b8b2
418c91639d6dbcb6709cf1878dd5b3c7a84071470c0d31dbf7ca84ee01832151
419b39f3cda98241621ab9469a5b23de4b0f01a98a145efe662d4aadc510a7bd
427f8dcaa42e89577a4604efbbd21af5c268c39b5c6e021f12d060b93257b101
42be544dc6ed5298999387290acc34903763f83f2491e7d0565b8ce137ce8e32
42c88d61050399e0f93184e6e6fe946329df48ef9c7bc23b521ebdd28e10e563
4517561f8210d1ddf394d1748f821a1549a1612eccdb061e5a6dd758fe791677
45cfe337b29a6e95dd08b6f021f45e5dd81abd2879fb513596a25ea951d21447
4640640359f504d069e542951660e3aa43220471c2fc5a27a3aaf7e414cdef4d
46da2ce5ce28b26d5cdee5cf69e27ca2da762573c8cc5d6aa914ba6e73027a3d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a9dd279c8ac798300357164114e0d70be3d0bb7ed51a98ecb00d6e6b51506ac
4ad72ba5583bcd350d55c0e2b27839eb8398a6842df6c399e80bb05e37604ee5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b81ba8b9eac604af2d53f1f44b758d738d2520d369f89e0ea13337ac7841729
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
4d34963b7db0da6900ddb9c2fd6b9b9d59844eeec6d2a6a99d3f7c0bc820797b
4da6ec1389494a756e302de69d0a3dd8cc2307d0f0fd26cf3d296df3cba2e08f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
5346e1a1343f6f33d953371d82c8c8a7cc5e7e07a58689ec49d7d9e4452c6f7d
5484ef447d51f1402aada17408f1a7322315241f3df6354f931242cd51450d5f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e51023959cb317d00841117e136e1adba5e63ac3d89dfad79fab98c69aa9fc
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b7cfbb1fd4b37176f87d8c82cfba04e233ee31ff3d94d033be54c69136625fd
5bed074367042548e1f1ce7d18ba273b797a7a142899b5fdafabf24aa17bb645
5cfd0889bddf20b0426add84fb0e0f596ef7dd653d3d22c8f5b63238a80a2088
5e1883b0f4dbcd3ed4077a13a7599c50e023fd1d8d3de4452d2c5d9952d0fb2f
5f010159247bf3b25e92cd7c414b38194bd825a212bf42f9adaa8587bd0253ac
6039ce729a6c8041b44b7285bf244469b4d369991d6ad1f63711d079dad29b07
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
631e19dc924050fd144dbec9537eeb3d0bd3e8585b9ff7d31661df9cd26655b3
64387d4792b2111f3eae08c1500965d163131034c2ddeabd5fe4d10e4c5369a4
6488dfa2efd57445f30050510665ebb17f4345c2c62214f88e408a82154e276e
6527aa400c84ad7f1e7d474027b6823a39662321e6c6e31732f14d4051d46b41
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
693d2018099964feeb024f557cbdb89797a464d71f0d33de1aa0ebf0391525ba
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cacd497325701e683df564cbe1c9133ecbfb3c4b16396512e3dc4a7b630a9ef
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
6fd78c8aa95db27ab69f625976d04241a14c268deac9afae752919a254899ba8
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7676d695d20a1253ad1cd9f7834d2a3cb01646236de2caa17cd8a6f97859a43d
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
776ef5ab756f8e5a45a1508c934b11b7d2ae0206cb1d614bc2ab939541a1a897
777b747088bd593b30b6a2f5d939b1f65eb5f7a544915f94eff47c52d9d4927c
78764c6b55a054871a6a5b36a5704b51eaab0e4394cf6a97cddd3c0ee4d7236e
791f9c427f78a6f55171f9a1dd4518da2f061980ef2b7344fe84d59e76f37471
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
79dfd90ba5cbc2499a72932121b7765b3e981b55495a3f62e9221301b37e63ce
7abd36a2f651330420d86187c125331d679408d1be7b6cd93efa64e08eaf80c7
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4
807eb1593cffbaecc4ede4ca6e52691b9db2a9e943deeaae66652b31398a7616
822ac4e66e48087992e258c5ef7b94a7dd2e7b28af07db80684802b83108cabf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87038e38170c8ee523a5abcfc8c0a25ef98523caa85851b24ed1e195f90f482b
8a8a38df89acc13ff49e34007ff20f89e1d20785d3363c0c1c14cdf5d1934219
8ab91735fa0d3545dc86b29da865e4a39df8b9421eab4586ceac2b1cb25004ad
8bba4579b5f773b35b368f5da967b542dae5d7c2426e5b73aaeecb93cd275a90
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e09dcf5ae39b3188fa21f136192f64ca6b8269c11752237ce3a308ae6f5a85d
901c3fdbcd77b88cbd1ff6c3771b83c2eefd6794de26dfa44f7b5f37a7e98599
902b9e024ebd88a6f82811f4c42de65b3c4d3c7ade1b66b848c41d57fad73e79
94277769b8916ca8755e5a211d850942e94e1d6621060daa7ffb5c3976b1ce5e
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
989cd208ef0d5162de46025aa76ddbce3ae9a6c9852da6eb0a725dd8f01e0982
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f616744c5212f524a7ff47e22a04d7f2ba7b2075512f932923a3fad65040150
