urlscan.io logo urlscan.io
SecurityTrails logo

offside.com.ua Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://offside.com.ua/
Effective URL: https://offside.com.ua/
Submission: On September 29 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 17 countries across 87 domains to perform 313 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is offside.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2022. Valid for: a year.
This is the only time offside.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 109 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a03:90c0:e1:... 199524 (GCORE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 88.212.201.204 39134 (UNITEDNET)
5 2a00:1450:400... 15169 (GOOGLE)
3 45.135.120.147 56630 (MELBICOM-...)
4 88.198.49.154 24940 (HETZNER-AS)
2 2001:4860:480... 15169 (GOOGLE)
1 213.183.39.30 56630 (MELBICOM-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 95.211.229.248 60781 (LEASEWEB-...)
1 66.254.114.171 29789 (REFLECTED)
1 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 209.197.3.25 20446 (STACKPATH...)
1 139.45.195.253 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 9 146.0.227.110 20773 (GODADDY)
2 185.83.69.226 55081 (24SHELLS)
5 51.89.9.251 16276 (OVH)
1 11 185.172.90.251 49981 (WORLDSTREAM)
2 8.2.110.114 46636 (NATCOWEB)
2 198.47.127.18 3257 (GTT-BACKB...)
1 183.110.238.136 4766 (KIXS-AS-K...)
1 2 88.198.31.232 24940 (HETZNER-AS)
2 2 217.65.2.150 3175 (CITYTELEC...)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
2 216.52.2.39 30282 (AS-INAPCD...)
1 83.222.114.189 42632 (MNOGOBYTE...)
2 2 51.83.220.94 16276 (OVH)
2 2 188.42.191.196 7979 (SERVERS-COM)
10 10 3.120.86.7 16509 (AMAZON-02)
3 4 37.157.2.237 198622 (ADFORM)
1 2 185.184.8.90 204995 (RTB-HOUSE...)
3 13 104.18.18.126 13335 (CLOUDFLAR...)
2 23.227.151.106 55081 (24SHELLS)
1 2 194.247.175.26 196831 (BEMOBILE-AS)
3 3 199.115.119.227 30633 (LEASEWEB-...)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 1 188.34.165.163 24940 (HETZNER-AS)
1 8.2.110.206 46636 (NATCOWEB)
3 3 18.156.0.31 16509 (AMAZON-02)
1 82.145.213.8 39832 (NO-OPERA)
2 193.200.65.6 6681 (GIVEME-CLOUD)
5 7 37.252.173.22 29990 (ASN-APPNEX)
3 8 52.7.168.45 14618 (AMAZON-AES)
6 185.172.90.250 49981 (WORLDSTREAM)
2 2 34.194.111.252 14618 (AMAZON-AES)
3 3 23.75.240.210 16625 (AKAMAI-AS)
6 23.205.235.133 16625 (AKAMAI-AS)
2 205.234.175.175 23352 (SERVERCEN...)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
4 5 142.250.201.194 15169 (GOOGLE)
4 5 35.227.248.159 15169 (GOOGLE)
3 35.71.131.137 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 198.47.127.19 3257 (GTT-BACKB...)
2 2 52.18.235.86 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
1 185.15.245.81 24961 (MYLOC-AS ...)
3 4 54.216.193.48 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 52.59.153.178 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 54.194.97.242 16509 (AMAZON-02)
1 162.55.236.225 24940 (HETZNER-AS)
1 151.101.194.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 3.218.193.24 14618 (AMAZON-AES)
1 2 52.94.220.185 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
2 2 34.255.174.131 16509 (AMAZON-02)
5 69.173.144.165 26667 (RUBICONPR...)
1 2 52.46.143.56 16509 (AMAZON-02)
2 2 54.216.196.145 16509 (AMAZON-02)
2 104.18.19.126 13335 (CLOUDFLAR...)
3 2a05:d018:d29... 16509 (AMAZON-02)
1 1 34.111.151.213 15169 (GOOGLE)
2 2 135.125.160.160 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.35.236.201 16625 (AKAMAI-AS)
1 67.202.105.34 32748 (STEADFAST)
2 2 34.252.105.21 16509 (AMAZON-02)
2 11 23.227.139.243 55081 (24SHELLS)
2 2 213.19.147.44 26120 (RHYTHMONE)
1 35.186.253.211 15169 (GOOGLE)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 13.225.78.37 16509 (AMAZON-02)
2 13.248.245.213 16509 (AMAZON-02)
2 212.83.160.162 12876 (Online SAS)
1 1 37.252.172.250 29990 (ASN-APPNEX)
1 54.155.183.30 16509 (AMAZON-02)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 69.173.144.138 26667 (RUBICONPR...)
1 1 37.157.4.29 198622 (ADFORM)
1 18.184.216.10 16509 (AMAZON-02)
313 81
109    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
offside.com.ua
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)
cdn.admixer.net
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
a.exdynsrv.com
3    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
maps.google.com
3    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    45.135.120.147 (Amsterdam, Netherlands)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
refpa6781648.top
4    88.198.49.154 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.49.154.clients.your-server.de
covivado.club
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    213.183.39.30 (Frankfurt am Main, Germany)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
PTR: aayq8530.cloud-living.com.39.183.213.in-addr.arpa
refpa53115.top
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
2    95.211.229.248 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net
syndication.exdynsrv.com
1    66.254.114.171 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
a.adtng.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    209.197.3.25 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x019.map2.ssl.hwcdn.net
hw-cdn2.adtng.com
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
9    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    185.83.69.226 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
5    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
11    185.172.90.251 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net
ads.us.e-planning.net
u-ams03.e-planning.net
2    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
2    88.198.31.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.31.232.clients.your-server.de
exchange.buzzoola.com
2    217.65.2.150 (Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    83.222.114.189 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
2    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
10    3.120.86.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-86-7.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
13    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
2    23.227.151.106 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
2    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
3    199.115.119.227 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    188.34.165.163 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.163.165.34.188.clients.your-server.de
bidswitch-eu.splicky.com
1    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
7    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
8    52.7.168.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-168-45.compute-1.amazonaws.com
a.audrte.com
6    185.172.90.250 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: s.e-planning.net
s.e-planning.net
2    34.194.111.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-111-252.compute-1.amazonaws.com
ssp.disqus.com
3    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    205.234.175.175 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
18    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
5    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
cm.g.doubleclick.net
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f600:7475:e79:22d:1b43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    52.18.235.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-235-86.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
4    54.216.193.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-193-48.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    52.59.153.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-153-178.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    54.194.97.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-97-242.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    3.218.193.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-193-24.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    34.255.174.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-174-131.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    54.216.196.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-196-145.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
3    2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
2    34.252.105.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-105-21.eu-west-1.compute.amazonaws.com
ad.360yield.com
11    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
2    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
3    13.225.78.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net
tags.crwdcntrl.net
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    212.83.160.162 (France)

ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
js.cookieless-data.com
1    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    54.155.183.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-183-30.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
109 offside.com.ua
offside.com.ua
3 MB
19 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4699
s.e-planning.net — Cisco Umbrella Rank: 6632
u-ams03.e-planning.net — Cisco Umbrella Rank: 69793
i.e-planning.net — Cisco Umbrella Rank: 6796
8 KB
18 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1754
mwzeom.zeotap.com — Cisco Umbrella Rank: 1627
6 KB
18 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 48959
inv-nets.admixer.net — Cisco Umbrella Rank: 2369
202 KB
15 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 903
eus.rubiconproject.com — Cisco Umbrella Rank: 557
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2006
33 KB
15 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429
ssum.casalemedia.com — Cisco Umbrella Rank: 1327
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
dsum.casalemedia.com — Cisco Umbrella Rank: 1323
r.casalemedia.com — Cisco Umbrella Rank: 1347
14 KB
11 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 5878
sync.adtelligent.com — Cisco Umbrella Rank: 4372
6 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 288
5 KB
8 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2379
9 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 428
6 KB
7 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 818
tags.crwdcntrl.net — Cisco Umbrella Rank: 1205
sync.crwdcntrl.net — Cisco Umbrella Rank: 708
33 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 282
cms.analytics.yahoo.com — Cisco Umbrella Rank: 855
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
3 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
6 KB
6 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 596
image6.pubmatic.com — Cisco Umbrella Rank: 647
ads.pubmatic.com — Cisco Umbrella Rank: 457
12 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 430
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 614
dmp.adform.net — Cisco Umbrella Rank: 4683
cm.adform.net — Cisco Umbrella Rank: 1501
2 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
5 gstatic.com
fonts.gstatic.com
147 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1216
s.amazon-adsystem.com — Cisco Umbrella Rank: 287
3 KB
4 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 17339
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 14777
2 KB
4 adtng.com
a.adtng.com — Cisco Umbrella Rank: 20622
hw-cdn2.adtng.com — Cisco Umbrella Rank: 13799
97 KB
4 covivado.club
covivado.club — Cisco Umbrella Rank: 267676
33 KB
4 google.com
maps.google.com — Cisco Umbrella Rank: 1858
adservice.google.com — Cisco Umbrella Rank: 76
186 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
maps.googleapis.com — Cisco Umbrella Rank: 351
3 KB
3 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 4666
35 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 515
usermatch.krxd.net — Cisco Umbrella Rank: 1239
943 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 344
793 B
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 7064
1 KB
3 refpa6781648.top
refpa6781648.top — Cisco Umbrella Rank: 932600
3 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9240
2 KB
3 exdynsrv.com
a.exdynsrv.com — Cisco Umbrella Rank: 53820
syndication.exdynsrv.com — Cisco Umbrella Rank: 41683
26 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
179 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
218 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 573
1 KB
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 6606
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 376
279 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 530
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 671
665 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1344
843 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2691
888 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 13127
429 B
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 935
sync.mathtag.com — Cisco Umbrella Rank: 441
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25538
683 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 211
2 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1702
623 B
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 87783
702 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4515
746 B
2 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 144817
467 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 648
678 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2084
1 KB
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 9298
539 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
564 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2395
645 B
2 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 38306
549 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 18250
543 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 5024
258 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2852
363 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 940
1 KB
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10156
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 815
623 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 479
433 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1470
352 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4229
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1652
350 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 524
145 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 537
177 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1973
361 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 924
356 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 455
532 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 21865
84 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1523
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 116908
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 6785
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11109
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 690
162 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2614
463 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 8556
510 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 27291
219 B
1 com.ru
rtb.com.ru — Cisco Umbrella Rank: 34304
110 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 17794
904 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 67119
392 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8962
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
645 B
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 79345
16 KB
1 refpa53115.top
refpa53115.top — Cisco Umbrella Rank: 559973
149 KB
0 tidaltv.com Failed
sync.tidaltv.com Failed
313 87
Domain Requested by
109 offside.com.ua 1 redirects offside.com.ua
12 mwzeom.zeotap.com ads.us.e-planning.net
10 x.bidswitch.net 10 redirects
9 sync.adtelligent.com 1 redirects s.adtelligent.com
ads.us.e-planning.net
s.console.adtarget.com.tr
9 inv-nets.admixer.net 1 redirects cdn.admixer.net
offside.com.ua
ads.us.e-planning.net
9 cdn.admixer.net offside.com.ua
cdn.admixer.net
8 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
vid.vidoomy.com
8 a.audrte.com 3 redirects ads.us.e-planning.net
a.audrte.com
offside.com.ua
7 ib.adnxs.com 5 redirects offside.com.ua
spl.zeotap.com
6 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
s.adtelligent.com
6 s.e-planning.net ads.us.e-planning.net
5 pixel.tapad.com 4 redirects ads.us.e-planning.net
5 cm.g.doubleclick.net 4 redirects spl.zeotap.com
5 onetag-sys.com inv-nets.admixer.net
ads.us.e-planning.net
s.adtelligent.com
5 fonts.gstatic.com fonts.googleapis.com
4 covivado.club offside.com.ua
covivado.club
3 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
3 token.rubiconproject.com eus.rubiconproject.com
3 vid.vidoomy.com s.adtelligent.com
ads.us.e-planning.net
3 pr-bh.ybp.yahoo.com ssum.casalemedia.com
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 match.adsrvr.org spl.zeotap.com
ssum.casalemedia.com
s.adtelligent.com
3 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
3 secure-assets.rubiconproject.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 sync.lemmatechnologies.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects offside.com.ua
ssum.casalemedia.com
3 ads.us.e-planning.net 1 redirects inv-nets.admixer.net
s.adtelligent.com
3 hw-cdn2.adtng.com a.adtng.com
3 refpa6781648.top offside.com.ua
refpa6781648.top
3 counter.yadro.ru 1 redirects offside.com.ua
3 maps.google.com offside.com.ua
maps.google.com
3 pagead2.googlesyndication.com offside.com.ua
pagead2.googlesyndication.com
3 fonts.googleapis.com offside.com.ua
3 www.googletagmanager.com offside.com.ua
www.googletagmanager.com
2 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
2 pixel-sync.sitescout.com 2 redirects
2 js.cookieless-data.com s.e-planning.net
2 eb2.3lift.com ads.us.e-planning.net
2 sync.1rx.io 2 redirects
2 ad.360yield.com 2 redirects
2 ads.pubmatic.com s.adtelligent.com
2 gu.dyntrk.com 2 redirects
2 dsum.casalemedia.com ssum.casalemedia.com
2 ads.avct.cloud 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 pixel.rubiconproject.com spl.zeotap.com
eus.rubiconproject.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
2 dmp.adform.net 1 redirects spl.zeotap.com
2 i.e-planning.net ads.us.e-planning.net
2 ssp.disqus.com 2 redirects
2 m.trafmag.com offside.com.ua
2 pool.admedo.com 2 redirects
2 pa.tns-ua.com 1 redirects offside.com.ua
2 s.console.adtarget.com.tr offside.com.ua
s.adtelligent.com
2 creativecdn.com 1 redirects offside.com.ua
2 c1.adform.net 2 redirects
2 ads.betweendigital.com 2 redirects
2 a4p.adpartner.pro 2 redirects
2 ap.lijit.com offside.com.ua
s.adtelligent.com
2 an.yandex.ru 1 redirects offside.com.ua
2 match.new-programmatic.com 2 redirects
2 exchange.buzzoola.com 1 redirects offside.com.ua
2 image8.pubmatic.com offside.com.ua
2 us.ck-ie.com offside.com.ua
2 s.adtelligent.com inv-nets.admixer.net
s.adtelligent.com
2 syndication.exdynsrv.com a.exdynsrv.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 region1.google-analytics.com www.googletagmanager.com
1 ps.eyeota.net offside.com.ua
1 cm.adform.net 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ad4m.at ssum.casalemedia.com
1 um.simpli.fi 1 redirects
1 r.casalemedia.com ssum.casalemedia.com
1 sync.crwdcntrl.net 1 redirects
1 sync.mathtag.com 1 redirects
1 match.prod.bidr.io ssum.casalemedia.com
1 secure.adnxs.com 1 redirects
1 rtb.openx.net s.adtelligent.com
1 ic.tynt.com s.adtelligent.com
1 csync.loopme.me s.adtelligent.com
1 dmp.brand-display.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync-tm.everesttech.net spl.zeotap.com
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 t.adx.opera.com offside.com.ua
1 cs.mobfox.com offside.com.ua
1 bidswitch-eu.splicky.com 1 redirects
1 rtb.com.ru offside.com.ua
1 idsync.admixer.co.kr offside.com.ua
1 maps.googleapis.com maps.google.com
1 datatechone.com cdntechone.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 a.adtng.com a.exdynsrv.com
1 cdntechone.com covivado.club
1 refpa53115.top refpa6781648.top
1 a.exdynsrv.com offside.com.ua
0 sync.tidaltv.com Failed spl.zeotap.com
313 119
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
exdynsrv.com
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.refpa6781648.top
R3		 2022-09-10 -
2022-12-09		 3 months crt.sh
vivarevasta.top
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh
counter.yadro.ru
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
*.refpa53115.top
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adtng.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2022-07-18 -
2023-07-18		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-31 -
2022-10-29		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
rtb.com.ru
R3		 2022-08-12 -
2022-11-10		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-09-25 -
2022-12-24		 3 months crt.sh
*.mobfox.com
R3		 2022-09-22 -
2022-12-21		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
dmp.theadex.com
R3		 2022-08-26 -
2022-11-24		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-09-24 -
2022-12-23		 3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh

This page contains 38 frames:

Primary Page: https://offside.com.ua/
Frame ID: E70861EFC01812388AC5B3492787F672
Requests: 176 HTTP requests in this frame

Frame: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Frame ID: 32FF62084D042EF381BE4D7012030732
Requests: 4 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: EFE6DCC8C91596B167124E7088F2F37B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html
Frame ID: BE867B945C51669A2195F4E647D9326B
Requests: 1 HTTP requests in this frame

Frame: https://a.adtng.com/get/10012456?time=1614803572912&apb=oodbPHNddHNRLHTU7bc7qarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rqKZ5pqq7HSuldK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7
Frame ID: 05DF1EF8756346F828DCE47B50EA5F45
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7140845151581295&output=html&adk=1812271804&adf=3025194257&lmt=1664435639&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffside.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664435636627&bpp=5&bdt=911&idt=2720&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6209796420272&frm=20&pv=2&ga_vid=1554332874.1664435636&ga_sid=1664435639&ga_hid=1428987149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C31069177&oid=2&pvsid=2695059597015266&tmod=1198796568&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2745
Frame ID: F8B3A38D74D8857057A4FE95092019EB
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 07D995F7E1164DE98A2BC9B6F0874660
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: F9E9674289612043DAA3028B60CFDD84
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 7CE6AB47A5CFD09922374656E3C97107
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 2DAC7718AC84DA3AF03B4C952AAE5F83
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Frame ID: F2046CC389ED430A836602BC14E2EE12
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: F9DE43304CA1D0B1F97AEFFE2B272DF2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: FC38386267862C69DD44DCA9BA24B18E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361&cmp=0
Frame ID: FFCAB64C5F1EBDD6619365F9BED337DB
Requests: 33 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Frame ID: 4A3E22A6A996821911D210B70ABAC295
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: CEEEB98C6DFD97F86BB21058A2AE3419
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 97A478A49ACB52781CF8358BB54C093E
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 14B9FE926B74108148E0F4B6D920BC76
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 3DD68ECD7253DA669905BC5C54F28051
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 95F0F7DA71C58924D73BD31972595728
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 9E64DB65DF8D0AEEE942F19C8E17E8B9
Requests: 13 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 5993F1CC895A4F7397EEF944E0F6B5E6
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=7fadfc62cba2c61b&uid=2799041a3515fb48b172c141f80c0fdc
Frame ID: 3C801A95E25DFFA26D8FEE8F9E42DA51
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: A51A6269DB40D9BDC8CAA355A48E4AC7
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMevjy2ejXsrP8qy
Frame ID: 4D541EB6340A31A3382E967388F31800
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: E6EA9100A6E36B0FE3EA5CB69C3CBB71
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Frame ID: 53A834A3E4D71E960DB03A21B2B92CCA
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 5F7C5D014C7C8C2F77CBC2676B0778BE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 2EA2E8CA9E68D44AB4AC5205848FA79B
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=3da32747-aa99-4a67-6306-b6aeed9e94e9&zdid=1361&cmp=0
Frame ID: FE42AF045ED5B8FE36C83426700A039B
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 47C36BDE69A1D251ABFFD62D583636CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 3894770E2585619C8159D648500FBE75
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: B27B9285CA38A9DDF664D0B6277889A9
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 2A83FFA4015C3AC8E228839BE36BE91F
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=e475d0bdaad5302d&uid=a6f37f0123013099a595be2217fc435a
Frame ID: F8AA1AB01DEE25DC773D84EAAD0852E5
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 865F8D91E4ACB9E8FBD8FF95187028B7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AMevjy2ejXsrP8qy
Frame ID: 5C042ECBB3B509EC21C80290F44F6BE9
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8804434023222977966
Frame ID: B8B2099CED604E15CF3B90EDD95DA6DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Главная - Offside

Page URL History Show full URLs

  1. http://offside.com.ua/ HTTP 301
    https://offside.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

