URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Submission: On May 20 via manual from US — Scanned from GE

Summary

This website contacted 104 IPs in 15 countries across 98 domains to perform 556 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
11 172.217.16.129 15169 (GOOGLE)
1 3 192.96.203.13 30633 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 2.21.20.216 20940 (AKAMAI-ASN1)
5 2.21.20.220 20940 (AKAMAI-ASN1)
35 151.101.129.44 54113 (FASTLY)
1 3.114.156.25 16509 (AMAZON-02)
49 142.250.184.194 15169 (GOOGLE)
1 3 99.84.88.85 16509 (AMAZON-02)
2 69.16.175.42 20446 (STACKPATH...)
4 178.250.1.11 44788 (ASN-CRITE...)
11 142.250.184.226 15169 (GOOGLE)
6 23.97.225.52 8075 (MICROSOFT...)
7 142.250.186.34 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
3 162.210.196.208 30633 (LEASEWEB-...)
1 152.199.21.175 15133 (EDGECAST)
2 23.36.163.114 20940 (AKAMAI-ASN1)
1 108.138.36.116 16509 (AMAZON-02)
1 188.114.97.3 13335 (CLOUDFLAR...)
4 91.228.74.251 16509 (AMAZON-02)
2 142.250.186.104 15169 (GOOGLE)
27 185.106.33.48 200478 (TABOOLA-AS)
1 151.101.193.229 54113 (FASTLY)
10 52.213.50.95 16509 (AMAZON-02)
1 52.57.203.214 16509 (AMAZON-02)
4 17 51.38.120.206 16276 (OVH)
4 185.86.138.122 201081 (SMARTADSE...)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 104.18.24.185 13335 (CLOUDFLAR...)
6 16 35.244.159.8 15169 (GOOGLE)
1 2.18.232.7 16625 (AKAMAI-AS)
9 13 37.252.171.85 29990 (ASN-APPNEX)
1 185.255.84.150 200271 (IGUANE-)
4 5 147.75.84.158 54825 (PACKET)
1 35.157.221.247 16509 (AMAZON-02)
1 178.250.7.10 44788 (ASN-CRITE...)
2 52.59.143.68 16509 (AMAZON-02)
3 52.68.118.121 16509 (AMAZON-02)
1 99.84.88.25 16509 (AMAZON-02)
4 52.193.119.46 16509 (AMAZON-02)
4 142.250.185.206 15169 (GOOGLE)
1 34.120.96.193 396982 (GOOGLE-CL...)
2 25 141.226.228.48 200478 (TABOOLA-AS)
2 12 142.250.181.226 15169 (GOOGLE)
12 13 35.71.131.137 16509 (AMAZON-02)
9 11 18.200.158.45 16509 (AMAZON-02)
6 8 3.71.149.231 16509 (AMAZON-02)
2 151.101.193.44 54113 (FASTLY)
1 3.233.156.15 14618 (AMAZON-AES)
4 142.250.186.130 15169 (GOOGLE)
5 142.250.186.129 15169 (GOOGLE)
17 45 142.250.186.98 15169 (GOOGLE)
1 18.66.192.59 16509 (AMAZON-02)
2 2 124.146.215.52 2514 (INFOSPHER...)
2 2 35.158.249.108 16509 (AMAZON-02)
6 12 185.86.139.104 201081 (SMARTADSE...)
3 9 69.173.144.165 26667 (RUBICONPR...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 198.148.27.139 19189 (PULSEPOINT)
2 2 178.250.7.11 44788 (ASN-CRITE...)
10 11 162.19.138.117 16276 (OVH)
9 9 185.29.132.241 30419 (MEDIAMATH...)
5 6 69.173.144.138 26667 (RUBICONPR...)