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1285c19a66f8d009fc6ecdbd27373eaec80e05cb07cc75d47554f912b2fa06b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69f25badb1efa9f4b38586a50bbae6c0eece2ecb1a079ba0115a2446945e755
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa0e159198a059b9f2d63a751e130b15eaf24a46a5f1f20c1c69c25d6f80d12d
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ade74efab08237d9c2e51a69189ce2b83eb3c6c865982dda83700c5391ff4081
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ac1269977330827d9add82b8e069ed1eabcfd2d982dcd185a939dd322d0e09
b1ded7a144bbe610480e74d1ec8fd8c648b27ac92df4c0cc6af7e51efcd08f74
b2438b4fd59796fa354af36092272f00a446507a7979243c7849dd589eaa5f1b
b2877b9644f1d0214961542e44f4d78fdcba93756941da51b62f0796b5d96431
b3a4dc93cb491425d6552342960777015f434ed0c89b8adf0fc2a84c4063d93e
b9cb9ae359a625e05528779aa81b4889ca5bbb9c3d870ea207fc3e9502d26459
ba86c4e74026c9c80d215b10cf1aecbc0576d7aaef6ceac9eea652d48a787bf4
bc5c1ffb80e8c6b709daf7cd8f06a977335f3a35f90332e9bd9a5e605717ccfe
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc8c33419378a34dc5449ee25e421efe99767a5d5897e3c4b5f3a14ee15115d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c52258c13dbe41865ee9bbd68e4e15cbc2105e276b5bf907c76b308b1bb952a6
c5fb47e39b757be7fd84e8b5b1e0f6a2915cb234a8c3d0fcae5df712e954606a
c85c9075780a3eb4f26ed8b2cd69b058fc41c6aefd73a056e88c652a96342ee4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccba3325d1054036ca9b97100a703207868c08ec29f17ea2307ca3f8b7242a1d
ccbba26502ca361b0401549d5365a56fde6a78f5a81434ccb18b92896c387742
ce087d1d736beb8d869939f28b6be10aa4660be34796429d59150527054b500f
ce15ddcedd7427a33e15cfe70dfd6934236664bb77cf82f5a3d843251ccd817b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfda5ab4fa75e77566a328adae8566973f7d2a7d1815a272daf58cad64ff8273
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
d154521b7e690095bfb6cb7d50d20769a73c63299f7b35561e7266a8ad2f6f41
d3abb75ebc673d5c07263ea76e8a03b2f03a12e6a56c050c6b3a37e33e78e72f
d6cfcdf1e2b932ad28e31fa67aa30b6c13e15bd0e4cbd8cf973dbea4679c815f
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d97697363383c4054e1e9a428dd2805c0e04ba2c8c692530bb03bda81965b1a9
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
db099e95eb910c80a88cff3a375d59c4533d74c328b5c94189fe32f0b0ae28a1
db9bacda467d38f3afc52d07d44734b5d48543fb9600f71f5018b1ed09b87c62
dc4c1d4ad985cef08104a09919ae8be0221ed3a7ddde5654213e464ae4d944a1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df6476e84f6a8c360745e7a06271f3bbe92e44936f059ae579563c376d7bf834
e159378d94ed38aa4029194c7f61e8213ff334ffc1ec4d2ed581b8d4f05ea35a
e1bd7d64deecbc15860d0f0a269fca9043802f24a12443c912cc507305e4cfd0
e37d6e58fbd507020bfee3d26b717393a4c78e845bc164bcea7d7374c4a5d672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49631be380c019d38aa88b39305a7bd9285b324fecac71d296997a6c4fe033c
e7dedbb2327be817cb91eab8f15c83bac411f30f4fe1a88013bd85f940aff522
e881fdceb28f9eb4e41f93f2c9b4615309a691d90f1fa4da8b4f5789e2ad0718
e926a49247c363a9cbb763656f465445e32089a11fb2bb734fd3c6892b2ab2c0
ea00920ed7318060183a8424901b39e1b6e4d78c62d649ea9738a2c06e5a3275
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
eb3666c237dfc004679d0009a45702814420164d6248978309842dfdf6fcda23
eb79ba225f6ebf5246c403dd71f3def82f243d80a0dae11f169d17c5a48cdf07
ebc4b582e1dcce5a8347546dce540c0b431f22a8f78811240328a2fc5f8eb7b5
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ed5ee38ef79da92870bcb636d72d65cc1b81cf7991b94be08c744d45e81c163d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f5de0ff9f66605a6edd3434522aea6f05b020a1de93e7b3b6c8edc9e54b63a89
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6f999ea0d328245ae7d1201632b7783931d12b0f936430c31e3fc1b2fb080f9
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fb7001aa094389a4e85c7b731e35f87a7a85f7575b2d69f16092f65842f3b68a
fd10e568b17d9adfa3f1fe782f0807c699601eac77760e8c89908dd875e7c340
fd54b8fcb95379bc52d782a7224898af40953c092a34279bc83b36f9f4840de6
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdb7859de3585c9832f31955532cb32fe3ffecdfaf050c0192d348bcfc100801
ff125f0dfe5af20434e5abc3228bcb63ba4a2a5a286e69e090e16eff29cd368c