313
Requests

84 %
HTTPS

20 %
IPv6

87
Domains

119
Subdomains

81
IPs

17
Countries

4091 kB
Transfer

8379 kB
Size

91
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://offside.com.ua/ HTTP 301
    https://offside.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.532739929958006 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.532739929958006
Request Chain 162
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 166
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=c85ad48ea87a4f55b3fc662991c69aa2 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=c85ad48ea87a4f55b3fc662991c69aa2
Request Chain 167
  • https://match.new-programmatic.com/userbind?src=admixer&id=c85ad48ea87a4f55b3fc662991c69aa2 HTTP 302
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/ HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
Request Chain 171
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
Request Chain 173
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=119fec94-9304-5210-bc84-327edfb177c7
Request Chain 174
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=c85ad48ea87a4f55b3fc662991c69aa2&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=c85ad48ea87a4f55b3fc662991c69aa2&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8804434023222977966&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=422c581d-1e22-4a2d-87fd-b79e7b0e5330&gdpr=&consent=&gdpr_pd=
Request Chain 175
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 176
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Request Chain 178
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c85ad48ea87a4f55b3fc662991c69aa2 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z34333786FEE4D7F94A031F6F0894E22&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c85ad48ea87a4f55b3fc662991c69aa2
Request Chain 179
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Dc85ad48ea87a4f55b3fc662991c69aa2 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=4b1d86ba-3fc6-11ed-9e0f-801844df107c HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=422c581d-1e22-4a2d-87fd-b79e7b0e5330 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=422c581d-1e22-4a2d-87fd-b79e7b0e5330 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=88df9d8a-7423-44fd-ba3b-da239b454b58&user_group=1&ssp=lemma&bsw_param=422c581d-1e22-4a2d-87fd-b79e7b0e5330 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=422c581d-1e22-4a2d-87fd-b79e7b0e5330 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=4b1d86ba-3fc6-11ed-9e0f-801844df107c HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=422c581d-1e22-4a2d-87fd-b79e7b0e5330 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=422c581d-1e22-4a2d-87fd-b79e7b0e5330 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=422c581d-1e22-4a2d-87fd-b79e7b0e5330 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=c85ad48ea87a4f55b3fc662991c69aa24b1d86ba-3fc6-11ed-9e0f-801844df107c
Request Chain 181
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-xw08WEtE2uHb7VP.3oMAbZPMZcxUEXM9cKr1UfY-~A
Request Chain 188
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7fadfc62cba2c61b%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams03.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D7fadfc62cba2c61b%2526uid%253D%2524UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7fadfc62cba2c61b&uid=6274540795450896300
Request Chain 189
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D7fadfc62cba2c61b%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7fadfc62cba2c61b&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
Request Chain 191
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 192
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Request Chain 198
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0fdf334f-d863-4da2-bd7a-ad2748c33b30&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 205
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=21905878750757046533918944462724452340&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 207
  • https://bn01.er.bemail.it/zeotap.php?_bid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022092921-85783-0.545876001664479938-c05705c50fef8e6023d6de1d9f4b9f23&zdid=533&env=mWeb
Request Chain 208
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7148696644407457936&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 209
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=0677835b-fb76-4aee-4e7a-58b1cf9f3732 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0677835b-fb76-4aee-4e7a-58b1cf9f3732
Request Chain 210
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0677835b-fb76-4aee-4e7a-58b1cf9f3732&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0677835b-fb76-4aee-4e7a-58b1cf9f3732&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361&bounce=1&random=2994831984 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=xzX/Yb8wzIvP7/fKj2dZmO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 212
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0677835b-fb76-4aee-4e7a-58b1cf9f3732?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=0677835b-fb76-4aee-4e7a-58b1cf9f3732?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 213
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-L9dX_MFE2oo6c87CxsmuXJ0m0hcyNpVsPw--~A&zpartnerid=570&env=mWeb
Request Chain 214
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vopkNd%2FXwqK1lPK1XNZr8Z4BgCJWOGez%2BS41iYitP1U%3D
Request Chain 219
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=237c6335-45ba-4600-a201-1408fa4441c6&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 220
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 221
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361&dcc=t
Request Chain 223
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 225
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Request Chain 229
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzVFuZVxaLE1IB5sVP7pSwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMzSSYsVSxjQWifTZtdzmQY&google_cver=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELVKDiO0QNcL_5Fce6F09Mw&google_cver=1
Request Chain 232
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB&dcc=t
Request Chain 233
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=50e44175-66ea-4a72-bbb3-c65e638114fe&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=422c581d-1e22-4a2d-87fd-b79e7b0e5330
Request Chain 235
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e157b1f4-3451-285f-28c6f547
Request Chain 236
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 245
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=888934b2-f449-4c77-9178-3ace353cd8cc
Request Chain 246
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1664435641693 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8384040875
Request Chain 249
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6274540795450896300
Request Chain 250
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6274540795450896300
Request Chain 252
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
Request Chain 253
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=c85ad48ea87a4f55b3fc662991c69aa2
Request Chain 262
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De475d0bdaad5302d%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=e475d0bdaad5302d&uid=6274540795450896300
Request Chain 263
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3De475d0bdaad5302d%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=e475d0bdaad5302d&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
Request Chain 265
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 272
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 274
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D3da32747-aa99-4a67-6306-b6aeed9e94e9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=3da32747-aa99-4a67-6306-b6aeed9e94e9&zdid=1361
Request Chain 277
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6274540795450896300
Request Chain 278
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB
Request Chain 280
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f9f76335-45b9-4a00-bc8d-8dcf4531f39b
Request Chain 281
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348&gdpr=0&gdpr_consent=
Request Chain 283
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=47449253B1FC45DD92CCDB057C4A5171
Request Chain 299
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8804434023222977966
Request Chain 300
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9b2aa0be5773183b
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5l0Czf8wF-hRJuh6BnU105Drw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5l0Czf8wF-hRJuh6BnU105Drw&gdpr=0&gdpr_consent=&google_gid=CAESEA5ogqv03_tWYRguYebT3lI&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 307
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8804434023222977966 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEA5ogqv03_tWYRguYebT3lI&google_cver=1 HTTP 302
  • https://a.audrte.com/p

313 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offside.com.ua/
Redirect Chain
  • http://offside.com.ua/
  • https://offside.com.ua/
171 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
5f9c492fc9c24768fb14962a92ee584c6bd57dbe666637e8fb45a287b66fc612

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7522eb3d4ab872af-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 07:13:55 GMT
link
<https://offside.com.ua/wp-json/>; rel="https://api.w.org/" <https://offside.com.ua/wp-json/wp/v2/pages/3775>; rel="alternate"; type="application/json" <https://offside.com.ua/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmzDlxGY6qBnNmdIJUHHHW%2BhEBL4p%2FXK5%2BXRWwbQN8eXOTEv%2FVRwYv3L52KchV%2FfGFRFKuLf64cHGnB7tbknyZX%2FKf5Om1Co9L4FUKyVOx%2BHf39lCYGf%2FFWZXbrrH9ez0sLtQ7ZNhuDQEyBLTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-pingback
https://offside.com.ua/xmlrpc.php
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
7522eb3c4c617478-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 29 Sep 2022 07:13:54 GMT
Expires
Thu, 29 Sep 2022 08:13:54 GMT
Location
https://offside.com.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOIKwDlYD3LJ%2FUQF8DKqN9TFceaccaSKJ6rw%2FPL8XPnRDccIheSs75rayIC63pdltII2YG2UP5BGC%2BRh%2FQ9n6lBBwlmuH2r3rqLUuUduNScp4QM%2F4i7%2Fg%2F4slB3YoxdwuaeVumsk%2FjSyVxn6SA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39550218eda0d9caf79484fa83faeb2329812dea09a0af6dc5f4fb3a37046d43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73271
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 29 Sep 2022 07:13:55 GMT
style.min.css
offside.com.ua/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
91342
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg7ieaphaedMe9cj9%2BBkxgIT0lJIm7Rmc8xDHE%2B9gZcQlY6sAC0u5P%2FiGHfXx2H4pvOcpK6Ybtajw9Oae5JGvr%2BeLJdnrHFzvtBiXPQMDE%2FXDNbV%2B147VtilfAYUn3LSZRqs0zZaSvRjKmi1Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb437ffc72af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 05:51:33 GMT
main-custom-1464ba8a0e277d8820e8bcf7034a7fe494d8b7276d9fe55dbd738935741aa90f.min.css
offside.com.ua/wp-content/plugins/anycomment/static/css/ 		72 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/static/css/main-custom-1464ba8a0e277d8820e8bcf7034a7fe494d8b7276d9fe55dbd738935741aa90f.min.css?ver=9b87b6e21a74caabf02f75b28bb0fb66
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5fb47e39b757be7fd84e8b5b1e0f6a2915cb234a8c3d0fcae5df712e954606a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 17:17:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
55620
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DIPar2LiQAWBRHqCV2YdEbDgvRierYUacwu0v7IxZav8gtbBqn%2FFzHPBh63HmRbPttGaXEXz8mWAGAWp%2Fx510%2F5zrVEOO2yChqtOPRurz%2FHlx0qd%2BGrLMVn35YomG5ia1SGvfjcys%2BMDFwe4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb437ffd72af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 15:46:55 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700&subset=cyrillic&display=swap&ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 07:13:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Sep 2022 07:13:55 GMT
styles.css
offside.com.ua/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 Jun 2022 13:26:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ivlc0HB6ZpmGQSADFi1uZ3UGBVuKQhOu95Y3h1ouhiKAvbxTugaw%2BHjvYlYCl5UBIuGv5%2FQ0cQws5leVmRVSkTVfZwZcJXAL5fRjSAG4mhYYpwHq0zkCQ0QZzicx9vfgjPZ%2B5NBqR16wz8TMvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43882572af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
rcl-awesome.min.css
offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d94be650a5c60bab1cd8019486a3e88695f59d181b3b8fa30c8f5abb6949c44

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
78584
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FIeAcgZ%2B%2FVrRuw9Yi%2Fe2Leyc4%2BtCUBKRn7N8csyI3jJ%2B%2FVa0rdAO%2FdUJo4Gx0mIT0EUcwt5MLVMVJRDueEe0Ovy2G660n1kKDoYChojL5D3TRwov8R%2BzxaBrR81Sq4OTkYn0MQx0KE1GJebDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43882872af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 09:24:11 GMT
animate.min.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/animate-css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
55620
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akXytHlinHFwQFjey%2FFUZE44vEoab7lnV2kzM9lYW7KREnaET%2BJx7AnoKWaKDO62LjHsbhRCLnG7Dxcan60l9oNj46TC7qNHIUeTv0YhNgekGQfSOUkjnX0tlxRmk6xoDDzTybaeb5k3ZvtAqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43882a72af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 15:46:55 GMT
core.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c40c2335d26ad0f3b506969c3a67660523d137b0c8cc198911c2826a27316c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315375
cf-polished
origSize=51449
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlIXo%2BhXvNgSuLW3W7y60vzufUofBImIwhNQTG%2FWYaajasEyD%2F43otlJdHLCswUF3t5F%2FlvoHKBjQpQn%2FdXQsCDwfJTbovCBF00FfpMddt9QMPCshQ9ruwN6pRO8d%2FQgF3Q0xeWVHJuJEIry4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43882d72af-LHR
expires
Sun, 02 Oct 2022 15:37:40 GMT
users.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4c1d4ad985cef08104a09919ae8be0221ed3a7ddde5654213e464ae4d944a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78583
cf-polished
origSize=7912
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsIbLLGDBxOpow8opFweT4trvDaZU098N6VPMB6GRXoE151yLxmc%2BKH7j02dLp9UVDFgQDkfvqoRQ%2FSQS0%2B0KObx3bZgW7hA6JfJremzaLbfNzh2Jau0CixN4Vmmo6Ljts572awKSe5rIAhSIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43883072af-LHR
expires
Wed, 05 Oct 2022 09:24:12 GMT
regform.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8a38df89acc13ff49e34007ff20f89e1d20785d3363c0c1c14cdf5d1934219

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP9Qy5c6TRn9VVVirEyZsiYso7BFTFHEPI2NORJPYaelqt5DYKLx6K8KtE%2BUWw%2Fjyy%2Bi7e3SAMcxbviwd4CxknAvg2gZsuUdlLWxE6NzdT%2Bli3oAjbGNqjT0DNL37Dm00a%2BQ9hLCug%2FOyww6oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43883272af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
recallbar.css
offside.com.ua/wp-content/plugins/wp-recall/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/css/recallbar.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e9ae1458b36ebe857373cbeb07e1aca3eebc0cf67516c1c841cd98495fbec6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72AVgYQ0%2BaChaiuVzrU5eGaTnaHK743LjHytOAerXtp6bTliVS8z1qhHKgvjI7Py9TovXRGerW57wvFKwheylrgisbGLnjY7QNJhe1iJFpyLsi4%2FVmU0oSU%2FRqZ26YrtdpV%2BWxOyZ%2BQ5P167hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43883572af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/theme-sunshine/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87038e38170c8ee523a5abcfc8c0a25ef98523caa85851b24ed1e195f90f482b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78582
cf-polished
origSize=9774
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc%2Fh9U6PLs%2FIgZh0hdyZz0X2XSJ%2FzpPZYlvZ77FsvO4M0cOYMp0kSRSLMIOF0mHMfKChBFZoI%2BKVn8EhLlpV8X6IdT9GN79YAnZz2DuxJgXYJWMRxGRuPf5X0j6qbwUorBmJPYoQbLvS6fE%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43883872af-LHR
expires
Wed, 05 Oct 2022 09:24:13 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2438b4fd59796fa354af36092272f00a446507a7979243c7849dd589eaa5f1b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587958
cf-polished
origSize=8701
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g93LrvT2ynF%2BWdr%2Fk%2BUpXMoWQ83GaMk6IT%2BnyWBaJ15VOifijmaWNuozFblg%2FAcZ9NyCD2IFL4AE3sIc0RklrQ%2F06bOjBtKZiG0mIHuCoGql5Ww0JbyeiodQdHo99iFwTSrGcyi3keiHW%2FEiBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b85e72af-LHR
expires
Thu, 29 Sep 2022 11:54:37 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc8c33419378a34dc5449ee25e421efe99767a5d5897e3c4b5f3a14ee15115d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55619
cf-polished
origSize=9252
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FrQZSvpN0k6DDprTmo%2FsK%2FXVhDocn7e7XtIIp8GeRo9MPLZM5USMs2RNvHxAEu0bLA03QQXAC3YQC2HTVnpucTnQq8aiLtONUvhIORxftYNjtwb8c%2BuqHPi9jY7r3DhSWBZHgu9Ka9ljhKGLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b85f72af-LHR
expires
Wed, 05 Oct 2022 15:46:56 GMT
style.css
offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c91639d6dbcb6709cf1878dd5b3c7a84071470c0d31dbf7ca84ee01832151

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32518
cf-polished
origSize=13356
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY4%2F8sNloQbA0JX%2FBUCni0Ttz7wvG9j7s4q0bLZO9uq6K4FMuv7HIV0Ef%2B7GjeZ%2BM816nM1MMsDr1vP%2BDbNJQruX1HjVq8NlH%2F7eoMDi7eaEuND44xBvCQ2IMjYU4qZWOB55fKebZmmW7LOCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86072af-LHR
expires
Wed, 05 Oct 2022 22:11:57 GMT
style.css
offside.com.ua/wp-content/themes/urbanmag/ 		77 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd692e17ffbdd6c487f570808045f74c6d3b93d61b6cd7a0296ae8c451eacd0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
518871
cf-polished
origSize=93053
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 20 Feb 2022 20:14:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4qOXHmdhoyOdQdbXMNz%2Fb3%2F%2FiYb2ndkRx7rnFxIBdrVasy70v4ZcT28Ou19DgqwQ5JSofuaj30QYn%2BeKfm9EKGwAHd0p06DZBfWP1GlJ8CcfQG2m3k2SODWWH8Klw%2BcYprW2nEnGrt2gZ9Gcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86172af-LHR
expires
Fri, 30 Sep 2022 07:06:04 GMT
css
fonts.googleapis.com/ 		14 KB
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4da6ec1389494a756e302de69d0a3dd8cc2307d0f0fd26cf3d296df3cba2e08f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 07:13:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Sep 2022 07:13:55 GMT
css
fonts.googleapis.com/ 		3 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 07:13:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Sep 2022 07:13:55 GMT
superfish.css
offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/css/superfish.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6de8fdce0389adf4da099857373c7419ade67e4f9854fa602a97cf5b3d6a206

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315372
cf-polished
origSize=4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r36oUKgZbj7dgWRYrqALxHLDrqJXVlTFntCQmmmvLdOh4VLhjL7A7s%2Flp8EhxP05ecqtqEkGYwmIrUR%2BHtEx6WX9hC%2FUHz5ZnEHvfMi9KF5yhTqqyokeNrVVewgj926sWAbcu0v7eWb1dGkUHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86272af-LHR
expires
Sun, 02 Oct 2022 15:37:43 GMT
component.css
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/component.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6039ce729a6c8041b44b7285bf244469b4d369991d6ad1f63711d079dad29b07

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78576
cf-polished
origSize=15900
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzGdEK2l6S34wuuZGt7X8rwaxtj1pacbYvcwv7h9ROrtW6qfS36wSSUEpfiORecAP7KCJR0tf1eQnOhyhS2K%2BqRlh8T2B2Q1KZ7hvSe1UYP3LaidkXG4ughDGwv5IEsYo80RWpYTcMjPQN8k1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86372af-LHR
expires
Wed, 05 Oct 2022 09:24:19 GMT
font-awesome.min.css
offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
78575
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVX5GmVz6E3UE9Zm%2FIZa%2FalNkmhLvzht25tBGivbSRhxSWMGSOR60%2BlahMYXZVETnFECsiic8RskGSeRT%2BXfEMcOgkCsQYtDQZlDfHsPYsJTxaLFWTz4COojlbep%2FNB3Nf6jkGtRitGivWhb4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86472af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 09:24:20 GMT
jquery.fancybox.css
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/jquery.fancybox.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce087d1d736beb8d869939f28b6be10aa4660be34796429d59150527054b500f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55615
cf-polished
origSize=5633
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKdyvSeDWpTT6X0hNngj2h8ahJhIUpKpllRnvEKHHEYYDOJ%2F5M%2F76ERvCqerc9O4YsFfM5Z3Ay6aaJy00TAHeTBakUQq7sNGu%2BlDVRKb2K8EK2LQW61KA0WGJrLhPwWePbOR4zSkMx2wU2Dsjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86572af-LHR
expires
Wed, 05 Oct 2022 15:47:00 GMT
flexslider.css
offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/flexslider.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4640640359f504d069e542951660e3aa43220471c2fc5a27a3aaf7e414cdef4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78575
cf-polished
origSize=3632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FQwSgXT8kxGjlF85YqWroZHF5a768akmx52JOzLPYfF6wrx4UA0UyzNpGy07DT2qMHAwg%2Bz%2FNBzqezBXOwaS%2BwLNdaLN1LdkCcsamlkMYT8WYifpRqOSAP2v0Wx1eF6Um6N%2FjR%2FyvFxBEDArg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86672af-LHR
expires
Wed, 05 Oct 2022 09:24:20 GMT
style-responsive.css
offside.com.ua/wp-content/themes/urbanmag/stylesheet/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-responsive.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5484ef447d51f1402aada17408f1a7322315241f3df6354f931242cd51450d5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78574
cf-polished
origSize=6666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAtAYpVsmyqy%2Buag9v2PGpGbjUg2jebj2hNxMtuYveNd808%2BT8uRB73DTVggfQbdMZWJPWyjN2D5qpRf5t6trCUE7zokPKdauYQRQvJLyY6uQrfzUOSfcOz5RVDYzrZh%2FvgN9LiOQcno7K3%2FSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86872af-LHR
expires
Wed, 05 Oct 2022 09:24:21 GMT
style-custom.css
offside.com.ua/wp-content/themes/urbanmag/stylesheet/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6527aa400c84ad7f1e7d474027b6823a39662321e6c6e31732f14d4051d46b41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78573
cf-polished
origSize=40629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Jul 2022 14:12:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QM0FPRIzr3Ltss5yzaCDPjheUNc3%2BnSHNVWSLuUA3PkSBT%2FT8gr%2F9WES70OWFPf7wGZ3iWnuYF4uC1BnX0ucJFK27wrE3yZgH6PwYHjUfhOdF42G%2F9HuxQhBfwRmxzBd71dPIjCe18JyqGJaxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86a72af-LHR
expires
Wed, 05 Oct 2022 09:24:22 GMT
sassy-social-share-public.css
offside.com.ua/wp-content/plugins/sassy-social-share/public/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.42
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7001aa094389a4e85c7b731e35f87a7a85f7575b2d69f16092f65842f3b68a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55618
cf-polished
origSize=9700
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXLgw2kmF3IjvZSx%2Fd8Q%2FucZLFMiCDWB7uuZ5faEcuToDBj%2BrPPLjw0%2BSS8he%2B9m3eL00rp6c4c7xuf7mXHVY1yYxz2joI6CqXQWiAe9FcxCRlyg5%2FCAEVw4KJksOsz3tbzJRwzhJ02%2BAWxIgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86b72af-LHR
expires
Wed, 05 Oct 2022 15:46:57 GMT
frontend.css
offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6dc0b8e451822061daba4be79dc084125a2810b8f3bd7a520c788eab3d5377

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55617
cf-polished
origSize=4181
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 17:14:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGmCxUrNYZGlCaoBQeVezDta5VofC6ZjKVPf3MQWgD9J2j1JmJWcIWcZKqfrAcvss1W8rWa65rRVfuuXZ7fHYIIqb4gLGnmh1BAdYGrGLr3SSE7MaEC0VaUw1z4uIJyqW%2FSRCdn%2B4m4p3y7dHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86d72af-LHR
expires
Wed, 05 Oct 2022 15:46:58 GMT
masterslider.main.css
offside.com.ua/wp-content/plugins/master-slider/public/assets/css/ 		55 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1285c19a66f8d009fc6ecdbd27373eaec80e05cb07cc75d47554f912b2fa06b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33678
cf-polished
origSize=64689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 08:19:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vHHJ91ZMi9w0JUsav1Oe43JneNWLUsmI4h52rwPfspktJ8NClu2wBuYTaoiJzc8f2fgM0EX4GdqKfNSkyG54pfeQHomwjHUbqVHpX6FUZQAdTqHAkYznjOfmX%2FX%2FzCfaKKIEX0NrF2PIlZK8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b86f72af-LHR
expires
Wed, 05 Oct 2022 21:52:37 GMT
custom.css
offside.com.ua/wp-content/uploads/master-slider/ 		0
314 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/uploads/master-slider/custom.css?ver=1.4
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55617
cf-polished
origSize=266
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 08:19:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B4iyZJBV5KnIrKD%2BdzYvz86Ls3xqLuwT9z7vqupskqA67obZbop4kisk8DYCR1uRxy0RzsS2yDQfoogbD5s8ZmKtRvYp5IZ7OtI0PtxEDEvy8DAb%2FbG6%2FOUSMXSPvcW%2FFdmrMa0ZIcmhCpvKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb43b87072af-LHR
expires
Wed, 05 Oct 2022 15:46:58 GMT
soccer-info-front.css
offside.com.ua/wp-content/plugins/soccer-info/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/soccer-info/css/soccer-info-front.css?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9657b0a8fad94d69d0317ab203423ac22731eb3b4116482acd110ab96f976563