2 2 52.31.89.240 16509 (AMAZON-02)
2 2 34.243.85.78 16509 (AMAZON-02)
1 1 34.241.150.186 16509 (AMAZON-02)
11 13 54.93.152.195 16509 (AMAZON-02)
2 2 35.210.239.72 19527 (GOOGLE-2)
3 3 35.156.245.203 16509 (AMAZON-02)
3 12 13.248.245.213 16509 (AMAZON-02)
4 4 3.213.75.244 14618 (AMAZON-AES)
1 2 188.42.196.115 7979 (SERVERS-COM)
1 82.145.213.8 39832 (NO-OPERA)
6 23.37.42.132 16625 (AKAMAI-AS)
27 172.217.18.97 15169 (GOOGLE)
1 2.16.187.154 20940 (AKAMAI-ASN1)
1 2 35.186.254.217 15169 (GOOGLE)
3 5 185.64.190.79 62713 (AS-PUBMATIC)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
1 1 198.47.127.20 62713 (AS-PUBMATIC)
1 141.226.230.50 200478 (TABOOLA-AS)
7 142.250.186.132 15169 (GOOGLE)
2 142.250.185.226 15169 (GOOGLE)
7 7 37.157.6.254 198622 (ADFORM)
4 18 185.80.39.216 27381 (CASALE-MEDIA)
1 35.186.215.140 15169 (GOOGLE)
6 142.250.185.198 15169 (GOOGLE)
2 2 8.43.72.98 26667 (RUBICONPR...)
2 178.250.7.2 44788 (ASN-CRITE...)
1 1 20.85.134.6 8075 (MICROSOFT...)
2 4 23.35.228.23 16625 (AKAMAI-AS)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 4 104.111.217.42 16625 (AKAMAI-AS)
2 13.107.42.14 8068 (MICROSOFT...)
2 6 52.46.143.56 16509 (AMAZON-02)
3 172.217.16.194 15169 (GOOGLE)
1 142.250.186.138 15169 (GOOGLE)
2 142.250.184.202 15169 (GOOGLE)
2 142.250.185.230 15169 (GOOGLE)
1 23.35.236.188 16625 (AKAMAI-AS)
1 99.84.88.111 16509 (AMAZON-02)
9 2.18.235.93 16625 (AKAMAI-AS)
1 104.18.11.47 13335 (CLOUDFLAR...)
1 3 69.173.144.139 26667 (RUBICONPR...)
4 35.244.174.68 15169 (GOOGLE)
2 2 3.126.204.27 16509 (AMAZON-02)
6 6 50.31.142.223 23352 (SERVERCEN...)
3 3 104.111.217.14 16625 (AKAMAI-AS)
6 172.217.15.227 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
1 64.233.166.156 15169 (GOOGLE)
1 1 142.250.186.110 15169 (GOOGLE)
2 74.125.163.138 15169 (GOOGLE)
1 54.73.231.79 16509 (AMAZON-02)
1 77.245.57.72 ()
2 3 216.52.2.91 ()
1 1 37.157.5.84 198622 (ADFORM)
2 3.70.58.251 16509 (AMAZON-02)
2 2 3.122.133.176 16509 (AMAZON-02)
4 5 52.22.241.33 14618 (AMAZON-AES)
1 1 34.111.151.213 ()
1 104.18.10.47 ()
4 4 151.101.130.49 54113 (FASTLY)
1 3.221.215.100 14618 (AMAZON-AES)
10 52.210.15.1 16509 (AMAZON-02)
556 104
Apex Domain
Subdomains
Transfer
90 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 899
trc.taboola.com — Cisco Umbrella Rank: 635
vidstat.taboola.com — Cisco Umbrella Rank: 2666
il-trc-events.taboola.com — Cisco Umbrella Rank: 21088
images.taboola.com — Cisco Umbrella Rank: 1972
imprammp.taboola.com — Cisco Umbrella Rank: 14039
am-match.taboola.com — Cisco Umbrella Rank: 14084
wf.taboola.com — Cisco Umbrella Rank: 2741
am-vid-events.taboola.com — Cisco Umbrella Rank: 13207
sync.taboola.com — Cisco Umbrella Rank: 882
sync-t1.taboola.com — Cisco Umbrella Rank: 1288
match.taboola.com — Cisco Umbrella Rank: 4534
pips.taboola.com — Cisco Umbrella Rank: 1575
cds.taboola.com — Cisco Umbrella Rank: 1782
vidstatb.taboola.com — Cisco Umbrella Rank: 4552
am-wf.taboola.com — Cisco Umbrella Rank: 15321
837 KB
81 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
96b20f8e90d389581d4201d324a7b64d.safeframe.googlesyndication.com
1aa115841f28291ebd7590ab61c77aae.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 277
872 KB
71 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net Failed
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337
ad.doubleclick.net — Cisco Umbrella Rank: 165
bid.g.doubleclick.net — Cisco Umbrella Rank: 764
583 KB
28 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811
fastlane.rubiconproject.com Failed
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
token.rubiconproject.com — Cisco Umbrella Rank: 573
eus.rubiconproject.com — Cisco Umbrella Rank: 566
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 967
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2060
secure-assets.rubiconproject.com Failed
46 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 500
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
ssum.casalemedia.com — Cisco Umbrella Rank: 1248
dsum.casalemedia.com — Cisco Umbrella Rank: 1199
16 KB
19 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
8 KB
17 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 729
9 KB
16 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 18092
us-u.openx.net — Cisco Umbrella Rank: 436
u.openx.net — Cisco Umbrella Rank: 619
eu-u.openx.net — Cisco Umbrella Rank: 2294
3 KB
16 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1638
ssbsync.smartadserver.com — Cisco Umbrella Rank: 724
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1633