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32513
cf-polished
origSize=12307
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 18 Mar 2021 16:55:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQYSLtVRcXlSfaqx%2BEpq%2Fv%2BtZ1cNvrMNisNU%2BJWy5HmAr%2BL5LRVNlLaHuNiWx%2FGqaN8JByskVMBqKv5146TAkoOBkwfSB72T15%2ByZISCG2A7sZw4Xmf8t4298f%2BRHpuOYB7W8RqjvJR9SiGhMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87172af-LHR
expires
Wed, 05 Oct 2022 22:12:02 GMT
frontend-gtag.min.js
offside.com.ua/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 Jun 2022 06:06:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mn9WjcwWEwH7EGTsbeYUDmDdVPJ%2Fq4IDNHVni7Q7geIZL8KgIgpp0FP2b2042nsC7Abq4E9HvR0fu0mHPJ5ftffNjhVjkMLN2u%2FpNeoK%2FrXt7mEniFddRSeJevHRnVpBoTQSfASAsLAj%2FCEGHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87372af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
jquery.min.js
offside.com.ua/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 21:37:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
77890
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAyciPoTLVN2cjy9iuA13v%2FTuRDXvfe%2FdUPBGvuTHXSxFVkn4o5TjigYKHHpaevQYPulEyqprvwp7%2Bx%2FG0apBOrf06SNeCwgCwe2O1GYG0qupAlFY4ewEOan%2FPIF0uBkUIx8J%2BqyOTifzHrN4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87572af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 09:35:45 GMT
jquery-migrate.min.js
offside.com.ua/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 12:36:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
55615
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2ownmqajZSsBDWe2B60Hz58XBOEB%2FyDD5BuWf0Yket0ghAlRJqNWSIrz7TmQFqnhondYv%2B3GzextYRXg94eA4b10aKRwYjsaEKgDdQm1F9I30LqSGKaKl26Ce0xxGkp8dU9zb6TQE7x%2FlaYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87772af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 15:47:00 GMT
core.js
offside.com.ua/wp-content/plugins/wp-recall/assets/js/ 		49 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd54b8fcb95379bc52d782a7224898af40953c092a34279bc83b36f9f4840de6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwx3G37p5%2BzUQI14xP%2F2B1hS2gM1x%2B%2BFyoaXeNpOIWrNYN%2BJ2AfSwAzANEV4Rb67z5ke6Y%2BXVaYA%2Fx%2B1FtFH%2BsTXauOvUm7o8VlMfgzSS%2Bgkz476gGUsq7%2BO4lar%2FvW9kMRDSsTKFbBThbbEKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87872af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/assets/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901c3fdbcd77b88cbd1ff6c3771b83c2eefd6794de26dfa44f7b5f37a7e98599

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z6y38iQjxI%2Frgk1ECHcIAxAJHrr2lf4up48o9VgAixfjazq0Hr8JLzKZTfrep9iCbZimQjXRCBH3%2FL3LM9sAdBL7sPbPmHpOwk%2Ff1sy0fKxAwhB4efe9UBlpu%2FBG78cKuD0uglU4mGQVAGG0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87972af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/js/ 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rating-system/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
807eb1593cffbaecc4ede4ca6e52691b9db2a9e943deeaae66652b31398a7616

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw8ggp9n3S5sOiNT24Adhlth374FZ80671f7grL9zMk4mepo447yPFTEPr6KUTEy04ySpHMK3w9zWJfQcZa39z7WCd4Ni7afG6S97nJQqXQ40vDIzbl7y2KXBQzyGMIwZMP8Z1jqhGNpD0Ctyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87a72af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/publicpost/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e09dcf5ae39b3188fa21f136192f64ca6b8269c11752237ce3a308ae6f5a85d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FMLzz%2BASC7fG5mXLfuex96m6IVCShLM0CwVM4nfZ7yQBPU8LjMDMUfPJGbCn4PB5iRITNRVx4PKAflTc6klvvnPMSpRjgWuisFQHlI45bI2G2ufEw87S%2Bris0SJKNgzDqTff6ohLhx3k3W%2FXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87b72af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
scripts.js
offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.3
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5346e1a1343f6f33d953371d82c8c8a7cc5e7e07a58689ec49d7d9e4452c6f7d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0roCEoRyiXF4d8SrHer64%2FSZpdbsVjDocLe9nn3PfOvjWDCg1pMcHnAK5OzParhT8H7QKv5VTk7PzQIa8vTq0d%2FxxdpLdLVhK78iLjoyLPzQnDHqjm%2B4A50A3%2BghKhCxkcihq14RHJrnsJ4JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb43b87c72af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:55 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-29T07:07:23+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Fri, 09 Sep 2022 06:21:50 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
440a8b9860904dbb79292833a108f6e9333a56389908a1fbfe5a010e921949de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75015
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 29 Sep 2022 07:13:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
588774c7766b9317d06b992979cdf1dce5b86b0a4ad4abee0b397e6bc9357bb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57593
x-xss-protection
0
server
cafe
etag
5963977670043790642
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 07:13:56 GMT
1-min-1.jpeg
offside.com.ua/wp-content/uploads/2021/12/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2021/12/1-min-1.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c3747d29a27dcd07c6cb7d4dee61fccb8de904505e145bce04230b762190e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171298
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
241119
last-modified
Mon, 27 Dec 2021 21:05:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djd%2F7jagGql5yO7b%2F3ThPJnU4KCtm9m2K4jLserb97xtylLHybB%2F0jPp3KXtSSzlUpwbkBEF093Kv9KUc%2FYNOCKaWchNdPPz9EwIpHIMz2FdaXQv2MRuqLiMUK70P0I7S0rWXgE%2BbI%2BzxcrkNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd470696-LHR
expires
Tue, 04 Oct 2022 07:38:58 GMT
facebook.png
offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/facebook.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f616744c5212f524a7ff47e22a04d7f2ba7b2075512f932923a3fad65040150

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHDefj9cjjrRe5ghZCmjlbZps1MS2Xcfh5yspyqtTDTo2kkE%2FJPHclGa4BjQAA0ghaD53hh5ZqL0H6ZTjSSom8xbqMZTYPIuHL%2BpBEB6l4GdH7890aBVBg0HA6OaK%2BkoYVayS6zYy%2FMVHbPgQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd480696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2963
expires
Thu, 06 Oct 2022 07:13:56 GMT
twitter.png
offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/light/social-icon/twitter.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52258c13dbe41865ee9bbd68e4e15cbc2105e276b5bf907c76b308b1bb952a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3146
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjmvX6QRoTnSiApAvhPsJvN0EJv%2Fm856K4Gx%2F5KSeJz9LCd7X18fHjjqa0yPp%2FKk8qww%2BP2w7qOj%2F72f2CYuYOSap%2BQE0EE99tzLm%2Bi9JHwpSP5zafPCRSJvTUfos2fGRcdcoAkoFSxi1cxwkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd490696-LHR
expires
Thu, 06 Oct 2022 05:12:15 GMT
logo-big-2-2.png
offside.com.ua/wp-content/uploads/2021/03/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2021/03/logo-big-2-2.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5de0ff9f66605a6edd3434522aea6f05b020a1de93e7b3b6c8edc9e54b63a89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99637
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38108
last-modified
Sun, 21 Mar 2021 09:02:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1K1yIau%2Bkg7djORUuE7Hj31uUpH8SnvTLyNlJMNCMuppcZ5pGUHCqtDiXTa9pUtDBWPmo4ruFp%2Bg3HzVdxVYf94lYvxUZuu9qVSWZQTN58mKXGFH2JUhiTTvgHRfJXKnl9u2hcwEooi%2F5rbfNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd4a0696-LHR
expires
Wed, 05 Oct 2022 03:33:19 GMT
c6qktkpturbxy8yotqynzuwztq4yjrkmzkxy2i5ztlimwyxywvjmmy5oc5qcgeslqmaam0irm0e4puczqfqamld-670x456.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/c6qktkpturbxy8yotqynzuwztq4yjrkmzkxy2i5ztlimwyxywvjmmy5oc5qcgeslqmaam0irm0e4puczqfqamld-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30dae9dd123086aff34ed8068925dc33842042351a77852e34b4edd8a2ae4b29

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 18:21:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ih5MRWvGR9OoEYIChbwCWtS5b4A%2B%2FbqpH%2B6BGIm%2BkIrbf6nPraSd0RP%2FzMXb7xf4WfSNDyve8fGGCkAzeLRR0eKMrn8dQREiE30qYAVgfmqGu%2FBt%2BOzsB1sIy9e7rzvlgVtVtibsMYRDvExoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd4b0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62350
expires
Thu, 06 Oct 2022 07:13:56 GMT
rn8ktkpturbxy80ngvkmmjkzmrmytmzzdu5mdc4ytniytkwzde2nzi4ms5qcgeslqmaam0jrm0fcpuczqfqamld-1-670x456.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/rn8ktkpturbxy80ngvkmmjkzmrmytmzzdu5mdc4ytniytkwzde2nzi4ms5qcgeslqmaam0jrm0fcpuczqfqamld-1-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9bef3eeae0579f5e9a6bdb6a165eac03fd106cde594a64d84ab4e66347d3d6a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 18:54:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5tQxI0OG1C9UsYTd8VPQMksRqX4g5bGHW6xwvQKMZBgft6Cv%2FoMg7Xj0zbxhV5FjtyH8sCjM%2FUwZ8fW4JhsFzjNNXYbHNM%2FSxJ6beAjfciDFk6%2BMc8wpCS%2B8sW7g7LFl2HbC3xO3sYbDSHqSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd4d0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42661
expires
Thu, 06 Oct 2022 07:13:56 GMT
niko-670x456.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/niko-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ee4cea243d4bbc3c9a46426fbb283b87ea56db3a2823bec0d37dcca8a267b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 05:45:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1D2%2FpOiuuhkcNP6UZwD2elpYErQMYiUiz3OheA6zv%2BGh4o3yfG2qMcPAzdjquOQes5Dplqq4dxxH%2BwkOgC2y84wfZJQSs1axHjfbW4TleOKy545UVx0RFxknAgzrQwu9AupuokdhnT7WhVq7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd4e0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46304
expires
Thu, 06 Oct 2022 07:13:56 GMT
0396938240952-670x456.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/0396938240952-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5933f670fcdc0426d1e2281f9dca1fdf7992dce035811a6428277499b81847ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 05:27:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jp8O0U81Umznflp3quQYiKBN%2FSlXy1k4Zm8%2BY0Nm70UVk9n%2FwLHrwBNE%2Bo%2BnQ0zt%2ByPh8JXNziXQ1lbhuI1hyEDjKr0zhxvi9UyLWLEcIS5wG1eBOEaIKu0PLAoBfiJevFpZFj9P5Z0hhMf6Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd4f0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70590
expires
Thu, 06 Oct 2022 07:13:56 GMT
leao-670x456.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/leao-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24711c83dd882b0b70b4c05e31bd5b9c3e32d17683d2b49539a728486881ec70

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 21:26:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buON4aMP55hnZaOpzPrgntX9vd%2B3mzCYFtayRfl5TFAtnDgWYtR1Co89X78ulKD1nq7Ml8KmJheznhND1FXImtvbwFbHdpJQEwOLtHXCj9zeyxV9dsX%2BwfwWGDEyRXDL9f5PvPra%2BdXB7tH%2FYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd510696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38170
expires
Thu, 06 Oct 2022 07:13:56 GMT
3656565-670x456.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/3656565-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1ca159d9823aaefefd7cab9e5fca4bd3ed138fbc94f6d91613da38d9606124

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 21:18:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLYhJf6etNwSdB2n9%2F7oOS8WunWP6PQv82Hdfqfpzrf44%2BjeY7mfOU4t%2FFnDSqFfyMsv7eJylgixLwz7qa97ryIdSfwHII%2FoLMa1xVsYaJyvPU4HT8jWuNmzzN0Bp3XvKdT5Zu3v5hr1fTcing%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd520696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33201
expires
Thu, 06 Oct 2022 07:13:56 GMT
56363-699-670x456.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/56363-699-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3e8bdafe20d66958557bd0b2016d8b048f15fdcc4f48a4601fb5950588e756

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 21:08:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aok5D8kt9tnBJKCNrzA%2F%2FJzkdACeXeARTCtVBh4T3TE3TWt%2BQZ6b1yPpBU5byOj0ToPkGk7zrRXGVSAOqImbWQfNbL%2FZ6Lh5o8S%2Flp08hDBJUzXUuFwREBqWyDCTieuPHy0rpzaowHOPB5qvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd530696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19876
expires
Thu, 06 Oct 2022 07:13:56 GMT
657683768-670x456.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/657683768-670x456.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a3f52efe5b777a9193dea0c11da122d4d6a4daf2baeb042a969debdbe7f9e6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 21:00:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtcnhYc6bp88PPcdt2lk9h%2Bxvfg%2Bh%2Fi9eg8RP2psXk3Tcc8yxyIlcvMZAwGWhCEXMUlqxhfX7Zni6%2F8JgviiT4JyWcrhg%2F%2BXRUdgURjfSROtqtpsQ9RD0oggesHKX%2BDEqZGadRLhE3sLDbvTxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd550696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48294
expires
Thu, 06 Oct 2022 07:13:56 GMT
657683768-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/657683768-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
988499438d018502913f25af8b26d179bad9746d94c393c5204608e72c47f813

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 21:00:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lM%2FpnKUgQZw4tF6YCRoe7fefDyHly4pgpnUJtmkug1zQ4NXs5hxIt2pKVSy35Y7iZKOyCc1wqqmU6SGB8dwjiUjfdEOOMm%2F1zB0t%2FsxmSeT3dYCBrXBPUBCqnVl55H3ySLrc%2FgHWydFhPgS6zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd560696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23222
expires
Thu, 06 Oct 2022 07:13:56 GMT
ytektkpturbxy82otc3ntaxzge0otdlzdawowuwm2q1ytdjnzk1nda0mc5qcgeslqmazjtnck3nbcuvas0h0adcww-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/ytektkpturbxy82otc3ntaxzge0otdlzdawowuwm2q1ytdjnzk1nda0mc5qcgeslqmazjtnck3nbcuvas0h0adcww-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139c5619584ef539046f7ab135c9b69c4c7167942e5463f6b3b675c5fe5ffde6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Sep 2022 19:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s89aWfB8ne6dImEBUhVq%2BFUG%2BQ4oK7glDVxv7fVrEfldbDQ7mhLkmUVGwRNASRBf82gE9wFw7dSEdq23ptKK9bY32hF6NHoOYiM0HXuVoMVuSQvplQ2ZUhbSHzkVlchSS%2B5JKcOwATKdQDRPbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd580696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21678
expires
Thu, 06 Oct 2022 07:13:56 GMT
4883949959478384-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/09/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/4883949959478384-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9483291af7020f115211bd712e0f0c71155587a6b815e529e3ec662e72f3fd2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Sep 2022 17:50:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnRmIYe8lVNkU3sMrSTlnKOabMSQgVre0RF31EArhrkKr0qtwwf7jGMg5ZKXgRjiQiDETzEfcl3tUr4bSZxCON1YkvsVKYSnxggQBFOD6l5QIwF6KxYPj%2FoO8YRcdpecWsdXeMYUnSCJvJBf4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd590696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21164
expires
Thu, 06 Oct 2022 07:13:56 GMT
rn8ktkpturbxy80ngvkmmjkzmrmytmzzdu5mdc4ytniytkwzde2nzi4ms5qcgeslqmaam0jrm0fcpuczqfqamld-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/rn8ktkpturbxy80ngvkmmjkzmrmytmzzdu5mdc4ytniytkwzde2nzi4ms5qcgeslqmaam0jrm0fcpuczqfqamld-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8767efb7cc987d1d1ca3fdfec776c55c82d5f519ea2c780e6999555bddef705c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 18:54:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5oGVLhRWd77csU1XFVzidC5eZscn64jHMi9xWukH726RdBb4efNTC8nLReF2zGCR2TXQE5OhaxWyk4w7k1u5V%2BYbsY1Hupzxw84oWYiP4jQXTDuHMwroRsDbZQpGPSHYPR20JJ2Gk%2BdEhKJyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd5a0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20522
expires
Thu, 06 Oct 2022 07:13:56 GMT
0396938240952-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/0396938240952-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c3fd260509751a6a247cc1f153666aef665e84908be6c3dd7ff97261bccb59f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 05:27:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzUOCRop3WuTVa8U5CIiuz4qE%2FEANDL0TMa5yT9cJxAa06QLyQtpsbZ%2FUff5HANP35V7IlQsJWfPRsQ0O%2FG1Pqh3vxOK6W8ObgNPDR%2FayfwN0gTPsElhGSanc0A1vDIewc1AumWzixYmawivyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd5c0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32936
expires
Thu, 06 Oct 2022 07:13:56 GMT
leao-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/leao-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74bdc1000a9008f9947df25429a0a4406104f70a6212a7a430cda94393fdf21a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 21:26:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BriU%2FiJC%2FELXovXT67Rd0J2y2mjUUS9B6RohXAQ8IOrhI%2Bs4J0g9aZzA3pYoTGYmzTKRv0CUoXob%2BZ2RyNzEoWMum7alTIY5m%2FanRdm9cAQp%2Bnqy4KdLk9FlYZ5zrNoUiRfWZczrCAsNVZqxiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd5e0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18356
expires
Thu, 06 Oct 2022 07:13:56 GMT
c6qktkpturbxy8yotqynzuwztq4yjrkmzkxy2i5ztlimwyxywvjmmy5oc5qcgeslqmaam0irm0e4puczqfqamld-700x400.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/c6qktkpturbxy8yotqynzuwztq4yjrkmzkxy2i5ztlimwyxywvjmmy5oc5qcgeslqmaam0irm0e4puczqfqamld-700x400.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cafc42ebbe4a31f3eee0ca6916d359d105a5fba58a899bf41cbdd1bdb6d5b2d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 18:21:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJHWO1qdYg1mcO83qteMaNnGb83U3koS4jSV7hsGw8gPoYNvnT9mlezwoyeg4yI%2B9MGBWyFsPQJ08e4MJIVvtvSyfdSd6Ni1PvXPo3vMkfxYrder%2Bo146rExZ9PllXBsl5Ayvu%2FWSzl7XJMneA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd5f0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57575
expires
Thu, 06 Oct 2022 07:13:56 GMT
3656565-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/3656565-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee81b9a9822fe840aad218d0572923ecfc34252e9a029a01e0af18dbaa803f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 21:18:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHahRRnxGwFrdgM12izf6nl89qpEy3BXsIp1UD5cYsvTbV1WLsoJGubuXVUodBtpW8NPrm4YX3bURXpS0dn5kkDh6cE8zqu4MzuMXLUaBt%2BRyzWsUOfWK9sIFtcpkpQR3wjz5FWFfYAZ9IvRDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd600696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15863
expires
Thu, 06 Oct 2022 07:13:56 GMT
ukrsco-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/09/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/ukrsco-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccba3325d1054036ca9b97100a703207868c08ec29f17ea2307ca3f8b7242a1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 02:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDkatgkkq%2BrMRUDsibyNVY48uZ%2BBfhLh%2FBeMwbjAOQDqUojX2CaARm27J6HoAj34Vd8VXZjVPPdAbTiphmJFxVMaZICwagWgR%2Bhzcv2Tx1JY%2BX2ODfmOqFJq9uuZCxnEE%2BySO9zXMJSEN3Lo0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd610696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23475
expires
Thu, 06 Oct 2022 07:13:56 GMT
resizer_16642610976791-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/09/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/resizer_16642610976791-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb7859de3585c9832f31955532cb32fe3ffecdfaf050c0192d348bcfc100801

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Sep 2022 06:45:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QohrSzEZ04i1MoFVurjw7XT5g%2BP4ND6eG90tgZ2A7ZmfYn0%2FRxnS00Kd7TB5vRlxxZ2oh1HTCgN6nTtY4IHduUCjFBzA%2BRtr%2FcT5QANk9G%2FrShoIqOOCSKETNLdeEwY84y6Ltr0kUJmRgMC92Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd620696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25972
expires
Thu, 06 Oct 2022 07:13:56 GMT
resizer_16613323304921-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/08/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/08/resizer_16613323304921-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e331b6ef26566e5fef1f3d3733ffd9253f246a858e988a7b826d13f27bde4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Aug 2022 09:12:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0JS4uagH%2Bql4kgOuNvIfl2F6Hfo%2FVzlYA7z7ROmsOKAR12w4BGBixHgfiBzmJh7NC33HeHrIBnrxSOl7wl0Q75cuMAOby9MFh5iJTAwLJgLV1rJPoePHQcSWPJ0TB9%2FRU1qKXe7gsykD7K5AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd630696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19422
expires
Thu, 06 Oct 2022 07:13:56 GMT
5373535-400x300.jpg
offside.com.ua/wp-content/uploads/2022/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/08/5373535-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5a5af7354f03fde826fb4e056a1e175c19a672d398341c11b4b851ae181e31

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Aug 2022 17:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1dyM8n8C630zrrEMPafbcWIkPjb6GLAo%2FgQelfsDX0GW5%2Bhq7C9Mc4Joxmyd4Tz6sSpvsd%2Fi%2FZ9DzvjdUMkt60hkDGtbO3y7zzAY8N4cmFVYTU%2FFS08HJBOZZk4fnEOVMFYED2fd%2Bqpy4pBHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd640696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22076
expires
Thu, 06 Oct 2022 07:13:56 GMT
334334346-400x300.jpg
offside.com.ua/wp-content/uploads/2022/08/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/08/334334346-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f606a97ef04690e54406034c0fb8afcdaa9393770c2b8295a423c4577a02a673