4 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
acdn.adnxs.com — Cisco Umbrella Rank: 583
secure.adnxs.com
39 KB
14 media.net
prebid.media.net — Cisco Umbrella Rank: 1346
cs.media.net — Cisco Umbrella Rank: 1383
contextual.media.net — Cisco Umbrella Rank: 599
hbx.media.net — Cisco Umbrella Rank: 1194
c21lg-d.media.net — Cisco Umbrella Rank: 2170
19 KB
14 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 834
x.bidswitch.net — Cisco Umbrella Rank: 290
4 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
6 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
7 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 508
eb2.3lift.com — Cisco Umbrella Rank: 358
6 KB
12 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1431
g2.gumgum.com — Cisco Umbrella Rank: 1404
usersync.gumgum.com — Cisco Umbrella Rank: 1728 Failed
4 KB
12 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 17082
e3.adpushup.com — Cisco Umbrella Rank: 18833
campaign.adpushup.com — Cisco Umbrella Rank: 51967
257 KB
11 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 421
16 KB
11 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1950
public.servenobid.com — Cisco Umbrella Rank: 3536
8 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 373
218 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
gcdn.2mdn.net — Cisco Umbrella Rank: 1100
r5---sn-4g5lzney.c.2mdn.net — Cisco Umbrella Rank: 846097
3 MB
9 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
5 KB
8 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
cm.adform.net — Cisco Umbrella Rank: 1155
dmp.adform.net
5 KB
8 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 660
image8.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 820
image4.pubmatic.com — Cisco Umbrella Rank: 955
ads.pubmatic.com Failed
2 KB
8 logly.co.jp
l.logly.co.jp — Cisco Umbrella Rank: 62147
sync.logly.co.jp — Cisco Umbrella Rank: 70797
b.logly.co.jp — Cisco Umbrella Rank: 69451
6 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
bidder.criteo.com — Cisco Umbrella Rank: 723
dis.criteo.com — Cisco Umbrella Rank: 575
2 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 533
4 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
4 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27434
sync.aralego.com — Cisco Umbrella Rank: 2732
4 KB
5 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1870
3 KB
5 google.ge
adservice.google.ge — Cisco Umbrella Rank: 73522
1 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 855
2 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1373
sync.teads.tv — Cisco Umbrella Rank: 1255
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 606
1 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 629
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 645
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
517 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 970
pixel.quantserve.com — Cisco Umbrella Rank: 790
cms.quantserve.com — Cisco Umbrella Rank: 686
10 KB
4 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 30153
audiencedata.im-apps.net — Cisco Umbrella Rank: 31017
sync.im-apps.net — Cisco Umbrella Rank: 3878
4 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 12848
42 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 511
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 437
132 KB
3 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3313
sync.inmobi.com — Cisco Umbrella Rank: 1398
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 961
2 KB
3 lijit.com
ce.lijit.com Failed
ap.lijit.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
3 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 752
2 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
720 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3942
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 620
cdn.indexww.com
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
656 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
55 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
106 KB
2 impact-ad.jp
aw.dw.impact-ad.jp — Cisco Umbrella Rank: 89994
567 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1572
1 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4260
906 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 755
857 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 550
2 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 2848
633 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 969