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Sat, 13 Aug 2022 14:08:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmUv8WYgjzzZ7ZLsSUOjaUpOok6xMtx5SpEaAE%2FgqkgiKLTYgrSC1U4BRxIR8a0mpnQfKyRd0W3ToFXNuabpxk6Yy22P1a1MzD4ovNOnq6p9m2HAbMrt5WVFeNN4ewN4RMma5wCpQ97x1J2UdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd650696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19130
expires
Thu, 06 Oct 2022 07:13:56 GMT
resizer_16596031032491-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/08/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/08/resizer_16596031032491-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6667d6b8a71b23a3107b43dd9d4d1671a17e69f85a8eb7d141df873ae2a6fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Aug 2022 08:53:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adKjShVqMbwa%2FNpqjpJYJblZk9jHRUGGJ5ClEHI8Q1pUtm4H9jUlwwLdQ1C3CZ9XS5in8l26jEmSJk%2B8hHrbvLbRqnZry0HbGEih48BY9q4tB0raTDivo4X1zEi9RsIj5mjQ%2BGqQp2tDCzxmXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd660696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34932
expires
Thu, 06 Oct 2022 07:13:56 GMT
resizer_16589951265711-400x300.jpeg
offside.com.ua/wp-content/uploads/2022/07/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/07/resizer_16589951265711-400x300.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80dd5640ffa151e0e9bdde1aec96af46600376fb8b0e29f8a72a8b9a7c3a14f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Thu, 28 Jul 2022 07:59:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZ9y2AycsKjqs7LuhGWEMmvSFfSmx2NjJRcBEquOKOdbAbeXE8F2X4Y6YODaQsXwBIUp24FWlKxNCt4BHzUfDqgy4ntcWYWU1qC9F2lHqv5r6%2FfnllZIYzYKnDfFAVwaORmsJGEM%2BcV3nEyhOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd690696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32236
expires
Thu, 06 Oct 2022 07:13:56 GMT
6363463636-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/6363463636-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
502d970a52aa1f76ce3a4f1709bfbe7727fbe720eab75eef6175792690a108ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:57 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Sep 2022 05:40:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90NEWRKjOVwJmcDpfmr10PfHz0jKsPQ%2FNxFdKXLmHlGzvIH2pygihyuNaTPzy7o4lB%2FzhNM808Lv24tTVZT%2BEju4RWJU6yxYUP47yzpJ0966gXi1NkxS%2FvMxXY9AbeBDpx2faNgRb5DFTGri8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd6a0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20341
expires
Thu, 06 Oct 2022 07:13:56 GMT
737735737-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/737735737-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f24a5e889f8fb07411186efa5251f6e740e9f2b6694787972745ea7bef40b2a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Sun, 25 Sep 2022 07:48:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maMRNIbfqMpt0ACuuWmecBly8YZ%2Fv0UTcb%2FvL5opdVRiq4R8gSoKMjPPel005puTjuHdE245OftUFihivr%2FX4cXYF9U7AJo7Aa5cPVogtGJhGOVWuJHFMt8LPU%2BbiIVWWNeyn%2B%2FfNsgNQBnw3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd6b0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23367
expires
Thu, 06 Oct 2022 07:13:56 GMT
736246236-400x300.jpg
offside.com.ua/wp-content/uploads/2022/08/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/08/736246236-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b15f7a7f184880c7a8a88ceaf6b9d34817d33ef652c73bc15d65040f27f3fe69

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Aug 2022 09:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mu4LF2qJvMC1gwXEev%2BleytEOmU3Ib6i58FMcaFLSsaRx3UF%2BwT57NSHzCIJeaN0Yils6cYUiC8YBxPX0b64Yhcn8uP%2F%2Bin3GUEW4HlN2E%2FIZlw9U3ZbVrJVX8B4cAtIQMrtmBTBiVTBknJR1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd6c0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23884
expires
Thu, 06 Oct 2022 07:13:56 GMT
ytektkpturbxy82otc3ntaxzge0otdlzdawowuwm2q1ytdjnzk1nda0mc5qcgeslqmazjtnck3nbcuvas0h0adcww-1-670x455.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/ytektkpturbxy82otc3ntaxzge0otdlzdawowuwm2q1ytdjnzk1nda0mc5qcgeslqmazjtnck3nbcuvas0h0adcww-1-670x455.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5ee8f6231b03ed2aa9e411bb2137041fd06d2b51673a819f04c8e503908e2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:57 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Sep 2022 19:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyv5aKocmh%2BCDVaeetswkPLcZpKkgyAJrXqtj25rYrNmk3R4ULlILduyjAfQd47S3iS%2ByZDkUiGArx7Hx1xAmzOrFpxXkqwY2xm5kQAUWRr%2FYQcJpW3Q62mb1OhE%2BVvxE%2B36tOD2QHNfy%2BPxDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd6d0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47971
expires
Thu, 06 Oct 2022 07:13:57 GMT
4883949959478384-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/09/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/4883949959478384-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91b6417f3673f429a9de3c828d16ca761d979b37415dd23a75cf5def36acc16

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Sep 2022 17:50:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOhLLApOOd%2FUxxYMgKuBidM%2BzaT340gEuTacycNpcSUdvvG2sgNplePhH7sFGur696MuibLISdBlbkhfNhgIB%2BHw3728yAC3fyv1amfrGaQ%2FgIK%2BQOB0SqkZn6bbCZVpVEHe8YRgzGVtJOhUHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd700696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41426
expires
Thu, 06 Oct 2022 07:13:56 GMT
musiala-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/09/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/musiala-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7cdc22a593e409a269b765a873bc075b60afbe0d64212545a042bfc62e3c9bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Sep 2022 18:13:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tF3JYdsIro5VZw%2FS0rhPQAT%2Bv%2Fn%2BJJXRGFTe8V19QGzi%2FzlX%2BJBBa4aLh4rMwoj7sEUTB37Gtme4VOz%2Fdp%2BnSZ4AZl7rjAqs7V2BGvS4QbJpCiFusQHQVNtPVDZPTqyYIhPgPofirg1Qeqlc%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd710696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31264
expires
Thu, 06 Oct 2022 07:13:56 GMT
4838839595994-670x456.jpeg
offside.com.ua/wp-content/uploads/2022/09/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/4838839595994-670x456.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
563eaeec2e28b3b5fb8d6d9ddc5f04b264606630fad575dd7adddfbf7fa82362

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 03:28:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6LH27FI3Bva1gCCXF8lZyfL4JUHiGePkz3PaJIZ%2Bzp7OjFTJ6LvlQnkcF%2BzWeLNNnTDCBgPPFJ%2Bt5rbf0FfzsLUY82Sol5oLv1CNKT%2BD8wDm%2BHXkh4LlTktR%2BsJ%2FUeEjRZsvEMb65cdcjueBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd720696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42096
expires
Thu, 06 Oct 2022 07:13:56 GMT
pm_logo.png
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/pm_logo.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
427f8dcaa42e89577a4604efbbd21af5c268c39b5c6e021f12d060b93257b101

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Sat, 02 Apr 2022 14:07:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdNto1F8ggmxjv77bd5C2dK8hemAMfgm9O%2B1QjQ3h8UsfENtxpb2VbCiUuEnTWygAHPkxyewsp3jLjG8rGbkCNU%2FKUV%2FhgHmFqId4wl%2B1ZQefahAvDck%2B2Q1lf7l5D2UPcLPtv%2F1z6ESOHEjkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd730696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17290
expires
Thu, 06 Oct 2022 07:13:56 GMT
sapfirbet.png.webp
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/sapfirbet.png.webp
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94277769b8916ca8755e5a211d850942e94e1d6621060daa7ffb5c3976b1ce5e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Nov 2021 10:44:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zkl7fzeyXHadmUAg2mFBCVVDbsEMFj%2B6ksZupMuOVxALtoM%2FKrj10zT5YU%2Fct0lsuArZm%2BE25U%2F1aSBqHkmJoBiZWskqE2OI2jLh%2FNl2WHMeApH59V%2BIYr0qkr7tj6Z1oWSitJM9Px3s8q9gGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd750696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2738
expires
Thu, 06 Oct 2022 07:13:56 GMT
Mel_blk.png.webp
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/Mel_blk.png.webp
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2877b9644f1d0214961542e44f4d78fdcba93756941da51b62f0796b5d96431

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56287
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1564
last-modified
Thu, 04 Nov 2021 10:44:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FVUQvRnLZbjnbEmZdCal%2B42ECMof6cfJVRErckCnWhQI06R5MGPWA12Y3MYqBQ7b4dWyIA9E9U%2BAHDEbBs2evSL4mVSoPHIcLNPYMl7qq4hN4VwSGVcz6lvRb2VMMKIYQQEx123%2FvASemkJQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd780696-LHR
expires
Wed, 05 Oct 2022 15:35:49 GMT
mostbet.jpeg
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/mostbet.jpeg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d154521b7e690095bfb6cb7d50d20769a73c63299f7b35561e7266a8ad2f6f41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3513
last-modified
Thu, 04 Nov 2021 10:44:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARJhxztOWSkK6HxP8hPQHFw7%2F5sua%2BSk570So%2F7lazQ9zHlpJJD%2FqBJ%2BvnRlTJzWRJ5WpzDz5%2BVlmhvPPE%2FzI19fsUjH%2FpymvoHPf%2BJ6u71xWZlvgnUic1QEszUhf7XGVuALG9jrKAL%2F0Ukd1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd790696-LHR
expires
Thu, 06 Oct 2022 05:12:15 GMT
1xbet.png
offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/bm-logos/1xbet.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199a66ac6582dd904b4a006853b186b3169cceddddc159f5772e01ee3f31cac0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9893
last-modified
Tue, 15 Feb 2022 21:05:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEXit0eDFHpv%2Bu%2BwMEXG3i0csCRT%2BgNI8NhWHGgfjMHf3xX5Mee87lUGzwfebDBkL%2F8CaIIbOpgKGKAH9ksaY9YCD6A4oLN9TCy4F%2F3eNlkw1B6%2FHQvqmE5%2BNfzVXkN72h%2BBlG3Cu8N%2BkIFBYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd7a0696-LHR
expires
Thu, 06 Oct 2022 00:30:29 GMT
3333732-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/3333732-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7dedbb2327be817cb91eab8f15c83bac411f30f4fe1a88013bd85f940aff522

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Jun 2022 11:36:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1iveqTLlVyLuhJt4JB6CvoVAL2qe9CU9nZJ1Pu82TaNp3wpDyDA3s%2BWZGyBpjp4AHc%2Fs5dewEdh2ZdOGefiSCR%2FSiiDfeJLD6igFHG%2FFteSkhnEgxZv05vDb6VsJXz6mi4A7VdsN6YxyO24sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd7c0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31117
expires
Thu, 06 Oct 2022 07:13:56 GMT
74453-400x300.jpg
offside.com.ua/wp-content/uploads/2022/05/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/05/74453-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6cfcdf1e2b932ad28e31fa67aa30b6c13e15bd0e4cbd8cf973dbea4679c815f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:57 GMT
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 04:36:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kryVyILnAh5VTwuHjuGhAf2SoI0e2Ei%2FBUAj613rSw1PpsTNq9dtYcJUIB5kEd%2FXHoNbBdADXZgQLnl7kF5X1VaRhUilxhtCdB37fvcHd%2FtBSlSJaVs7eyi5yRdd4NLwW0xKkWqZz0EiGlIeAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd7d0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21321
expires
Thu, 06 Oct 2022 07:13:56 GMT
nayef-aguerd-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/nayef-aguerd-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff125f0dfe5af20434e5abc3228bcb63ba4a2a5a286e69e090e16eff29cd368c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jun 2022 15:08:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUz9Omr36Yu9cX%2BTFRLe%2FKRbg%2BGjNgGkrgSVdpbiSeCwsdWRxof8JeE7QsgZ699fB7CYtXH4LElMHozPem4t3MCQLTbASKm6ESRsgaJ6ZOq7%2BCDguSKy7Em3kdomUpOVmOfAff3eDLwfEnj1Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd7e0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19677
expires
Thu, 06 Oct 2022 07:13:56 GMT
vrv656-400x300.jpg
offside.com.ua/wp-content/uploads/2022/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/06/vrv656-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bab567b3903be4386028e78fe6e99876796d1a3f021275834041a2702a4d804

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Jun 2022 05:13:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlNuD9ULYt65GuUL4oT0lOxeYQWfldyYez6paaChvJ2Cb9MYw%2Fza1Fv2ch8qsxyhvd9sTSq%2FwF%2B9ztAirQtqUWNAhVjKJ%2F7tiwF45Zwy%2B6FzYEGtRMDSRsuTep1ZJpHxlogLE6S3d2ItlfSXIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd820696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28309
expires
Thu, 06 Oct 2022 07:13:56 GMT
fernando-morentes-870x400-1-400x300.jpg
offside.com.ua/wp-content/uploads/2022/04/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/04/fernando-morentes-870x400-1-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f4266a842360b89a28c06a7651ca82a1cb88202db2ff6c174d380619a1e6f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:57 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Apr 2022 07:57:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyJr308xyISxjaQ2A2kV5FYqRBoy34vs3iy9scql%2BueU%2BGTir2jopToTyQz7onX9NKvmsA7LQaxrtFAJbGDadhlRJqwYey95kAkcq02r6I4fRbZm%2Ft9U2%2FsAaBkRZKOTukIJ7ZJlluOJOaiU%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd840696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26315
expires
Thu, 06 Oct 2022 07:13:56 GMT
ad-provider.js
a.exdynsrv.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exdynsrv.com/ad-provider.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0ec91f164d8f0f10b75742279950b9a089f836afe7a2b6c9f631a6d413732db6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:13:56 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"d944899a6eb421496e94cbddc42"
X-HW
1664435636.dop243.lo4.t,1664435636.cds109.lo4.shn,1664435636.dop243.lo4.t,1664435636.cds201.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23727
c6qktkpturbxy8yotqynzuwztq4yjrkmzkxy2i5ztlimwyxywvjmmy5oc5qcgeslqmaam0irm0e4puczqfqamld-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/c6qktkpturbxy8yotqynzuwztq4yjrkmzkxy2i5ztlimwyxywvjmmy5oc5qcgeslqmaam0irm0e4puczqfqamld-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30906ac37f6fd8096d8ef46734d873ba8c2a2facd716a2fdc7b9f5ef9685eedb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:57 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Sep 2022 18:21:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmcSW4Yh4hl6LqsV4%2BnpQnKF13rMvGXd2xcKCJ61WoLbCVZ5MvchFRaiNH3r%2BucHvuLoP%2Fq2wy3zLZ6BF7KQt2jKaJHQh5EVq6rb6EPcZJyvyMHwM4w1kg3QYFH%2FrxCggKoMWqsVth9Vox67DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd850696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29298
expires
Thu, 06 Oct 2022 07:13:57 GMT
niko-400x300.jpg
offside.com.ua/wp-content/uploads/2022/09/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2022/09/niko-400x300.jpg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3835ce1e65978ce3accfdb80f6a749e3f513d23d4fe2498a2aa004fee99e02f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:57 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 05:45:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJQLfp0ZkRUpWD19fKuYVBXmKlw9QY%2B87y23b9TGwPAZhZfwCHTyUmmqRO7j263FXt%2Bdc9Wv6MoOCpunfCbcT40QPKgoRmrXUvpxGfnAwDO6oQUXWulOrUT0aiPnnklqJeS9YJEEWs9EtSk72Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45bd860696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23598
expires
Thu, 06 Oct 2022 07:13:56 GMT
twitter.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/twitter.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3abb75ebc673d5c07263ea76e8a03b2f03a12e6a56c050c6b3a37e33e78e72f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObtA%2FxTMv1PoE7VXrAMym1RMoSZu9Hcbwlu2SSD%2BRbWjru2DGSObvUZrgbkyzaeCvnDdn%2F7dnkmBX%2FWxMJYv6QNxKrv95284s7dEps2lOZGgYKqB3lZcCteqZeRz%2F0PAJLOTHKDby21ZdniYOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd880696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
facebook.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/ 		523 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/facebook.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78764c6b55a054871a6a5b36a5704b51eaab0e4394cf6a97cddd3c0ee4d7236e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7301
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3Q7QUQC2hoTDWQSGgXFteii5kAuqravg%2F07zPF57jpGjq3RtnBUtC6sU0P%2FhNUApMWcZF9F5debVzMZtoxscBQZsGX%2FUkXJf7Gknq2yJCsti1esrID3cxC0gS2mEXislgUdxaax3j81%2FNsSCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd8c0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 05:12:15 GMT
google.svg
offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/assets/img/socials/google.svg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37d6e58fbd507020bfee3d26b717393a4c78e845bc164bcea7d7374c4a5d672

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7301
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXwkh5i56F%2BURfSQcUxGhN9aILrrFtf8CHBbhg54%2FBL5cMFj4teBApNL4YjYSQJ6jH02daB4DihwVXADn03YtDz3oR8PP%2FBirVQ8vW%2FiB6DG1ZcZjNXWXsbQ%2FrNnM0cpsnWmgbrpponQEh%2FLYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45dd8f0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 05:12:15 GMT
email-decode.min.js
offside.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Sep 2022 11:11:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633188f8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMmRaGTlgL%2FqSR2GW4UClWmaYj3Mh5L6e2TkGgQw6lvvxJC5lC1mES1wQsQ1vXUmJ7jt43f%2FoBRKV%2B87II9QoGzizIW2copqabkhede0TEXKthFl%2FKG2ol4HnluAcfb%2Ba9ueatnkggKkyiaJfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7522eb451c5c0696-LHR
expires
Sat, 01 Oct 2022 07:13:56 GMT
main.min.js
offside.com.ua/wp-content/plugins/anycomment/static/js/ 		2 MB
587 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/anycomment/static/js/main.min.js?ver=9b87b6e21a74caabf02f75b28bb0fb66
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f010159247bf3b25e92cd7c414b38194bd825a212bf42f9adaa8587bd0253ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Io615ZR06owBUye%2BH82%2FvRZvnW9lH%2BHHGCKmwS9seOezUNhPxEOLjdepG0R3BQevXD3bf8zaaZ5u%2BVIBo%2BcSaXT3innNOx36BwmkAFgxoVKVO%2F%2FhAmmsF8vGk0OSjrVAHb9LZ5N4dVe5xS4UFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45dd910696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:57 GMT
regenerator-runtime.min.js
offside.com.ua/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EopJWv5oAWDBPQGVM%2BjajBfIYdFkA%2FfwMA6nM1WHDZ87ePtCO5FKTw4ll2803h5hWELtlzrlEUGJAnvlHLmfz1wfcx6Sd2u3GMGWp6eRikPpZSZSxCoMX%2BCywJ4pRvX3%2BVcsnemv%2BuXhKnLoCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb454cae0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
wp-polyfill.min.js
offside.com.ua/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
36619
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pId7%2FmLO87nuDe1Mo3b6XTJX5UOf%2BkWsjmZa%2FtiiTDOa5zJRXAmLKqalxdQPfkxBsyxX86WTODB3QG9sq%2BmMZwzsXoidEf28giZpXVjAu2uMY7u11ctRZdTGak9b8f1Hl99MJNFcwYrqPq%2B%2BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd310696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 21:03:37 GMT
index.js
offside.com.ua/wp-content/plugins/contact-form-7/includes/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7abd36a2f651330420d86187c125331d679408d1be7b6cd93efa64e08eaf80c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 Jun 2022 13:26:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRJPJBCJdUbj5%2B9lv%2BEZEfHXvFYj%2FKVDkhBz1cajM8M8hF06UfyN%2BlnACFkCOu6tFIxvn1qL1aNYlV%2BgBPyXMvXYVvfa1NU3ZxXBGWvZQe3YOwXnsNYIvud5jQ70veDtaitG6xo2tQdGZuhSgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd320696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
superfish.js
offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/superfish/js/superfish.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59efaaf0426fa7701b45afa875bed86f118ea3605a2216f7c80137bccd379256

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaMRfO15XVcJ5DTQSxvsOySI1wqSNC9OgsS%2FMITrbUKGyarzqmf4QMujtR3A9RwK5U6Kne6yh4DR6y6ktVfcgX9U%2BIOCFkt2CKoFPpiha8WgbF7nbX3VH5%2BpD2DN9m%2FmHn5zVqx1OL5%2BlQW7Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd330696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
hoverIntent.min.js
offside.com.ua/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtcLsnhQdAVFBnkMdlnVAskfuA17iMbCQC2Gx7DmIIPe%2FFtSooGSo%2F5xKOi88cbJ7XMd2x1bvIdeZV7%2BuzOGaHT13hUGulRPk2UQDZg%2FY2fXcjuzosKCnFSp2YW%2FV3NfBZotHb7egYLGSug6xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd340696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
modernizr.custom.js
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/modernizr.custom.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bed074367042548e1f1ce7d18ba273b797a7a142899b5fdafabf24aa17bb645