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 902
914 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
82 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 696
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 25725
11 KB
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1013
175 B
1 brand-display.com
dmp.brand-display.com
349 B
1 adkernel.com
sync.adkernel.com
1 KB
1 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 113506
10 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2388
467 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1160
188 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 756006
876 B
1 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10381
253 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
635 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3581
454 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
1 KB
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 25680
2 KB
1 ampproject.net
d-3510923640969853414.ampproject.net
1 compass-fit.jp
nt.compass-fit.jp — Cisco Umbrella Rank: 107391
16 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
15 KB
0 creativecdn.com Failed
creativecdn.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 turn.com Failed
ad.turn.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 yellowblue.io Failed
cs-server-s2s.yellowblue.io Failed
0 minutemedia-prebid.com Failed
cs-rtb.minutemedia-prebid.com Failed
0 bing.com Failed
c.bing.com Failed
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
0 360yield.com Failed
match.360yield.com Failed
ad.360yield.com Failed
556 98
Domain Requested by
48 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
ad.sitemaji.com
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
www.googletagservices.com
43 cm.g.doubleclick.net 17 redirects www.bg3.co
googleads.g.doubleclick.net
eus.rubiconproject.com
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
onetag-sys.com
eb2.3lift.com
u.openx.net
g2.gumgum.com
27 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
pagead2.googlesyndication.com
imasdk.googleapis.com
27 il-trc-events.taboola.com www.bg3.co
17 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
sync.adkernel.com
16 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 sync.taboola.com 2 redirects imprammp.taboola.com
www.bg3.co
am-match.taboola.com
eus.rubiconproject.com
13 x.bidswitch.net 11 redirects onetag-sys.com
g2.gumgum.com
13 match.adsrvr.org 12 redirects cdn.adpushup.com
12 eb2.3lift.com 3 redirects www.bg3.co
cdn.adpushup.com
eb2.3lift.com
12 ib.adnxs.com 8 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
11 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 id5-sync.com 10 redirects www.bg3.co
11 pr-bh.ybp.yahoo.com 9 redirects ssum-sec.casalemedia.com
11 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
www.bg3.co
11 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
cdn.aralego.net
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 usersync.gumgum.com g2.gumgum.com
10 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
onetag-sys.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
9 contextual.media.net cdn.adpushup.com
contextual.media.net
9 sync.mathtag.com 9 redirects
9 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
onetag-sys.com
8 us-u.openx.net 5 redirects googleads.g.doubleclick.net
u.openx.net
8 ups.analytics.yahoo.com 6 redirects onetag-sys.com
7 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
7 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 csi.gstatic.com imasdk.googleapis.com
6 b1sync.zemanta.com 6 redirects
6 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
onetag-sys.com
ssum-sec.casalemedia.com
6 s0.2mdn.net www.bg3.co
s0.2mdn.net
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 c1.adform.net 6 redirects
6 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
cdn.adpushup.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 ssbsync.smartadserver.com 4 redirects www.bg3.co
public.servenobid.com
6 e3.adpushup.com www.bg3.co
6 trc.taboola.com cdn.taboola.com
imprammp.taboola.com
www.bg3.co
5 a.audrte.com 4 redirects ssbsync.smartadserver.com
5 image8.pubmatic.com 3 redirects onetag-sys.com
5 sync-t1.taboola.com www.bg3.co
am-match.taboola.com
5 adservice.google.ge securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 prebid.a-mo.net 4 redirects cdn.adpushup.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync-tm.everesttech.net 4 redirects
4 ssum-sec.casalemedia.com js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