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSPlmrWjHxxG2qiJwjzcu0r4bpRmJ506yhDqoEeRnI8QcjiBpA2DBk01IfNJpsRvwTeOJOkqrAsEUMdZLdFgcEPG9QoYkLHSBLdexSDmHxAZL%2FsgjAgA5FQCT0VFutbuMwSUEJayu%2Bg17qi2Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd370696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
jquery.dlmenu.js
offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/dl-menu/jquery.dlmenu.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d34963b7db0da6900ddb9c2fd6b9b9d59844eeec6d2a6a99d3f7c0bc820797b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78130
cf-polished
origSize=7002
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4rNH7A9YA9qUtUxdjtpWhNNNNL6FBUev1qPxINJORegqh6wb4fG4piMNmcXk5MKkeeKnpRF8qBA8hzWwjEk%2F8Os6yHb7iHMBhUjb7E5jpQM6mii45JPowgvMGnf%2F0U4QqPEzW9JpgU88F9Z1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd380696-LHR
expires
Wed, 05 Oct 2022 09:31:46 GMT
jquery.easing.js
offside.com.ua/wp-content/themes/urbanmag/plugins/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.easing.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78130
cf-polished
origSize=8097
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qbsw9j2mT3DnJ4i812%2FlhdJ90Nx%2FGuErqhz2SXO%2FueB7cB%2BJvJg2sbuAd2F19ZuP1SArqxVpvon9A7nPVAVBKDVz9W117CCw08OmlWMqZ1OxOU6P6NFaQeaXpQyY3fzLhCTEXToOx7UUEe9qYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd390696-LHR
expires
Wed, 05 Oct 2022 09:31:46 GMT
jquery.transit.min.js
offside.com.ua/wp-content/themes/urbanmag/plugins/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.transit.min.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js419jokaMRqfkonSD%2FCaqYaduAJdvIvSgZqzq%2BZ39FuWSFTmr4lwc%2BjnvdegD9NW%2FgZgBh0QYTs1cRjJqnt3Tsy2gmrgu5xQYvf1o9PcXI9CBdEszso8LBbfaua0NwWlxGg73em%2BE4s8ssdyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd3a0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
jquery.fancybox.pack.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/jquery.fancybox.pack.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1a9b6c00fd37d1fb6bdda7ae116d62efbbaf17fe5b0241db52aedcfefee68a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iftga%2F28kMDQXRM%2FSyxOMhpt20LzUSF4YOFfBpl%2BSv9NmQCnrrJudvJxszxaLeSxBY%2F6JhXN65PzuPody%2BYM%2FGg6gUUNyKS8nFM4RuOVuTV53OWF4NgTktKxBf5EJjQ9%2BlXP4ftJrI40muMhYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd3b0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
jquery.fancybox-media.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/jquery.fancybox-media.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53e650a83dbce1ab8d93c365299f2e8f5070c414c9ea302f2422ca65f5fdab4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1LZ08E3NoMUNTUNkOhiqPUlUoUc%2FstcAcb3iyrMaXvpNpZtsTcnTnRYlCUEXL5hI4noxkoxcwSdpLkE5O3MpnMX4R%2FTnXvQ%2BYYpb4NbibbAhfekcgVvZMC3ntyf1TVHwyHA0LNdS6sZiBnQag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd3c0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
jquery.fancybox-thumbs.js
offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba02b924fc5beeb370ed64d478401e94a513e970cac2c46266c708348135cf2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kK8rHXdhhYBuFElZqMeklT6bQ7tqzuSGjVBLW0IfCLyczEFYe3eO%2Btv7UFIFzLpvVGoafXhdSduYT5F71zRlcvoNrUvG2NjAo4GTNs6r7qQuc1OoUxetnPF9kng6qP0Lk7iqT1Sdxlf1WJBXiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd3d0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
jquery.flexslider.js
offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/ 		51 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/flexslider/jquery.flexslider.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
830d5060a27f821bc5937b5bba9fe7157a0bf0f384b8cfa1a846fecbee88b433

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bup0oIf7FiiIdU26x6fDLqxdx5slcghqfScDCCSsGF1uQClfvj9IliWj7t%2BaimIJ4Uyml4ZaO0sJE%2F4xEzm4uWiQ2HHQYzjbXVzGTO6PFeZRwRiJXshvzfEeeAG1GDmbVLoefArXkrrJeuAnDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd3e0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
jquery.isotope.min.js
offside.com.ua/wp-content/themes/urbanmag/plugins/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/jquery.isotope.min.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfda5ab4fa75e77566a328adae8566973f7d2a7d1815a272daf58cad64ff8273

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FgFZindrlH1XqDuOzaw9eCU%2FGH22OfAS7ug9ZQoV1Gj3PJhOQcBd6gI9%2FLJ51eSRhhhaV2vn2O2OL4AyMLPEQuR2yp3wWsEm75ZMCcXA0cEPkoVlZW0nI0%2FmOHvpzVu6Jk7iwSyELPChWS4YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd3f0696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
gdlr-script.js
offside.com.ua/wp-content/themes/urbanmag/javascript/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/javascript/gdlr-script.js?ver=1.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb321c9e48f6625271e110a70329b6e0d97482a5b045c110cea0b8b28c4c7fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MAx%2BPebunH4y2o3ucBrRd1DkHvagyb3Bc7szTMIRMxVrNvmsw0vgHy%2FhoejBKQ1adlNX6x8odqnjnZTVKcpLpYL4s5feN9UQ4HR3AR1ka84d7XjTs2%2B7OM4zg8wSYVK39avYY8iEkaIMQx4jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd410696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
sassy-social-share-public.js
offside.com.ua/wp-content/plugins/sassy-social-share/public/js/ 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.42
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28f7b51eecc453bfa4b7794290a3d75918d3983ec835f0089b5a92d90ba9961

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQesk9OfKC0B78opUAF8GDhlas9nu7AUKrOiQc%2BY0nJa%2FcrRCwRuMpGiPRsPZ3zFwrZZ6Gw%2B4ZJb3j9%2FKQDLtZYRYAG2brnZQ1eJhXblQBvkw9FZA8%2Fmyaiq41mCtaMnRY0fQBIv3VTAA8EskA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd440696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
js
maps.google.com/maps/api/ 		177 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
a7e71b4cb660f88db77b3e6843f565b39eedc25fd17f578d5664c39c4e3dd6e1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:02:28 GMT
content-encoding
gzip
server
mafe
age
688
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=137
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59353
x-xss-protection
0
expires
Thu, 29 Sep 2022 07:32:28 GMT
maps.js
offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/js/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=2.3.4
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7fc39482d4eb18e8d9db6f596d4699c2f20d9191c727e9545137cd45e6b157

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 17:14:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZXfUoy36U4rAZhjs7RDujF23bY9xWRmN3qUInEhqYnEmxrG1TuiZz93auz2HvAZUBMwIOOAHP5FFPveIxe0AkSTpGG%2BqqKoqdSpEqUqoMeLSHpzftuCLwQFjnV%2B2LrCHqB%2FXaAhicewTEDsRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45bd460696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
wp-emoji-release.min.js
offside.com.ua/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 24 May 2022 21:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0qkIF2PC6W8mSQIXUnpWIWXU8ledSBL9ZwA4R7Q3U1tYGur2JXT%2BGHh2PbWd0clIxfAHqdxFPzobEs%2FCJ0W0KvgIlX4NE6trOexpRFRYAq5Vp2l9orJ8%2Fx0NZoJFyHcHzETXcMA6FRz2fp%2F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7522eb45dd920696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 07:13:56 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.532739929958006
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.532739929958006
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.532739929958006
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:13:56 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 28 Sep 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:13:56 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//offside.com.ua/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20Offside;0.532739929958006
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Tue, 28 Sep 2021 21:00:00 GMT
i1-1024x268-min-1-1.png
offside.com.ua/wp-content/uploads/2021/12/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/uploads/2021/12/i1-1024x268-min-1-1.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9cb9ae359a625e05528779aa81b4889ca5bbb9c3d870ea207fc3e9502d26459

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/wp-content/themes/urbanmag/stylesheet/style-custom.css?ver=6.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:57 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 21:04:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A93xqrR4%2FKvQGNkaQk%2FdmXAnd2sfPhHk8zhPHQpEeePM%2BTIUaIRmunYNVEnlcoVu3TQVzRgnAspY6gCXY2e4UHh7NQeKkLJRlhhl%2FAX1GUdTAP5HMsuW%2BtN7nmFto4fRyDNhfknpx49wX4Sm8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45dd940696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126809
expires
Thu, 06 Oct 2022 07:13:56 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 03:24:20 GMT
x-content-type-options
nosniff
age
13776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 03:24:20 GMT
truncated
/ 		252 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c88d61050399e0f93184e6e6fe946329df48ef9c7bc23b521ebdd28e10e563

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
I
refpa6781648.top/ Frame 32FF 		639 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
00af177c4d2cf240c75a678221edb7e5c52bc2d83a06a67702fc63c5505cb9e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
414
content-type
text/html; charset=utf-8
date
Thu, 29 Sep 2022 07:13:56 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
5.0
/
covivado.club/catfish/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covivado.club/catfish/?sid=99681&rand=0.5216972833431541
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
565a3c1109b083c57031aff608ed98fab419370a31c69f3e49f96bd06a4323a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
pragma
no-cache
date
Thu, 29 Sep 2022 07:13:56 GMT
strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
server
nginx
expires
-1
ec2414f3522a79b97620ab8d7a56a836-13073-600x200x10458400-[rnd].js
covivado.club/banner/ 		868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covivado.club/banner/ec2414f3522a79b97620ab8d7a56a836-13073-600x200x10458400-[rnd].js?e=vb600x200x48764&rand=0.8680257591672214
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
0f19f6515e9ea09ace719735423f016f152f471a8bcdbf5d2336e0480f102625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
pragma
no-cache, no-cache
date
Thu, 29 Sep 2022 07:13:56 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000;
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
a9aad5ef29d93f6b001878d9ddf2bcdf-88548-600x200x70838400-[rnd].js
covivado.club/banner/ 		130 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covivado.club/banner/a9aad5ef29d93f6b001878d9ddf2bcdf-88548-600x200x70838400-[rnd].js?e=vb600x200x53539&rand=0.018844172085315858
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
b3a4dc93cb491425d6552342960777015f434ed0c89b8adf0fc2a84c4063d93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
pragma
no-cache
date
Thu, 29 Sep 2022 07:13:56 GMT
strict-transport-security
max-age=31536000;
cache-control
max-age=0, no-cache, no-store, must-revalidate
server
nginx
expires
-1
overlay-gradient.png
offside.com.ua/wp-content/themes/urbanmag/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/images/overlay-gradient.png
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f999ea0d328245ae7d1201632b7783931d12b0f936430c31e3fc1b2fb080f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/wp-content/themes/urbanmag/style.css?ver=6.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIzZuG48agrFUQPW1xpjOon6XUJrK%2FnBnKS0FNpKnzu12cnRB9J09OUCRZ2qJHyNJGa3MXuwGWsefZu%2BbToPwVn0%2FWwyReJbpKF83wOQt4Foj9Ax7CUxLpGqJK2NcSYQtXBvRL8si4gcUAGsBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45dd960696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2256
expires
Thu, 06 Oct 2022 07:13:56 GMT
1Ptug8zYS_SKggPNyCkIT5lu.woff2
fonts.gstatic.com/s/raleway/v28/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCkIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 03:33:57 GMT
x-content-type-options
nosniff
age
185999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25640
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 03:33:57 GMT
fontawesome-webfont.woff
offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://offside.com.ua/wp-content/themes/urbanmag/plugins/font-awesome-new/css/font-awesome.min.css?ver=6.0
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Mar 2021 22:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmB4VjDmMNqo16X4WDP0qi40EgDp2x77On%2FhW7OXthXjBhWQvIoNtB626k6f969l530gsiJP4V5KG9Ecr9QNLhFNnSAvgTmofNQiT5gJxvSvWeJfKUgGRJSjDEPupM5ZOaX8JDs9JvjDpldDlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb45dd970696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65452
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 21:06:52 GMT
x-content-type-options
nosniff
age
209224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 21:06:52 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:52:59 GMT
x-content-type-options
nosniff
age
58857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21276
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 14:52:59 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&subset=latin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:57:00 GMT
x-content-type-options
nosniff
age
170216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25036
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 07:57:00 GMT
logo
counter.yadro.ru/ 		240 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/logo?14.15
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
1e0d3317d5f9ab2a3697e10c9a588c533ff1490dc210109f7f8676da323cab63
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:13:56 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
Cache-control
no-cache
Connection
keep-alive
Content-Length
240
Expires
Tue, 28 Sep 2021 21:00:00 GMT
rcl-awesome.woff2
offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5c1ffb80e8c6b709daf7cd8f06a977335f3a35f90332e9bd9a5e605717ccfe

Request headers

Referer
https://offside.com.ua/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.3
Origin
https://offside.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 07 Jun 2022 17:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2nvG9Yz0nPGX70JE4TO05txJMuO2FwHCi7gqE%2BiF%2F8chPJmG9WDBbY8EEA5GjkW6odpUKEszZTlxjrtQ8OCHK4DsE431TpnT61elkyUrtJwum%2FHvvp01F99JmD8immsJdnQkCYas2zgufjuLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7522eb465e280696-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81956
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-83HN7YJGYM&gtm=2oe9q0&_p=1428987149&gdid=dZGIzZG&cid=1554332874.1664435636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664435636&sct=1&seg=0&dl=https%3A%2F%2Foffside.com.ua%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20Offside&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:13:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offside.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83HN7YJGYM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be0695a5895b1ad12ab9927e91dba097d0a7bdbd446db6ff978bf728ac0e5a8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74753
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 29 Sep 2022 07:13:56 GMT
9a550fcc-885a-4caa-9132-06c004e73115.gif
refpa53115.top/img/AdAgent_1/ Frame 32FF 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refpa53115.top/img/AdAgent_1/9a550fcc-885a-4caa-9132-06c004e73115.gif
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.183.39.30 Frankfurt am Main, Germany, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
aayq8530.cloud-living.com.39.183.213.in-addr.arpa
Software
nginx /
Resource Hash
db9bacda467d38f3afc52d07d44734b5d48543fb9600f71f5018b1ed09b87c62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://refpa6781648.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Wed, 01 Apr 2020 17:14:06 GMT
server
nginx
etag
"083e8f2488d61:0"
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
152123
checker.js
refpa6781648.top/checker/ Frame 32FF 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refpa6781648.top/checker/checker.js
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 10 May 2022 06:49:25 GMT
server
nginx
etag
W/"627a0af5-1843"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
expires
Thu, 29 Sep 2022 08:13:56 GMT
c.html
cdn.admixer.net/scripts3/49044/ Frame EFE6 		738 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Thu, 29 Sep 2022 07:13:56 GMT
etag
W/"63049f42-2e2"
expires
Wed, 27 Sep 2023 10:04:46 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-09-26T10:04:46+00:00
x-id
cec-up-gc13
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/49044/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:56 GMT
server
nginx
etag
W/"63049f40-5d41"
vary
Accept-Encoding
x-cached-since
2022-09-26T10:05:14+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 27 Sep 2023 10:05:14 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/49044/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:45 GMT
server
nginx
etag
W/"63049f35-12c39"
vary
Accept-Encoding
x-cached-since
2022-09-12T08:15:52+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 13 Sep 2023 08:15:52 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5MF0YH07SE&gtm=2oe9s0&_p=1428987149&gdid=dZGIzZG&cid=1554332874.1664435636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664435636&sct=1&seg=0&dl=https%3A%2F%2Foffside.com.ua%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20Offside&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5MF0YH07SE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:13:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offside.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ 		347 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3d159a30009f18b2131b20e50b043b4bcd221e866bb925461dcf6f06c856bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125499
x-xss-protection
0
server
cafe
etag
12968769819941734026
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Sep 2022 07:13:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/ Frame BE86 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
3396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 06:17:20 GMT
etag
9671129459699598864
expires
Thu, 13 Oct 2022 06:17:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
94a9b44846143bc18bab943992b72dbc-95721-0.6393747081129062.json
covivado.club/vast/ 		177 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://covivado.club/vast/94a9b44846143bc18bab943992b72dbc-95721-0.6393747081129062.json
Requested by
Host: covivado.club
URL: https://covivado.club/catfish/?sid=99681&rand=0.5216972833431541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.49.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.49.154.clients.your-server.de
Software
nginx /
Resource Hash
9f6d5ac4efb597956118cf8976dfbd3d67b56f404b1ccc71ce79d532e5ee2266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept
application/json
Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache, no-cache
date
Thu, 29 Sep 2022 07:13:59 GMT
strict-transport-security
max-age=31536000;
server
nginx
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://offside.com.ua
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
stattag.js
cdntechone.com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/stattag.js
Requested by
Host: covivado.club
URL: https://covivado.club/catfish/?sid=99681&rand=0.5216972833431541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba25ceb996c4d0f021198f7192df75aa3f666fdfd73e61bccebffa4fb6ba1349

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Aug 2022 15:17:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1292
etag
W/"62ebe31d-a8fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZLGi%2FK4Z8oDhIRsik2SnHwkUt3WZpTVZc4elXY8YBv%2FKy6VEx6TprFSvHRkeCFQH1bwmbTRuVtNCRuwmoDepXG8uJ8zykZaPYOyYxajenSu0YPDtmkIPIZwS3T1YiuCQ%2F7tar7Qw5sKjDgSUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7522eb59283a7773-LHR
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.php
syndication.exdynsrv.com/v1/ 		1018 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/v1/api.php
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ds03.evo.0x3e.net
Software
nginx /
Resource Hash
140d3ab1d58f0a70b0a2f379dadeb0edbf5fca1616a52599ef002bc2469a9525

Request headers

Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 29 Sep 2022 07:13:59 GMT
Access-Control-Request-Method
POST
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://offside.com.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
Authorization, Content-Type
/
refpa6781648.top/redirect/stat/run/ Frame 32FF 		14 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refpa6781648.top/redirect/stat/run/
Requested by
Host: refpa6781648.top
URL: https://refpa6781648.top/checker/checker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.120.147 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://refpa6781648.top/I?tag=s_1412133m_30323c_&site=1412133&ad=30323
x-requested-with
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:56 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private
content-length
49
cimp.php
syndication.exdynsrv.com/ 		0
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OSWoDQQxFr5ILdPGlGuW1c4LgA3RNiRdxL9oBB3T4VHXAhPAk9CU0MZgXyMLyAnsie/KiiQ2JGLIwzuv59aKOdOt9v9ZmyvZpvla1JIGhMQIpqrhkhdV5ScJBPYZmCT46dSlFgoMOY8XAOibyIc7EACAmFejl7Xw4DVgt8GCPoed9pblxJHjMDbn5DNsK9RVBOkRqzc4VDkJccpuN/x/GLwbk03EBTxY6wse236+3d9Whj8K6f9+K6p/OiX/OkqaYQ+ipZGdttW11HEq1klulWHtZfwAEUBLMXgEAAA==
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/ad-provider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ds03.evo.0x3e.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:13:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://offside.com.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
10012456
a.adtng.com/get/ Frame 05DF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.adtng.com/get/10012456?time=1614803572912&apb=oodbPHNddHNRLHTU7bc7qarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rqKZ5pqq7HSuldK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/ad-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.171 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
b8a8a152d5a63979ac8df45dd249092d91facee4e240c088803fd330e0bb2e9c

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET
content-encoding
gzip
content-type
text/html
date
Thu, 29 Sep 2022 07:13:59 GMT
server
openresty
x-request-id
633545B7-42FE72AB01BB637D-113DDA9
cookie.js
partner.googleadservices.com/gampad/ 		218 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=offside.com.ua&callback=_gfp_s_&client=ca-pub-7140845151581295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a00b8f386dbbf315f6beee125061d2548e9bc060d68da15f2d05711d17a8360e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=offside.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Foffside.com.ua%2F&tn=DIV&id=recallbar&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:13:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F8B3 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7140845151581295&output=html&adk=1812271804&adf=3025194257&lmt=1664435639&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffside.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664435636627&bpp=5&bdt=911&idt=2720&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6209796420272&frm=20&pv=2&ga_vid=1554332874.1664435636&ga_sid=1664435639&ga_hid=1428987149&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C31069177&oid=2&pvsid=2695059597015266&tmod=1198796568&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2745
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7140845151581295&plah=offside.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 07:13:59 GMT
expires
Thu, 29 Sep 2022 07:13:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
vortex-simple-1.0.0.js
hw-cdn2.adtng.com/delivery/vortex/ Frame 05DF 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10012456?time=1614803572912&apb=oodbPHNddHNRLHTU7bc7qarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rqKZ5pqq7HSuldK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:13:59 GMT
Last-Modified
Fri, 02 Nov 2018 14:17:11 GMT
ETag
"1541168231"
X-HW
1664435639.dop090.lo4.t,1664435639.cds205.lo4.shn,1664435639.cds205.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10475722
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5027
945688_banner.png
hw-cdn2.adtng.com/a7/creatives/39/1393/805208/945688/ Frame 05DF 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw-cdn2.adtng.com/a7/creatives/39/1393/805208/945688/945688_banner.png
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10012456?time=1614803572912&apb=oodbPHNddHNRLHTU7bc7qarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rqKZ5pqq7HSuldK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
5cfd0889bddf20b0426add84fb0e0f596ef7dd653d3d22c8f5b63238a80a2088

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:13:59 GMT
Last-Modified
Tue, 26 May 2020 10:07:31 GMT
ETag
"1590487651"
X-HW
1664435639.dop003.lo4.t,1664435639.cds250.lo4.shn,1664435639.cds250.lo4.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10706235
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
73673
IntersectionObserver.js
hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 05DF 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10012456?time=1614803572912&apb=oodbPHNddHNRLHTU7bc7qarrbp63U222TS0yuldRLKqeqV1Us7qZnTupldK6V0rqKZ5pqq7HSuldK6Z0rpXSuldM6V0rpnO03q0lo31m4zlru4luu220pp1nrumn103dK4PHBe9t49Q_xnzc50rpXSuldK6V0rpXSuD7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:13:59 GMT
Last-Modified
Tue, 05 Apr 2022 20:54:54 GMT
ETag
"1649192094"
X-HW
1664435639.dop090.lo4.t,1664435639.cds205.lo4.shn,1664435639.dop090.lo4.t,1664435639.cds254.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10733902
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16885
add
datatechone.com/log/ 		0
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=a968e546-c11a-4be3-8c95-b00e0522c220
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offside.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 29 Sep 2022 07:13:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.19.10
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://offside.com.ua
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
dsp.aspx
inv-nets.admixer.net/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7786162052877807&cpv=7ef6c33b-4684-21fe-7cdd-aa893a1a7c00&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22fab2425b-04c7-77ac-f49a-0015f5796e87%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22ae41799c-341a-b0de-77c7-1bdba9fb01d4%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22751b4f56-132b-039f-9e22-73f0ea8a64cf%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22b115ab8b-255b-eafd-c399-eeaf2426a785%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
33358149be3f59ca19d917bf23a0d2458a555fd716609f4920ab0aa0d2a8301d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
1742
X-Xss-Protection
0
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/49044/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:35:01 GMT
server
nginx
etag
W/"63049f45-702f"
vary
Accept-Encoding
x-cached-since
2022-09-26T10:04:47+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 27 Sep 2023 10:04:47 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/49044/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:35:02 GMT
server
nginx
etag
W/"63049f46-a793"
vary
Accept-Encoding
x-cached-since
2022-09-26T10:04:47+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 27 Sep 2023 10:04:47 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/49044/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:54 GMT
server
nginx
etag
W/"63049f3e-326c"
vary
Accept-Encoding
x-cached-since
2022-09-28T04:31:53+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 29 Sep 2023 04:31:53 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/49044/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:52 GMT
server
nginx
etag
W/"63049f3c-2a79"
vary
Accept-Encoding
x-cached-since
2022-09-26T10:04:47+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 27 Sep 2023 10:04:47 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/49044/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:51 GMT
server
nginx
etag
W/"63049f3b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-09-17T16:49:33+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 18 Sep 2023 16:49:33 GMT
sync.html
s.adtelligent.com/ Frame 07D9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7786162052877807&cpv=7ef6c33b-4684-21fe-7cdd-aa893a1a7c00&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22fab2425b-04c7-77ac-f49a-0015f5796e87%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22ae41799c-341a-b0de-77c7-1bdba9fb01d4%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22751b4f56-132b-039f-9e22-73f0ea8a64cf%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22b115ab8b-255b-eafd-c399-eeaf2426a785%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.226 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
625cbb1f0133789356981a5ca8d87d5b3146ad23af58edcc4cf28da2cb2ae3c0