4 id.rlcdn.com onetag-sys.com
ssbsync.smartadserver.com
4 sync.teads.tv 2 redirects www.bg3.co
googleads.g.doubleclick.net
4 sync.srv.stackadapt.com 4 redirects
4 www.google-analytics.com www.bg3.co
cdn.ampproject.org
www.googletagmanager.com
4 b.logly.co.jp www.bg3.co
4 prg.smartadserver.com cdn.adpushup.com
4 images.taboola.com www.bg3.co
4 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
contextual.media.net
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ap.lijit.com 2 redirects public.servenobid.com
3 stags.bluekai.com 3 redirects
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 googleads4.g.doubleclick.net www.bg3.co
3 a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 u.openx.net 1 redirects www.bg3.co
cdn.adpushup.com
3 rtb.mfadsrvr.com 3 redirects
3 rtb-csync.smartadserver.com 1 redirects www.bg3.co
ssbsync.smartadserver.com
3 sync.logly.co.jp nt.compass-fit.jp
sync.logly.co.jp
3 adpushup-d.openx.net cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 match.sharethrough.com public.servenobid.com
ssbsync.smartadserver.com
2 r5---sn-4g5lzney.c.2mdn.net www.bg3.co
2 fonts.gstatic.com fonts.googleapis.com
2 am-wf.taboola.com vidstat.taboola.com
2 cms.quantserve.com u.openx.net
onetag-sys.com
2 eu-u.openx.net u.openx.net
2 ads.creative-serving.com 2 redirects
2 ad.doubleclick.net www.bg3.co
2 imasdk.googleapis.com a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
2 px.ads.linkedin.com eus.rubiconproject.com
eb2.3lift.com
2 sync.inmobi.com 2 redirects
2 cs.media.net 1 redirects contextual.media.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 pixel-us-east.rubiconproject.com 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
2 aw.dw.impact-ad.jp 1 redirects sync.logly.co.jp
2 ads.betweendigital.com 1 redirects www.bg3.co
2 u.ipw.metadsp.co.uk 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 dis.criteo.com 2 redirects
2 bh.contextweb.com 1 redirects www.bg3.co
2 ih.adscale.de 2 redirects
2 tg.socdm.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 dmp.im-apps.net nt.compass-fit.jp
dmp.im-apps.net
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 partners.tremorhub.com www.bg3.co
1 ade.googlesyndication.com www.bg3.co
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 secure.adnxs.com 1 redirects
1 c21lg-d.media.net contextual.media.net
1 dmp.adform.net 1 redirects
1 hbx.media.net 1 redirects
1 ssum.casalemedia.com 1 redirects
1 cm.adform.net 1 redirects
1 sync.adkernel.com public.servenobid.com
g2.gumgum.com
sync.adkernel.com
onetag-sys.com
1 g2.gumgum.com public.servenobid.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 fonts.googleapis.com a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
1 mweb.ck.inmobi.com 1 redirects
1 ad.sitemaji.com adx.holmesmind.com
1 vidstatb.taboola.com www.bg3.co
1 cds.taboola.com cdn.taboola.com
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 sync.im-apps.net sync.logly.co.jp
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com www.bg3.co
1 match.taboola.com www.bg3.co
1 rtb.gumgum.com 1 redirects
1 simage2.pubmatic.com www.bg3.co
1 trace.mediago.io 1 redirects
1 adx.holmesmind.com pagead2.googlesyndication.com
1 1aa115841f28291ebd7590ab61c77aae.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 96b20f8e90d389581d4201d324a7b64d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 http-intake.logs.datadoghq.com cdn.adpushup.com
1 pixel.quantserve.com www.bg3.co
1 imprammp.taboola.com vidstat.taboola.com
1 audiencedata.im-apps.net dmp.im-apps.net
1 rules.quantcount.com secure.quantserve.com
1 bidder.criteo.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 amp.analytics-debugger.com cdn.ampproject.org
1 l.logly.co.jp nt.compass-fit.jp
1 campaign.adpushup.com www.bg3.co
1 d-3510923640969853414.ampproject.net cdn.ampproject.org
1 nt.compass-fit.jp www.bg3.co
1 www.bg3.co
0 creativecdn.com Failed g2.gumgum.com
0 cs.admanmedia.com Failed g2.gumgum.com
0 cs.iqzone.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
0 pixel-sync.sitescout.com Failed ssum-sec.casalemedia.com
0 ad.turn.com Failed ssum-sec.casalemedia.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 um.simpli.fi Failed onetag-sys.com
0 ssp.disqus.com Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 p.rfihub.com Failed public.servenobid.com
contextual.media.net
0 sync.1rx.io Failed public.servenobid.com
contextual.media.net
0 cs-server-s2s.yellowblue.io Failed public.servenobid.com