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://offside.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1291
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame F9E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7786162052877807&cpv=7ef6c33b-4684-21fe-7cdd-aa893a1a7c00&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22fab2425b-04c7-77ac-f49a-0015f5796e87%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22ae41799c-341a-b0de-77c7-1bdba9fb01d4%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22751b4f56-132b-039f-9e22-73f0ea8a64cf%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22b115ab8b-255b-eafd-c399-eeaf2426a785%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 7CE6
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7786162052877807&cpv=7ef6c33b-4684-21fe-7cdd-aa893a1a7c00&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22fab2425b-04c7-77ac-f49a-0015f5796e87%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Foffside.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22ae41799c-341a-b0de-77c7-1bdba9fb01d4%22%2C%22tagid%22%3A%2233703f42-b374-4fd8-b5f3-6f9c313e8412%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_33703f42b3744fd8b5f36f9c313e8412_zone_86725_sect_29689_site_24219%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22751b4f56-132b-039f-9e22-73f0ea8a64cf%22%2C%22tagid%22%3A%2260ae44e4-0906-4404-9490-c6f4763ba59e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_60ae44e4090644049490c6f4763ba59e_zone_86802_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22b115ab8b-255b-eafd-c399-eeaf2426a785%22%2C%22tagid%22%3A%221ba693e9-af43-480f-8247-a0a6978d969d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ba693e9af43480f8247a0a6978d969d_zone_86809_sect_29689_site_24219%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
08dc6ae4128ed6593bcd2d94d467b1c0e85db213fc1048302e4dec88ebe7af30

Request headers

Referer
https://offside.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 29 Sep 2022 07:14:00 GMT
expires
Thu, 29 Sep 2022 07:14:00 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Thu, 29 Sep 2022 07:14:00 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:00 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
content-length
0
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29-Sep-2022 16:14:00 +0900
Content-Type
image/gif;
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=c85ad48ea87a4f55b3fc662991c69aa2
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=c85ad48ea87a4f55b3fc662991c69aa2
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
88.198.31.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.31.232.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=c85ad48ea87a4f55b3fc662991c69aa2
date
Thu, 29 Sep 2022 07:14:00 GMT
server
nginx
etag
W/"ff11529a9d464583ee2b014854730a862c6b2fbd67050b4285a9493eeb285118"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
/
an.yandex.ru/mapuid/targetrtbis/
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=admixer&id=c85ad48ea87a4f55b3fc662991c69aa2
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 29 Sep 2022 07:14:01 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 29 Sep 2022 07:14:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 29 Sep 2022 07:14:01 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 29 Sep 2022 07:14:01 GMT
pixel
ap.lijit.com/ 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 29 Sep 2022 07:14:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Dc85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
content-length
0
admixer-sync
rtb.com.ru/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/admixer-sync?uid=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.189 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 29 Sep 2022 07:14:00 GMT
Server
nginx/1.18.0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
date
Thu, 29 Sep 2022 07:14:00 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:00 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=119fec94-9304-5210-bc84-327edfb177c7
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=119fec94-9304-5210-bc84-327edfb177c7
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=119fec94-9304-5210-bc84-327edfb177c7
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=c85ad48ea87a4f55b3fc662991c69aa2&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=c85ad48ea87a4f55b3fc662991c69aa2&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8804434023222977966&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=422c581d-1e22-4a2d-87fd-b79e7b0e5330&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=422c581d-1e22-4a2d-87fd-b79e7b0e5330&gdpr=&consent=&gdpr_pd=
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=422c581d-1e22-4a2d-87fd-b79e7b0e5330&gdpr=&consent=&gdpr_pd=
Date
Thu, 29 Sep 2022 07:14:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT, Thu, 29 Sep 2022 07:14:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Thu, 29 Sep 2022 07:14:01 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGsIigN%2BLoDmlLS7uQ%2BqZXlSK1ygZvvz146ah9K5Xizw430bIoWVWTGXVB6zOyjnIF7W4tmiYbGlqYGzBdFZkGbKrP0ZBrh%2FWxNxSoOt7De7jzEKVYQEoyIHsiV11H72BAQkTE1XplTCEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb662a90dd71-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARnSwk%2FmW0nXB7IVSIndc34h%2FPeCxfcr%2F1pfcg4Iczq3YSqf35svqUWdUZmu1M8fY709FbT5CZrFucaKkhJAR0dKwW1zE%2FPzZysOLMcGIFcuHawIJpnOS59ijqFk8Dqy6Yz6KQiheeIqTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
cache-control
no-cache
cf-ray
7522eb64fe9976c9-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sync.html
s.console.adtarget.com.tr/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.106 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c85ad48ea87a4f55b3fc662991c69aa2
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z34333786FEE4D7F94A031F6F0894E22&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c85ad48ea87a4f55b3fc662991c69aa2
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z34333786FEE4D7F94A031F6F0894E22&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z34333786FEE4D7F94A031F6F0894E22&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c85ad48ea87a4f55b3fc662991c69aa2
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Dc85ad48ea87a...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=4b1d86ba-3fc6-11ed-9e0f-801844df107c
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=422c581d-1e22-4a2d-87fd-b79e7b0e5330
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=422c581d-1e22-4a2d-87fd-b79e7b0e5330
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=88df9d8a-7423-44fd-ba3b-da239b454b58&user_group=1&ssp=lemma&bsw_param=422c581d-1e22-4a2d-87fd-b79e7b0e5330
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=422c581d-1e22-4a2d-87fd-b79e7b0e5330
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=4b1d86ba-3fc6-11ed-9e0f-801844df107c
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=422c581d-1e22-4a2d-87fd-b79e7b0e5330
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=422c581d-1e22-4a2d-87fd-b79e7b0e5330
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=422c581d-1e22-4a2d-87fd-b79e7b0e5330
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=c85ad48ea87a4f55b3fc662991c69aa24b1d86ba-3fc6-11ed-9e0f-801844df107c
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=c85ad48ea87a4f55b3fc662991c69aa24b1d86ba-3fc6-11ed-9e0f-801844df107c
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:03 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=c85ad48ea87a4f55b3fc662991c69aa24b1d86ba-3fc6-11ed-9e0f-801844df107c
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=c85ad48ea87a4f55b3fc662991c69aa2&redir=[RED]
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-xw08WEtE2uHb7VP.3oMAbZPMZcxUEXM9cKr1UfY-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-xw08WEtE2uHb7VP.3oMAbZPMZcxUEXM9cKr1UfY-~A
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-xw08WEtE2uHb7VP.3oMAbZPMZcxUEXM9cKr1UfY-~A
date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
t.adx.opera.com/ 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
setuid
ib.adnxs.com/ 		43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=533&code=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
AN-X-Request-Uuid
a03aad87-c138-4d1d-be98-9b362fffce48
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptag
a.audrte.com/ Frame 7CE6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.168.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-168-45.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
65a3315e47b9affdd6868c8be65383db837a28984f7b159eea52ddf1dc4bbe89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 7CE6 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 28 Sep 2027 07:14:00 GMT
um
u-ams03.e-planning.net/ Frame 7CE6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7fadfc62cba2c61b%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams03.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D7fadfc62cba2c61b%2526uid%253D%2524UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7fadfc62cba2c61b&uid=6274540795450896300
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7fadfc62cba2c61b&uid=6274540795450896300
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Thu, 29 Sep 2022 07:14:01 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
AN-X-Request-Uuid
74ea174c-e51a-4fdb-9c4e-f225b26b225b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7fadfc62cba2c61b&uid=6274540795450896300
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 7CE6
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D7fadfc62cba2c61b%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7fadfc62cba2c61b&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7fadfc62cba2c61b&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7fadfc62cba2c61b&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 7CE6 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 28 Sep 2027 07:14:00 GMT
usync.html
eus.rubiconproject.com/ Frame 2DAC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 07:14:01 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 29 Sep 2022 07:14:01 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame F204
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd0dcf234064f287f67a2ed970cc6a512baca38206161527037da803f5b7093

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7522eb65edf57786-LHR
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQaccM9%2FlSvgIbByo%2B1DdVnL1BXxjHbjSY%2FZQnQvz08lYxwtelKpjkmMG2yhHLmdKDuD41imTjMpJ6AqB4PCPCG5xhRM4R%2BtGgGjcxhybvcm00sMKQB12%2BiNw33VbegxsjI4h2%2Bo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7522eb64ffd2776d-LHR
content-length
0
date
Thu, 29 Sep 2022 07:14:01 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18KpJKpTD5GbV4aJgdjXXArAu38HLrBlwvFOKWtaLIYVwrGvRPmIcYM6dO4sv0J0ikQjA3oc6ABCMOHHlJNWaB%2F77dBZKiEOxPmm8M5YJlR31R%2FrdQBALc5Dv9fsiL%2Bx3BwZRNYg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame F9DE 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
43df231cbf281031b69e09b3643d7ffc
x-cf-tsc
1653097306
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame FC38 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame FFCA 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c9f1155761feb80dc4e5c530d2a9b4fa978e2e28f7a6e996295c2d9d686132

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7522eb64fbac889e-LHR
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
server
cloudflare
vary
Origin
via
1.1 google
getuid
ib.adnxs.com/ Frame FFCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame FFCA 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=0fdf334f-d863-4da2-bd7a-ad2748c33b30&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0fdf334f-d863-4da2-bd7a-ad2748c33b30&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb68ca4d889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=0fdf334f-d863-4da2-bd7a-ad2748c33b30&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame FFCA 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame FFCA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame FFCA 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1664435641.366870,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4229-LON
u
dmp.v.fwmrm.net/ad/ Frame FFCA 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:7475:e79:22d:1b43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:02 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame FFCA 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 29 Sep 2022 07:14:00 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame FFCA 		0
0
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=21905878750757046533918944462724452340&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-...
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=21905878750757046533918944462724452340&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb6879e4889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v043-0128f1c92.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
VSNld27dTZQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=21905878750757046533918944462724452340&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame FFCA 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022092921-85783-0.545876001664479938-c05705c50fef8e6023d6de1d9f4b9f23&zdid=533&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022092921-85783-0.545876001664479938-c05705c50fef8e6023d6de1d9f4b9f23&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb699ba3889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022092921-85783-0.545876001664479938-c05705c50fef8e6023d6de1d9f4b9f23&zdid=533&env=mWeb
Date
Thu, 29 Sep 2022 19:32:18 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7148696644407457936&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7148696644407457936&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb695b3e889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7148696644407457936&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame FFCA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=0677835b-fb76-4aee-4e7a-58b1cf9f3732
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0677835b-fb76-4aee-4e7a-58b1cf9f3732
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0677835b-fb76-4aee-4e7a-58b1cf9f3732
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0677835b-fb76-4aee-4e7a-58b1cf9f3732
date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0677835b-fb76-4aee-4e7a-58b1cf9f3732&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0677835b-fb76-4aee-4e7a-58b1cf9f3732&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=xzX/Yb8wzIvP7/fKj2dZmO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-47...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=xzX/Yb8wzIvP7/fKj2dZmO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb6b2e18889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:00 GMT
via
1.1 google
last-modified
Thu, 29 Sep 2022 07:14:01 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=xzX/Yb8wzIvP7/fKj2dZmO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame FFCA 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0677835b-fb76-4aee-4e7a-58b1cf9f3732?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=0677835b-fb76-4aee-4e7a-58b1cf9f3732?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb6a1c78889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

expires
0
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
cache-control
no-cache
x-server
10.45.3.94
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-L9dX_MFE2oo6c87CxsmuXJ0m0hcyNpVsPw--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-L9dX_MFE2oo6c87CxsmuXJ0m0hcyNpVsPw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb696b44889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-L9dX_MFE2oo6c87CxsmuXJ0m0hcyNpVsPw--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vopkNd%2FXwqK1lPK1XNZr8Z4BgCJWOGez%2BS41iYitP1U%3D
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vopkNd%2FXwqK1lPK1XNZr8Z4BgCJWOGez%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb6b2e19889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vopkNd%2FXwqK1lPK1XNZr8Z4BgCJWOGez%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame FFCA 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=0677835b-fb76-4aee-4e7a-58b1cf9f3732&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame FFCA 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.97.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-97-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n017-dub-prod.krxd.net
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=126 t=1664435641
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame FFCA 		95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Thu, 29 Sep 2022 07:14:02 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame FFCA 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664435642.061211,VS0,VE0
x-cache
MISS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4041-HHN
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=237c6335-45ba-4600-a201-1408fa4441c6&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=237c6335-45ba-4600-a201-1408fa4441c6&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb6c0f54889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Thu, 29 Sep 2022 07:14:02 GMT
Server
MT3 4525 e1952b7 master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=237c6335-45ba-4600-a201-1408fa4441c6&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 29 Sep 2022 07:14:01 GMT
usermatch.gif
beacon.krxd.net/ Frame FFCA
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
54.194.97.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-97-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Thu, 29 Sep 2022 07:14:02 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1664435642
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
date
Thu, 29 Sep 2022 07:14:02 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame FFCA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8SGH584CX0N81J5WJNAK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DA6AE4VAM21Y3ZS84YRQ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame FFCA 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:02 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D067...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb6bff47889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
date
Thu, 29 Sep 2022 07:14:02 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame FFCA 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&pt=d[&gdpr=1&gdpr_consent=]
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame FFCA
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24...
  • https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebc...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb6c0f55889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Date
Thu, 29 Sep 2022 07:14:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cmp.min.js
spl.zeotap.com/ Frame FFCA 		557 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20b4e3b1f526fb2cc8f3497b3ca7d7653f95b3641b8eaa3fa94242208fc1a980

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb65ed7d889e-LHR
access-control-allow-headers
*
cmp
spl.zeotap.com/ Frame FFCA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7522eb665e64889e-LHR
date
Thu, 29 Sep 2022 07:14:01 GMT
server
cloudflare
vary
Origin
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 2DAC 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20286
Connection
keep-alive
Content-Length
9421
Expires
Thu, 29 Sep 2022 12:52:07 GMT
crum
dsum-sec.casalemedia.com/ Frame F204
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzVFuZVxaLE1IB5sVP7pSwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMzSSYsVSxjQWifTZtdzmQY&google_cver=1
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMzSSYsVSxjQWifTZtdzmQY&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmE3t13Sg%2BhObQy9sxX0OTx9Uu8Tz%2B73MBg%2BQ%2FZV3a3%2Flj73vGULJs10aCuIr3JyT3mKqVS9FR9QWjr8HV42nPLZ5Qj5HeOLHLLQ%2BVMW6pKANzhyJ1vviVCsma%2BJ9PPXy3pe0dp5UdnwqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb6adb21dc6b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMzSSYsVSxjQWifTZtdzmQY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F204 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame F204
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELVKDiO0QNcL_5Fce6F09Mw&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELVKDiO0QNcL_5Fce6F09Mw&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqDmEBkHLzG%2FoGK2AvKJew9uoO08ECGBjiRfiOPmfoxGn9vTZWKXScCNzcBXBeI%2FxbyuVV%2FnIX40SHPgvWMmsSpmyDuByKlk1gqwUBMHgZSoH1fdle7w%2BWTb3jJ0qLjTkg%2BLgI72tpgeTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb67bcc5dd71-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELVKDiO0QNcL_5Fce6F09Mw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F204
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BGXHAJ91DACAVBHSCHC0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QE2RBCFPPT9RQ8RE3HFG
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame F204
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=50e44175-66ea-4a72-bbb3-c65e638114fe&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=422c581d-1e22-4a2d-87fd-b79e7b0e5330
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=422c581d-1e22-4a2d-87fd-b79e7b0e5330
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=us3iscXRzQ13MD9jEgTj6BEHxm25r%2F5ohM%2Ff2eWALheuw%2Fq%2FV02TpBk7gFgv6kQX0pLQxjzf2g8uirwzAIriYQjNiPwb3YS8OA4tp0tT%2FIw5uQ7FRyNZNllc7v08AOlmf2uKxich"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb6b9e0572f4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=422c581d-1e22-4a2d-87fd-b79e7b0e5330
Date
Thu, 29 Sep 2022 07:14:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F204 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame F204
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e157b1f4-3451-285f-28c6f547
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e157b1f4-3451-285f-28c6f547
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hulcUzBHCDRAuSWsItaaUZvEIQkXC7F5k50esLRfk%2FRunIo0Q%2BPEgLYi12PIBr5%2Faa%2FXxhYTJXCRfMQxJwklM45R4DxMM0lyBBWS6bRUZZbgbISQgkwXp%2Bm0cvRXzlO%2Bdm8l9q2S"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb6a19547326-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e157b1f4-3451-285f-28c6f547
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame F204
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxZVt0cuwwPuNgCwyhkXmJjAnBDEsdxbHn2p%2F51ghPint9vEr%2B5o1MzZWjy4lJbFe%2BaZTrNmDByAXRvdwDkTJw7RS8L60vxLG6kURX8AaHEEwo15Eeh%2BEDb1ufQoO9F7D0ekOmtj0DMIXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb6a19f2dc6b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 29 Sep 2022 07:14:01 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
um
u-ams03.e-planning.net/ Frame F204 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=7fadfc62cba2c61b&uid=YzVFuZVxaLE1IB5sVP7pSwAA%261194
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7fadfc62cba2c61b%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Thu, 29 Sep 2022 07:14:01 GMT
content-type
image/gif
/
csync.loopme.me/ Frame 4A3E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7522eb67cde5dc29-LHR
date
Thu, 29 Sep 2022 07:14:01 GMT
server
cloudflare
sync.html
s.adtelligent.com/ Frame CEEE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.226 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d641d1e327b5294c8f455a91dbf61c6ad94cde87e2d91129c70bbb9c867438da

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
809
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 97A4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42756
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 07:14:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 19:06:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 14B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame 3DD6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Thu, 29 Sep 2022 07:14:01 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame 95F0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.106 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
49b0f568530679d4bdda7a5d9ac44ef2346dba5baf1006091d05ada7e8706823

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
719
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame 9E64 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
a910eb1b539b7cfa3b422cb4a58a698ad3de700dbbb5c6f7db475846f0143ca7

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
expires
Thu, 29 Sep 2022 07:14:01 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
csync
sync.adtelligent.com/ Frame 07D9
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=888934b2-f449-4c77-9178-3ace353cd8cc
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=888934b2-f449-4c77-9178-3ace353cd8cc
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
Etag
f4e685574c462b7c
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=888934b2-f449-4c77-9178-3ace353cd8cc
access-control-allow-origin
*
date
Thu, 29 Sep 2022 07:14:01 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ Frame 07D9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1664435641693
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8384040875
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8384040875
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
etag
RX29b61f151f634fbf9cba8623ebb88496003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8384040875
cache-control
no-store, no-cache, must-revalidate
expires
0
prebid
rtb.openx.net/sync/ Frame 07D9 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
c6tujdei9hqojv6b4kokf6pkq3l862q0
pixel
ap.lijit.com/ Frame 07D9 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 29 Sep 2022 07:14:01 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 07D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6274540795450896300
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6274540795450896300
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
Etag
f4e685574c462b7c
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
AN-X-Request-Uuid
8c87721c-8ad4-42d9-92ce-32be126c7fc4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=6274540795450896300
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 07D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6274540795450896300
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6274540795450896300
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
Etag
f4e685574c462b7c
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
AN-X-Request-Uuid
91d8547b-9ceb-4a16-bea1-559f4889bb80
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6274540795450896300
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ Frame 07D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr={gdpr}&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 07D9
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
Etag
f4e685574c462b7c
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame 07D9
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=c85ad48ea87a4f55b3fc662991c69aa2
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=c85ad48ea87a4f55b3fc662991c69aa2
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
Etag
f4e685574c462b7c
Content-Length
0

Redirect headers

Date
Thu, 29 Sep 2022 07:14:02 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=c85ad48ea87a4f55b3fc662991c69aa2
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
khaos.jpg
token.rubiconproject.com/ Frame 2DAC 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 7CE6 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 05:27:10 GMT
content-encoding
gzip
via
1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
6412
x-amz-server-side-encryption
AES256
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
VhY_QaTQBUINWT29HIYQ-zXKjrgyf0aj5BOyoS1TiP8C7ydb1MPKIw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 5993 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Thu, 29 Sep 2022 07:14:00 GMT
etag
W/"601b131c-27c"
expires
Tue, 28 Sep 2027 07:14:00 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 3C80 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D7fadfc62cba2c61b%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AZySIRkuQlmh
x-77-nzt-ray
vldLERD7Lmg
x-77-pop
frankfurtDE
x-accel-expires
@1665472441
x-cache
MISS
sync
eb2.3lift.com/ Frame A51A 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 29 Sep 2022 07:14:01 GMT
adxcm.aspx
inv-nets.admixer.net/ Frame 4D54 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMevjy2ejXsrP8qy
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 29 Sep 2022 07:14:01 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
ptag
a.audrte.com/ Frame 9E64 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.168.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-168-45.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
65a3315e47b9affdd6868c8be65383db837a28984f7b159eea52ddf1dc4bbe89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 9E64 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 28 Sep 2027 07:14:00 GMT
um
u-ams03.e-planning.net/ Frame 9E64
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De475d0bdaad5302d%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=e475d0bdaad5302d&uid=6274540795450896300
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=e475d0bdaad5302d&uid=6274540795450896300
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Thu, 29 Sep 2022 07:14:01 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
AN-X-Request-Uuid
9f8c99b9-9e39-43a9-93d5-4c25b889c9ac
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=e475d0bdaad5302d&uid=6274540795450896300
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 9E64
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3De475d0bdaad5302d%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=e475d0bdaad5302d&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=e475d0bdaad5302d&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=e475d0bdaad5302d&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:01 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 9E64 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 28 Sep 2027 07:14:00 GMT
usync.html
eus.rubiconproject.com/ Frame E6EA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 07:14:01 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 29 Sep 2022 07:14:01 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 53A8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976a6cf20b0b3db7be8ebb987f4666300c6db0fcd06aaee44a51db3ea38a889c

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7522eb67e9127786-LHR
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FlNt9dyPVw1x119UgIpKB5agvAJsgf2qajKx7Bl4g4kuU%2BGDGgr74rB5bBvHGwJJ6O2emiTGpaEWylHHiNscH7gjBCxQsr%2B0LNxQB9%2F4U5y0ARrn3Rlys8d%2FGP31xBVrw0dZZBG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 5F7C 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
b9407cf1f1307267775c2841b437ef8d
x-cf-tsc
1653097306
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 2EA2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame FE42 		530 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af6ddf0d3116b38e687c1c44a7082886a2ede4a599ac8a3210f9ecb211c20b2

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7522eb681930889e-LHR
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
server
cloudflare
vary
Origin
via
1.1 google
/
onetag-sys.com/usync/ Frame 47C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3894 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42756
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 07:14:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 19:06:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B27B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 07:14:01 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 29 Sep 2022 07:14:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
csync
sync.adtelligent.com/ Frame CEEE 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
Adtelligent
Etag
f4e685574c462b7c
Content-Length
43
Content-Type
image/gif
mw
mwzeom.zeotap.com/ Frame FE42
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D067...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=3da32747-aa99-4a67-6306-b6aeed9e94e9&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=3da32747-aa99-4a67-6306-b6aeed9e94e9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb6b2e17889e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=3da32747-aa99-4a67-6306-b6aeed9e94e9&zdid=1361
date
Thu, 29 Sep 2022 07:14:01 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame FE42 		557 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=3da32747-aa99-4a67-6306-b6aeed9e94e9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c16d4a942680639d046bf4ee42ff207b5f665731be03be723ed038fe83b8836

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7522eb690a8d889e-LHR
access-control-allow-headers
*
GS.d
js.cookieless-data.com/ Frame 5993 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1664435641731
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 53A8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6274540795450896300
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6274540795450896300
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3P%2BqBlb8tFsxquAX8VEE8BQM52IW%2FSybEFjom7lChp1JEXY0K510EW8QMgkbd4bl4wj72PAQqsbxusSbVnVoxEEImeeeACMvvtzgzPkq9Zo%2Fo6risxStoGJcMGNsg2vp3R%2By831TQVzvFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb6b1b7bdc6b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:01 GMT
AN-X-Request-Uuid
465a7865-3e56-4cb2-b8f6-c4b1a09fc084
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6274540795450896300
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 53A8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB
date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame 53A8 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.183.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-183-30.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:02 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 53A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f9f76335-45b9-4a00-bc8d-8dcf4531f39b
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f9f76335-45b9-4a00-bc8d-8dcf4531f39b
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVdcMjPxw7UPyOY1KQugLE4MedY66SpoWvQwkLdhm65qU6r%2BzPLovtTgnnF%2FSasxrxs0j4lU0WwXe4CySiq343O42f9sfGhexA%2Fvvp1jDl6ADvbK2%2FEbOgaq%2FH1Vvr7pVKqoIQ8OtJ5TsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb6b3bb3dc6b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Server
MT3 4525 e1952b7 master zrh-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f9f76335-45b9-4a00-bc8d-8dcf4531f39b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Sep 2022 07:14:00 GMT
rum
r.casalemedia.com/ Frame 53A8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348&gdpr=0&gdpr_consent=
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPWHHjaJssCv0hMmQuUbUIx%2BuCTthWFVU7%2FW2YIImVgDSs3PnO1iaOl6omb0%2FGj8BS4%2Bock263hfD7CxnaucB%2BcfxOTiWn0zYnP2ArND30PoUecaz4%2BLmrs9qTzYDHKialHI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb6dca60e688-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4b31031c-1407-404c-b7eb-7410c94e0af5-633545b9-4348&gdpr=0&gdpr_consent=
date
Thu, 29 Sep 2022 07:14:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 53A8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzVFuZVxaLE1IB5sVP7pSwAABKoAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 53A8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=47449253B1FC45DD92CCDB057C4A5171
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=47449253B1FC45DD92CCDB057C4A5171
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2pI1n7GF%2BlbYwjJC39AbgRGP2u9dOUhlyKqP2bGjet95pOYj%2BedfDy5ZHUFqwdL2W24GVFPreucoZ5vJ2sJSy7M7Q5WOZrdMlvLjdCCCvIgOR2LWpuMo%2Boa0LSM154N6ERZ6qu9jxVYPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7522eb6b4bbfdc6b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 29 Sep 2022 07:14:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=47449253B1FC45DD92CCDB057C4A5171
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 28 Sep 2022 07:14:01 GMT
ix
ad4m.at/ad/sim/ Frame 53A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
um
u-ams03.e-planning.net/ Frame 53A8 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=e475d0bdaad5302d&uid=YzVFuZVxaLE1IB5sVP7pSwAA%261194
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De475d0bdaad5302d%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Thu, 29 Sep 2022 07:14:01 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame E6EA 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20286
Connection
keep-alive
Content-Length
9421
Expires
Thu, 29 Sep 2022 12:52:07 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 97A4 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67281889&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:14:00 GMT
content-length
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 9E64 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 05:27:10 GMT
content-encoding
gzip
via
1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
6412
x-amz-server-side-encryption
AES256
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
-Zq8YEd5y9d2IgUWjJFegBaSh9dpc5f8wvzGHgqQLmfQ6xDLSDY3xg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 2A83 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
etag
W/"601b131c-27c"
expires
Tue, 28 Sep 2027 07:14:01 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame F8AA 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3De475d0bdaad5302d%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 07:14:01 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AZySIRmNxaWh
x-77-nzt-ray
6ilrM1o3bVk
x-77-pop
frankfurtDE
x-accel-expires
@1665472441
x-cache
MISS
sync
eb2.3lift.com/ Frame 865F 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 29 Sep 2022 07:14:01 GMT
csync
sync.adtelligent.com/ Frame 5C04 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AMevjy2ejXsrP8qy
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 29 Sep 2022 07:14:01 GMT
Etag
084268b2e4388c79
Server
Adtelligent
usync.js
eus.rubiconproject.com/ Frame B27B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20286
Connection
keep-alive
Content-Length
9421
Expires
Thu, 29 Sep 2022 12:52:07 GMT
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=33703f42-b374-4fd8-b5f3-6f9c313e8412
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 29 Sep 2022 07:14:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 2DAC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cmp
spl.zeotap.com/ Frame FE42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=3da32747-aa99-4a67-6306-b6aeed9e94e9&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=3da32747-aa99-4a67-6306-b6aeed9e94e9&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7522eb6a4ccd889e-LHR
date
Thu, 29 Sep 2022 07:14:01 GMT
server
cloudflare
vary
Origin
via
1.1 google
khaos.jpg
token.rubiconproject.com/ Frame E6EA 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GS.d
js.cookieless-data.com/ Frame 2A83 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1664435642053
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Sep 2022 07:14:02 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame B8B2
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8804434023222977966
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8804434023222977966
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 29 Sep 2022 07:14:02 GMT
Etag
9b2aa0be5773183b
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 29 Sep 2022 07:14:02 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8804434023222977966
server
nginx
csync
sync.adtelligent.com/ Frame 95F0
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9b2aa0be5773183b
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9b2aa0be5773183b
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:02 GMT
Server
Adtelligent
Etag
f4e685574c462b7c
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9b2aa0be5773183b
Date
Thu, 29 Sep 2022 07:14:02 GMT
Server
Adtelligent
Etag
9b2aa0be5773183b
Content-Length
0
khaos.jpg
token.rubiconproject.com/ Frame B27B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame B27B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ptrack
a.audrte.com/ Frame 9E64 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.45&p=M1353665098&artime=2022-09-29T07:14:02.632Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.168.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-168-45.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6ca95833acf82756103da29ce64e51d5ecaa8c73f513b8bb8af71c0c7417958a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:03 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 9E64 		155 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 14:05:03 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
61740
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
jRwLBmfTzC2aWVdIGkg3UIEPc-h4foAZrTnyLh4E_jqDDQXt18kbNQ==
data
bcp.crwdcntrl.net/6/ Frame 9E64 		20 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.193.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-193-48.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

expires
0
pragma
no-cache
date
Thu, 29 Sep 2022 07:14:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.25.42
access-control-allow-credentials
true
content-length
20
x-consent
absent
p
a.audrte.com/ Frame 9E64
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5l0Czf8wF-hRJuh6BnU105Drw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=5l0Czf8wF-hRJuh6BnU105Drw&gdpr=0&gdpr_consent=&google_gid=CAESEA5ogqv03_tWYRguYebT3lI&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
52.7.168.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-168-45.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:04 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 29 Sep 2022 07:14:04 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 9E64
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8804434023222977966
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEA5ogqv03_tWYRguYebT3lI&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Server
52.7.168.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-168-45.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:04 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 29 Sep 2022 07:14:04 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 9E64 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=5l0Czf8wF-hRJuh6BnU105Drw&gdpr=0&gdpr_consent=
Requested by
Host: offside.com.ua
URL: https://offside.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:14:03 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
um
u-ams03.e-planning.net/ Frame 3C80 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=7fadfc62cba2c61b&uid=2799041a3515fb48b172c141f80c0fdc
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D7fadfc62cba2c61b%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Thu, 29 Sep 2022 07:14:03 GMT
server
openresty
um
u-ams03.e-planning.net/ Frame F8AA 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=e475d0bdaad5302d&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3De475d0bdaad5302d%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Thu, 29 Sep 2022 07:14:03 GMT
server
openresty
common.js
maps.google.com/maps-api-v3/api/js/50/7a/ 		246 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/50/7a/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9213d9ffb010f00df9cd989986a3068e7b8de96cbee7e00f249e06d59e81e6ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69350
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 20:35:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:52:00 GMT
util.js
maps.google.com/maps-api-v3/api/js/50/7a/ 		161 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/50/7a/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bba58a24d973f3780362a09eac2d0f72e205e9d186cbe471bfea2fb4a5719cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://offside.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60561
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 20:35:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361

Verdicts & Comments Add Verdict or Comment

307 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| rcewpp function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery object| Rcl object| rcl_actions object| rcl_filters object| rcl_beats number| rcl_beats_delay object| rcl_url_params function| rcl_do_action function| rcl_add_action function| rcl_apply_filters function| rcl_add_filter function| rcl_get_value_url_params function| rcl_is_valid_url function| setAttr_rcl function| rcl_update_history_url function| rcl_init_cookie function| rcl_add_dynamic_field function| rcl_remove_dynamic_field function| rcl_rand function| rcl_notice function| rcl_close_notice function| rcl_preloader_show function| rcl_preloader_hide function| rcl_setup_datepicker_options function| rcl_show_datepicker function| rcl_remove_datepicker_box function| rcl_init_field_file function| rcl_init_runner function| rcl_init_range function| rcl_init_color function| rcl_init_field_maxlength function| rcl_init_ajax_editor function| rcl_setup_quicktags function| rcl_add_ajax_quicktags function| rcl_add_quicktags function| rcl_proccess_ajax_return function| rcl_ajax function| rcl_submit_form function| rcl_send_form_data function| rcl_check_form function| rcl_add_beat function| rcl_remove_beat function| rcl_exist_beat function| rcl_init_table function| rcl_table_search function| RclForm function| rcl_chek_form_field function| rcl_init_iconpicker object| RclUploaders function| RclClassUploaders function| RclUploader function| rcl_init_uploader function| rcl_init_dropzone function| rcl_delete_attachment function| rcl_add_attachment_in_editor function| rcl_update_require_checkbox function| rcl_init_update_requared_checkbox function| rcl_init_ajax_tab function| rcl_get_options_url_params function| rcl_add_dropzone function| passwordStrength function| rcl_manage_user_black_list function| rcl_show_tab function| rcl_init_recallbar_hover function| rcl_add_class_upload_tab function| rcl_add_preloader_tab function| rcl_init_get_smilies function| rcl_init_hover_smilies function| rcl_init_click_smilies function| rcl_init_close_popup function| rcl_init_click_overlay function| rcl_init_click_float_window function| rcl_init_loginform_shift_tabs function| rcl_init_check_url_params function| rcl_init_close_notice function| rcl_init_login_form function| rcl_show_login_form_tab function| rcl_show_float_login_form function| rcl_hide_float_login_form function| rcl_setup_position_float_form function| rcl_beat function| rcl_get_actual_beats_data function| rcl_close_votes_window function| rcl_edit_rating function| rcl_get_list_votes function| rcl_view_list_votes object| rcl_public_form function| rcl_setup_async_upload function| rcl_init_click_post_thumbnail function| rcl_get_post_thumbnail_html function| rcl_remove_post_thumbnail function| rcl_delete_post function| rcl_delete_thumbnail_attachment function| rcl_edit_post function| rcl_preview function| rcl_save_draft function| rcl_check_publish function| rcl_publish function| rcl_check_required_fields function| rcl_get_prefiew_content function| rcl_preview_close function| rcl_init_public_form function| rcl_init_thumbnail_uploader function| rcl_set_post_thumbnail function| rcl_switch_attachment_in_gallery object| rcl_chat_last_activity object| rcl_chat_beat number| rcl_chat_write number| rcl_chat_contact_token number| rcl_chat_inactive_counter number| rcl_chat_important number| rcl_chat_max_words object| rcl_chat_sound function| rcl_chat_init_sound function| rcl_chat_inactivity_cancel function| rcl_chat_inactivity_counter function| rcl_chat_scroll_bottom function| rcl_reset_active_mini_chat function| rcl_chat_counter_reset function| rcl_chat_add_message function| rcl_chat_clear_beat function| rcl_set_active_mini_chat function| rcl_init_chat function| rcl_chat_close function| rcl_chat_write_status function| rcl_chat_write_status_cancel function| rcl_chat_add_new_message function| rcl_chat_navi function| rcl_get_mini_chat function| rcl_chat_words_count function| rcl_chat_remove_contact function| rcl_chat_message_important function| rcl_chat_important_manager_shift function| rcl_chat_delete_message function| rcl_chat_delete_attachment function| rcl_chat_shift_contact_panel function| rcl_chat_init_beat function| rcl_chat_beat_core function| rcl_chat_beat_success function| rcl_get_chat_window object| globalAmlAds string| ms_grabbing_curosr string| ms_grab_curosr object| AdProvider string| hts object| google_tag_manager object| google_tag_data object| anyCommentApiSettings function| onYouTubeIframeAPIReady object| gaGlobal object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| admixerJSONP function| HELPER object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| _0x5a83 function| _0x3edf string| ms_cf_catfish number| time number| ms_cf_cwidth string| ms_cf_mobile string| ms_cf_transparent number| ms_cf_timeout string| ms_cf_logactive string| ms_cf_allactions string| startOrientation string| bWidth string| bHeight object| setelem undefined| ms_60336_a object| doc object| ExoLoader object| ExoSupport object| resolver object| streaming object| VastSupport function| instantiateViewability function| ExoAdsRefresh object| hb_dmx_res object| html5 object| Modernizr function| yepnope object| __ds3dcV__ function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| ClipboardJS object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$geometry$spherical object| module$exports$mapsapi$poly$polylineCodec object| wpgmp_local object| twemoji object| wp object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb function| parcelRequire function| html2canvas function| _open

91 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: c85ad48ea87a4f55b3fc662991c69aa2
.offside.com.ua/ Name: _ga_83HN7YJGYM
Value: GS1.1.1664435636.1.0.1664435636.0.0.0
.offside.com.ua/ Name: _ga
Value: GA1.1.1554332874.1664435636
.yadro.ru/ Name: FTID
Value: 1ZDKMq1qyUOP1ZDKMq00283x
.yadro.ru/ Name: VID
Value: 1Jvi4r1_sOOP1ZDKMq00284v
offside.com.ua/ Name:
Value: store.test
.offside.com.ua/ Name: _ga_5MF0YH07SE
Value: GS1.1.1664435636.1.0.1664435636.0.0.0
.exdynsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633545b739a882.792648651337444275%22%3B%7D
.exdynsrv.com/ Name: __upt
Value: %7B%22v%22%3A1%2C%22id%22%3A%22633545b739a882.792648651337444275%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22502.0199%22%7D
a.adtng.com/ Name: adtool_guid
Value: Ch5KEmM1RbcNtSIm14mBAg==
a.adtng.com/ Name: RNLBSERVERID
Value: ded7041
.offside.com.ua/ Name: __gads
Value: ID=7e99e98a146f4c2b-22fca09c32ce00b8:T=1664435639:RT=1664435639:S=ALNI_Mble3Kap4wvlfxOKU43tSJDNhNq_Q
offside.com.ua/ Name: pll_language
Value: ru
.admixer.net/ Name: am-uid
Value: c85ad48ea87a4f55b3fc662991c69aa2
offside.com.ua/ Name: am-uid
Value: c85ad48ea87a4f55b3fc662991c69aa2
ads.us.e-planning.net/ Name: CT
Value: 1
.exchange.buzzoola.com/ Name: uuid
Value: d37a7d27-fa43-4ec1-6b82-4876bf5b5b9e
.e-planning.net/ Name: E
Value: AMevjy2ejXsrP8qy
a4p.adpartner.pro/ Name: apuid
Value: 78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 119fec94-9304-5210-bc84-327edfb177c7
.betweendigital.com/ Name: ss
Value: 1
.creativecdn.com/ Name: u
Value: dFtRyEO9ToNSzjBaEzv1
.creativecdn.com/ Name: ts
Value: 1664435641
.adnxs.com/ Name: uuid2
Value: 6274540795450896300
.betweendigital.com/ Name: ut
Value: YzVFuQABlkBte5hQRk1eHholtaQB7yTJzmTjCA==
.zeotap.com/ Name: zc
Value: 0677835b-fb76-4aee-4e7a-58b1cf9f3732
.casalemedia.com/ Name: CMID
Value: YzVFuZVxaLE1IB5sVP7pSwAA
.casalemedia.com/ Name: CMPS
Value: 1194
.casalemedia.com/ Name: CMPRO
Value: 1194
.bidswitch.net/ Name: tuuid
Value: 422c581d-1e22-4a2d-87fd-b79e7b0e5330
.bidswitch.net/ Name: c
Value: 1664435641
.bidswitch.net/ Name: tuuid_lu
Value: 1664435641
pa.tns-ua.com/ Name: uid
Value: Z34333786FEE4D7F94A031F6F0894E22
.yandex.ru/ Name: yuidss
Value: 9829300311664435641
.yandex.ru/ Name: yandexuid
Value: 9829300311664435641
.adx.opera.com/ Name: UID
Value: 9b98e20cd41d489d8f84527a0e117783
.demdex.net/ Name: demdex
Value: 21905878750757046533918944462724452340
.doubleclick.net/ Name: IDE
Value: AHWqTUlVP7_Mymd0YTTT5j-aeYMgSZ62O5uLuOVhK3mWIG3IJbNi9zBb_RrtgdTnYQI
.lemmatechnologies.com/ Name: uid
Value: 4b1d86ba-3fc6-11ed-9e0f-801844df107c
.dpm.demdex.net/ Name: dpm
Value: 21905878750757046533918944462724452340
.adform.net/ Name: C
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-d3df860b-cdf7-362a-9c16-4b510467519a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1664435641399
.tapad.com/ Name: TapAd_DID
Value: 0fdf334f-d863-4da2-bd7a-ad2748c33b30
.zeotap.com/ Name: zsc
Value: r%9B%FBI%EAe%C1%E0%D5u%BB%5C%C5%06%D9%AD%C1%E2%AB%A2%D8s%D1%3E%D8%C1PWo%C0%E7%3C%E4z%14%82%CE%B4%17%0E%F4%15%0B%80Kd%3A%D1%00%98%9B%C0%95%B9i%9A%C9k%ACo%0FI%DC%AB%D0%25d%B5+K%D8%090%8A%F8%F5%1A%0AdrMD%E9eND%1Fi%7B%3E%B5u%90%BE3%F2%F9%0F%822%A0%15%84%18%A8%D3%AD%C0%0B%03S%AF1%92%ACp%8Dn%EE%3EBk%88%A7%BC%A5%9A%A2%26%0B%82%FF%06%82%7B%278%99%CC%D6i%95%E2%C9xGj+%E6%7B%B6%83%F8%AE%A1%F2pp4%12%EB%88%D4%15%3A%04%83%D5%B6%CE
.brand-display.com/ Name: _knxq_
Value: e157b1f4-3451-285f-28c6f547.1664435641.0.1664435641.1664435641
ads.avct.cloud/ Name: uuid
Value: 50e44175-66ea-4a72-bbb3-c65e638114fe
.360yield.com/ Name: tuuid
Value: 888934b2-f449-4c77-9178-3ace353cd8cc
.360yield.com/ Name: tuuid_lu
Value: 1664435641
.adfarm1.adition.com/ Name: UserID1
Value: 7148696644407457936
.weborama.fr/ Name: AFFICHE_W
Value: ioy6OMjiHDyK46
.adform.net/ Name: uid
Value: 8804434023222977966
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.analytics.yahoo.com/ Name: IDSYNC
Value: "1985~27fj:175w~27fj"
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-29b61f15-1f63-4fbf-9cba-8623ebb88496-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.yahoo.com/ Name: A3
Value: d=AQABBLlFNWMCEMWR_eJfB4YNeB_ZBxAhj4cFEgEBAQGXNmM_YwAAAAAA_eMAAA&S=AQAAAmobPd3RB6rDu3Tw-5ieCbg
.agkn.com/ Name: ab
Value: 0001%3AeGI%2FA0Ck9MMa39puBS%2BDUK1Vhva0PKZQ
.sitescout.com/ Name: ssi
Value: 4b31031c-1407-404c-b7eb-7410c94e0af5#1664435641962
.krxd.net/ Name: _kuid_
Value: PG4ZCqR3
.simpli.fi/ Name: suid
Value: 47449253B1FC45DD92CCDB057C4A5171
.adtelligent.com/ Name: a307971
Value: AMevjy2ejXsrP8qy
.fwmrm.net/ Name: _uid
Value: "e94bf_7148696648686767681"
.richaudience.com/ Name: avcid-zeo-uid
Value: 0677835b-fb76-4aee-4e7a-58b1cf9f3732
.adtelligent.com/ Name: vmuid
Value: f4e685574c462b7c
.adtelligent.com/ Name: a307558
Value: 78e7bad5-b4cd-4d49-8fc3-2b4c742d69a4
.adtelligent.com/ Name: a584890
Value: 6274540795450896300
.admixer.co.kr/ Name: __auid
Value: 1bcb86d43e8925c3fbd05da9d80c41be
.admixer.co.kr/ Name: __puid_103
Value: c85ad48ea87a4f55b3fc662991c69aa2
.admixer.co.kr/ Name: __id_utm
Value: 20220929
.admixer.co.kr/ Name: __id_inf_103
Value: 0_c85ad48ea87a4f55b3fc662991c69aa2
pool.admedo.com/ Name: tuuid
Value: 88df9d8a-7423-44fd-ba3b-da239b454b58
pool.admedo.com/ Name: c
Value: 1664435642
pool.admedo.com/ Name: tuuid_lu
Value: 1664435642
.mathtag.com/ Name: uuid
Value: 237c6335-45ba-4600-a201-1408fa4441c6
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY2NDQzNTY0MjEyMSwiMzkiOjE2NjQ0MzU2NDIxMjEsIjciOjE2NjQ0MzU2NDIxMjF9
.adtelligent.com/ Name: a297253
Value: 6274540795450896300
.adtelligent.com/ Name: a289656
Value: 888934b2-f449-4c77-9178-3ace353cd8cc
.amazon-adsystem.com/ Name: ad-id
Value: A0tvZ84BGEp-i5em9FB2E0o
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adtelligent.com/ Name: p440467
Value: c85ad48ea87a4f55b3fc662991c69aa2
.casalemedia.com/ Name: CMTS
Value: 5130
.console.adtarget.com.tr/ Name: vmuid
Value: 9b2aa0be5773183b
.console.adtarget.com.tr/ Name: a307457
Value: 8804434023222977966
.adtelligent.com/ Name: a318342
Value: 9b2aa0be5773183b
.audrte.com/ Name: arcki2
Value: 5l0Czf8wF-hRJuh6BnU105Drw!20220908!1664435643689
.audrte.com/ Name: arcki2_adform
Value: 8804434023222977966!20220908!1664435643905
.eyeota.net/ Name: SERVERID
Value: 17203~DM
.audrte.com/ Name: arcki2_TTT
Value: 1664435644052!5l0Czf8wF-hRJuh6BnU105Drw!50#1123#866#190#1#312#1795#322#839#926#724#796#1800#1407#454#549#482#1720#1080#1686#918#1834#629#296#1188#-1#331#717#1336#1455#-1#146#446#262#604#1233#1838#1230#722#1844#1133#-1#1010#1751#963#803#1427#370#-1#532#449#1758#368#1558#506#464#1031#1355#583#1473#906#1353#1597#1073#1513#1487#1590#1005#1785#231#364#933#777#306#1264#1788#1244#1327#234#828
.audrte.com/ Name: arcki2_ddp
Value: CAESEA5ogqv03_tWYRguYebT3lI!20220908!1664435644193

7 Console Messages

Source Level URL
Text
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7fadfc62cba2c61b&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=0677835b-fb76-4aee-4e7a-58b1cf9f3732&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=e475d0bdaad5302d&uid=ua-d3df860b-cdf7-362a-9c16-4b510467519a
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0677835b-fb76-4aee-4e7a-58b1cf9f3732%26reqId%3D54ebccf5-bb87-4739-5ac7-c45da778c5d5%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://tags.bluekai.com/site/87734?id=0677835b-fb76-4aee-4e7a-58b1cf9f3732&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0677835b-fb76-4aee-4e7a-58b1cf9f3732&reqId=54ebccf5-bb87-4739-5ac7-c45da778c5d5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adtng.com
a.audrte.com
a.exdynsrv.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
an.yandex.ru
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
bidswitch-eu.splicky.com
bn01.er.bemail.it
c1.adform.net
cdn.admixer.net
cdntechone.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
counter.yadro.ru
covivado.club
creativecdn.com
cs.mobfox.com
csync.loopme.me
datatechone.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
hw-cdn2.adtng.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
maps.google.com
maps.googleapis.com
match.adsrvr.org
match.new-programmatic.com
match.prod.bidr.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
offside.com.ua
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
r.casalemedia.com
refpa53115.top
refpa6781648.top
region1.google-analytics.com
rtb.com.ru
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
secure-assets.rubiconproject.com
secure.adnxs.com
spl.zeotap.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.tidaltv.com
syndication.exdynsrv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
u-ams03.e-planning.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.googletagmanager.com
x.bidswitch.net
sync.tidaltv.com
104.18.18.126
104.18.19.126
13.225.78.37
13.248.245.213
135.125.160.160
139.45.195.253
142.250.186.130
142.250.201.194
146.0.227.110
151.1.205.165
151.101.194.49
162.55.236.225
18.156.0.31
18.184.216.10
18.198.69.109
183.110.238.136
185.15.245.81
185.172.90.250
185.172.90.251
185.184.8.90
185.29.132.245
185.83.69.226
188.34.165.163
188.42.191.196
193.200.65.6
194.247.175.26
198.47.127.18
198.47.127.19
199.115.119.227
2.18.233.201
2001:4860:4802:34::36
2001:4de0:ac19::1:b:3a
205.234.175.175
209.197.3.25
212.82.100.182
212.83.160.162
213.183.39.30
213.19.147.44
216.52.2.39
217.65.2.150
23.205.235.133
23.227.139.243
23.227.151.106
23.35.236.201
23.75.240.210
2600:1f18:6593:f600:7475:e79:22d:1b43
2606:4700:10::6816:1957
2606:4700:20::ac43:4a81
2606:4700::6813:ad6c
2a00:1450:4001:808::2003
2a00:1450:4001:808::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400d:80a::200e
2a02:6b8::90
2a02:6ea0:c700::18
2a03:90c0:e1:2801::254
2a04:4e42:400::300
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0
2a06:98c1:3120::3
2a06:98c1:3121::3
3.120.86.7
3.218.193.24
34.111.131.239
34.111.151.213
34.194.111.252
34.252.105.21
34.255.174.131
34.98.67.61
35.186.253.211
35.204.158.49
35.210.53.219
35.227.248.159
35.71.131.137
37.157.2.237
37.157.4.29
37.252.172.250
37.252.173.22
45.135.120.147
51.83.220.94
51.89.9.251
52.18.235.86
52.46.143.56
52.59.153.178
52.7.168.45
52.94.220.185
54.155.183.30
54.194.97.242
54.216.193.48
54.216.196.145
66.155.71.25
66.254.114.171
67.202.105.34
69.173.144.138
69.173.144.165
69.192.160.219
8.2.110.114
8.2.110.206
82.145.213.8
83.222.114.189
85.114.159.93
88.198.31.232
88.198.49.154
88.212.201.204
95.211.229.248
00af177c4d2cf240c75a678221edb7e5c52bc2d83a06a67702fc63c5505cb9e0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08dc6ae4128ed6593bcd2d94d467b1c0e85db213fc1048302e4dec88ebe7af30
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba02b924fc5beeb370ed64d478401e94a513e970cac2c46266c708348135cf2
0d94be650a5c60bab1cd8019486a3e88695f59d181b3b8fa30c8f5abb6949c44
0ec91f164d8f0f10b75742279950b9a089f836afe7a2b6c9f631a6d413732db6
0f19f6515e9ea09ace719735423f016f152f471a8bcdbf5d2336e0480f102625
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
139c5619584ef539046f7ab135c9b69c4c7167942e5463f6b3b675c5fe5ffde6
140d3ab1d58f0a70b0a2f379dadeb0edbf5fca1616a52599ef002bc2469a9525
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
199a66ac6582dd904b4a006853b186b3169cceddddc159f5772e01ee3f31cac0
1b5a5af7354f03fde826fb4e056a1e175c19a672d398341c11b4b851ae181e31
1b7fc39482d4eb18e8d9db6f596d4699c2f20d9191c727e9545137cd45e6b157
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1e0d3317d5f9ab2a3697e10c9a588c533ff1490dc210109f7f8676da323cab63
1ee81b9a9822fe840aad218d0572923ecfc34252e9a029a01e0af18dbaa803f9
1f3e8bdafe20d66958557bd0b2016d8b048f15fdcc4f48a4601fb5950588e756
1f6667d6b8a71b23a3107b43dd9d4d1671a17e69f85a8eb7d141df873ae2a6fb
1fd692e17ffbdd6c487f570808045f74c6d3b93d61b6cd7a0296ae8c451eacd0
20b4e3b1f526fb2cc8f3497b3ca7d7653f95b3641b8eaa3fa94242208fc1a980
24711c83dd882b0b70b4c05e31bd5b9c3e32d17683d2b49539a728486881ec70
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30906ac37f6fd8096d8ef46734d873ba8c2a2facd716a2fdc7b9f5ef9685eedb
30dae9dd123086aff34ed8068925dc33842042351a77852e34b4edd8a2ae4b29
33358149be3f59ca19d917bf23a0d2458a555fd716609f4920ab0aa0d2a8301d
33c40c2335d26ad0f3b506969c3a67660523d137b0c8cc198911c2826a27316c
33ee4cea243d4bbc3c9a46426fbb283b87ea56db3a2823bec0d37dcca8a267b0
3835ce1e65978ce3accfdb80f6a749e3f513d23d4fe2498a2aa004fee99e02f9
39550218eda0d9caf79484fa83faeb2329812dea09a0af6dc5f4fb3a37046d43
39c3747d29a27dcd07c6cb7d4dee61fccb8de904505e145bce04230b762190e8
3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd
3c6dc0b8e451822061daba4be79dc084125a2810b8f3bd7a520c788eab3d5377
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
418c91639d6dbcb6709cf1878dd5b3c7a84071470c0d31dbf7ca84ee01832151
427f8dcaa42e89577a4604efbbd21af5c268c39b5c6e021f12d060b93257b101
42c88d61050399e0f93184e6e6fe946329df48ef9c7bc23b521ebdd28e10e563
440a8b9860904dbb79292833a108f6e9333a56389908a1fbfe5a010e921949de
4640640359f504d069e542951660e3aa43220471c2fc5a27a3aaf7e414cdef4d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49b0f568530679d4bdda7a5d9ac44ef2346dba5baf1006091d05ada7e8706823
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bab567b3903be4386028e78fe6e99876796d1a3f021275834041a2702a4d804
4bba58a24d973f3780362a09eac2d0f72e205e9d186cbe471bfea2fb4a5719cd
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d34963b7db0da6900ddb9c2fd6b9b9d59844eeec6d2a6a99d3f7c0bc820797b
4da6ec1389494a756e302de69d0a3dd8cc2307d0f0fd26cf3d296df3cba2e08f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
502d970a52aa1f76ce3a4f1709bfbe7727fbe720eab75eef6175792690a108ac
5346e1a1343f6f33d953371d82c8c8a7cc5e7e07a58689ec49d7d9e4452c6f7d
5484ef447d51f1402aada17408f1a7322315241f3df6354f931242cd51450d5f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563eaeec2e28b3b5fb8d6d9ddc5f04b264606630fad575dd7adddfbf7fa82362
565a3c1109b083c57031aff608ed98fab419370a31c69f3e49f96bd06a4323a7
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d
588774c7766b9317d06b992979cdf1dce5b86b0a4ad4abee0b397e6bc9357bb0
5933f670fcdc0426d1e2281f9dca1fdf7992dce035811a6428277499b81847ab
59efaaf0426fa7701b45afa875bed86f118ea3605a2216f7c80137bccd379256
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bed074367042548e1f1ce7d18ba273b797a7a142899b5fdafabf24aa17bb645
5cfd0889bddf20b0426add84fb0e0f596ef7dd653d3d22c8f5b63238a80a2088
5f010159247bf3b25e92cd7c414b38194bd825a212bf42f9adaa8587bd0253ac
5f9c492fc9c24768fb14962a92ee584c6bd57dbe666637e8fb45a287b66fc612
6039ce729a6c8041b44b7285bf244469b4d369991d6ad1f63711d079dad29b07
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
625cbb1f0133789356981a5ca8d87d5b3146ad23af58edcc4cf28da2cb2ae3c0
6527aa400c84ad7f1e7d474027b6823a39662321e6c6e31732f14d4051d46b41
65a3315e47b9affdd6868c8be65383db837a28984f7b159eea52ddf1dc4bbe89
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb321c9e48f6625271e110a70329b6e0d97482a5b045c110cea0b8b28c4c7fa
6ca95833acf82756103da29ce64e51d5ecaa8c73f513b8bb8af71c0c7417958a
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
74bdc1000a9008f9947df25429a0a4406104f70a6212a7a430cda94393fdf21a
78764c6b55a054871a6a5b36a5704b51eaab0e4394cf6a97cddd3c0ee4d7236e
7abd36a2f651330420d86187c125331d679408d1be7b6cd93efa64e08eaf80c7
7af6ddf0d3116b38e687c1c44a7082886a2ede4a599ac8a3210f9ecb211c20b2
807eb1593cffbaecc4ede4ca6e52691b9db2a9e943deeaae66652b31398a7616
80dd5640ffa151e0e9bdde1aec96af46600376fb8b0e29f8a72a8b9a7c3a14f0
82f4266a842360b89a28c06a7651ca82a1cb88202db2ff6c174d380619a1e6f3
830d5060a27f821bc5937b5bba9fe7157a0bf0f384b8cfa1a846fecbee88b433
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87038e38170c8ee523a5abcfc8c0a25ef98523caa85851b24ed1e195f90f482b
8767efb7cc987d1d1ca3fdfec776c55c82d5f519ea2c780e6999555bddef705c
88a3f52efe5b777a9193dea0c11da122d4d6a4daf2baeb042a969debdbe7f9e6
8a8a38df89acc13ff49e34007ff20f89e1d20785d3363c0c1c14cdf5d1934219
8c16d4a942680639d046bf4ee42ff207b5f665731be03be723ed038fe83b8836
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e09dcf5ae39b3188fa21f136192f64ca6b8269c11752237ce3a308ae6f5a85d
901c3fdbcd77b88cbd1ff6c3771b83c2eefd6794de26dfa44f7b5f37a7e98599
9213d9ffb010f00df9cd989986a3068e7b8de96cbee7e00f249e06d59e81e6ef
94277769b8916ca8755e5a211d850942e94e1d6621060daa7ffb5c3976b1ce5e
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
9483291af7020f115211bd712e0f0c71155587a6b815e529e3ec662e72f3fd2f
9657b0a8fad94d69d0317ab203423ac22731eb3b4116482acd110ab96f976563
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
976a6cf20b0b3db7be8ebb987f4666300c6db0fcd06aaee44a51db3ea38a889c
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
988499438d018502913f25af8b26d179bad9746d94c393c5204608e72c47f813
9c3fd260509751a6a247cc1f153666aef665e84908be6c3dd7ff97261bccb59f
9f616744c5212f524a7ff47e22a04d7f2ba7b2075512f932923a3fad65040150
9f6d5ac4efb597956118cf8976dfbd3d67b56f404b1ccc71ce79d532e5ee2266
a00b8f386dbbf315f6beee125061d2548e9bc060d68da15f2d05711d17a8360e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1285c19a66f8d009fc6ecdbd27373eaec80e05cb07cc75d47554f912b2fa06b
a28f7b51eecc453bfa4b7794290a3d75918d3983ec835f0089b5a92d90ba9961
a3d159a30009f18b2131b20e50b043b4bcd221e866bb925461dcf6f06c856bb3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7e71b4cb660f88db77b3e6843f565b39eedc25fd17f578d5664c39c4e3dd6e1
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
a910eb1b539b7cfa3b422cb4a58a698ad3de700dbbb5c6f7db475846f0143ca7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15f7a7f184880c7a8a88ceaf6b9d34817d33ef652c73bc15d65040f27f3fe69
b2438b4fd59796fa354af36092272f00a446507a7979243c7849dd589eaa5f1b
b2877b9644f1d0214961542e44f4d78fdcba93756941da51b62f0796b5d96431
b3a4dc93cb491425d6552342960777015f434ed0c89b8adf0fc2a84c4063d93e
b7cdc22a593e409a269b765a873bc075b60afbe0d64212545a042bfc62e3c9bd
b8a8a152d5a63979ac8df45dd249092d91facee4e240c088803fd330e0bb2e9c
b91b6417f3673f429a9de3c828d16ca761d979b37415dd23a75cf5def36acc16
b9cb9ae359a625e05528779aa81b4889ca5bbb9c3d870ea207fc3e9502d26459
ba25ceb996c4d0f021198f7192df75aa3f666fdfd73e61bccebffa4fb6ba1349
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5c1ffb80e8c6b709daf7cd8f06a977335f3a35f90332e9bd9a5e605717ccfe
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc8c33419378a34dc5449ee25e421efe99767a5d5897e3c4b5f3a14ee15115d
be0695a5895b1ad12ab9927e91dba097d0a7bdbd446db6ff978bf728ac0e5a8b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c52258c13dbe41865ee9bbd68e4e15cbc2105e276b5bf907c76b308b1bb952a6
c5fb47e39b757be7fd84e8b5b1e0f6a2915cb234a8c3d0fcae5df712e954606a
c9bef3eeae0579f5e9a6bdb6a165eac03fd106cde594a64d84ab4e66347d3d6a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cafc42ebbe4a31f3eee0ca6916d359d105a5fba58a899bf41cbdd1bdb6d5b2d9
ccba3325d1054036ca9b97100a703207868c08ec29f17ea2307ca3f8b7242a1d
ce087d1d736beb8d869939f28b6be10aa4660be34796429d59150527054b500f
cfda5ab4fa75e77566a328adae8566973f7d2a7d1815a272daf58cad64ff8273
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
d154521b7e690095bfb6cb7d50d20769a73c63299f7b35561e7266a8ad2f6f41
d3abb75ebc673d5c07263ea76e8a03b2f03a12e6a56c050c6b3a37e33e78e72f
d5e331b6ef26566e5fef1f3d3733ffd9253f246a858e988a7b826d13f27bde4d
d641d1e327b5294c8f455a91dbf61c6ad94cde87e2d91129c70bbb9c867438da
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d6cfcdf1e2b932ad28e31fa67aa30b6c13e15bd0e4cbd8cf973dbea4679c815f
d6de8fdce0389adf4da099857373c7419ade67e4f9854fa602a97cf5b3d6a206
d9c9f1155761feb80dc4e5c530d2a9b4fa978e2e28f7a6e996295c2d9d686132
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
db9bacda467d38f3afc52d07d44734b5d48543fb9600f71f5018b1ed09b87c62
dc4c1d4ad985cef08104a09919ae8be0221ed3a7ddde5654213e464ae4d944a1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e37d6e58fbd507020bfee3d26b717393a4c78e845bc164bcea7d7374c4a5d672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e53e650a83dbce1ab8d93c365299f2e8f5070c414c9ea302f2422ca65f5fdab4
e5e9ae1458b36ebe857373cbeb07e1aca3eebc0cf67516c1c841cd98495fbec6
e7dedbb2327be817cb91eab8f15c83bac411f30f4fe1a88013bd85f940aff522
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
ebd0dcf234064f287f67a2ed970cc6a512baca38206161527037da803f5b7093
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee5ee8f6231b03ed2aa9e411bb2137041fd06d2b51673a819f04c8e503908e2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24a5e889f8fb07411186efa5251f6e740e9f2b6694787972745ea7bef40b2a1
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f5de0ff9f66605a6edd3434522aea6f05b020a1de93e7b3b6c8edc9e54b63a89
f606a97ef04690e54406034c0fb8afcdaa9393770c2b8295a423c4577a02a673
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6f999ea0d328245ae7d1201632b7783931d12b0f936430c31e3fc1b2fb080f9
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fa1a9b6c00fd37d1fb6bdda7ae116d62efbbaf17fe5b0241db52aedcfefee68a
fa1ca159d9823aaefefd7cab9e5fca4bd3ed138fbc94f6d91613da38d9606124
fb7001aa094389a4e85c7b731e35f87a7a85f7575b2d69f16092f65842f3b68a
fd54b8fcb95379bc52d782a7224898af40953c092a34279bc83b36f9f4840de6
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdb7859de3585c9832f31955532cb32fe3ffecdfaf050c0192d348bcfc100801
ff125f0dfe5af20434e5abc3228bcb63ba4a2a5a286e69e090e16eff29cd368c