0 cs-rtb.minutemedia-prebid.com Failed public.servenobid.com
0 ads.pubmatic.com Failed public.servenobid.com
contextual.media.net
g2.gumgum.com
0 secure-assets.rubiconproject.com Failed public.servenobid.com
contextual.media.net
g2.gumgum.com
0 c.bing.com Failed eb2.3lift.com
0 sync-dmp.aura-dsp.com Failed a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
0 aax-eu.amazon-adsystem.com Failed eus.rubiconproject.com
0 match.360yield.com Failed googleads.g.doubleclick.net
0 ce.lijit.com Failed www.bg3.co
public.servenobid.com
0 stats.g.doubleclick.net Failed cdn.ampproject.org
0 fastlane.rubiconproject.com Failed cdn.adpushup.com
0 static.bg3.co Failed www.bg3.co
556 182
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2
2022-05-20 -
2023-06-21
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
cdn.adpushup.com
R3
2023-04-05 -
2023-07-04
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.compass-fit.jp
GlobalSign RSA OV SSL CA 2018
2023-04-11 -
2024-05-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-12 -
2023-08-10
3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA
2022-08-02 -
2023-09-02
a year crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-18 -
2024-04-17
a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-19 -
2023-11-19
a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2023-01-17 -
2024-02-17
a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-04-13
a year crt.sh
*.logly.co.jp
Amazon RSA 2048 M02
2023-04-05 -
2024-05-04
a year crt.sh
analytics-debugger.com
GTS CA 1P5
2023-05-20 -
2023-08-18
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01
2023-04-29 -
2024-05-27
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-05-09 -
2023-08-07
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
teads.tv
R3
2023-05-11 -
2023-08-09
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
*.a-mo.net
R3
2023-04-13 -
2023-07-12
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
quantserve.com
R3
2023-04-14 -
2023-07-13
3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4
2023-04-10 -
2023-07-09
3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-22 -
2024-03-22
a year crt.sh
*.google.com.ge
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2
2022-05-19 -
2023-06-20
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-10 -
2024-05-09
a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-18
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
feebee.com.tw
R3
2023-05-02 -
2023-07-31
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-24 -
2023-06-18
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02
2023-02-21 -
2024-02-05
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-02-21 -
2023-08-16
6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-03-07 -
2023-09-07
6 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
gumgum.com
Amazon RSA 2048 M01
2023-02-14 -
2023-10-05
8 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-02-10 -
2023-08-12
6 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-05-09 -
2023-07-18
2 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-02-08 -
2024-02-15
a year crt.sh

This page contains 78 frames:

Primary Page: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Frame ID: 182FBF69E2188793321FEB5E57E67091
Requests: 181 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 902042506DB22C22F8071FFB509D8E05
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: E77987ABF283C27BB6A012CE366E9A77
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FD76EBF32D96B6B564454F044A3A7EC8
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 67715A77251BD3D828E5D122D40C2675
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C9385AA59E41AD2F583B76289F3BE846
Requests: 9 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1684581082210&uv=3280&tms=1684581082210&abt=nonrv_vA!nrlc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5196f492-d60c-4812-920f-fc0c14e9b109&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 5EF327118C64443DC37D227B3F7C1B5E
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 36DFAA5F32576E2403914D1714027741
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2172911138392264553&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3222&oid=2&is_amp=5&amp_v=2304262219000&d_imp=1&c=767255009639&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&ga_hid=9639&dt=1684581081445&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&bdt=1800&dtd=473&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 6D883F60D85F0973BE295456D9C7268A
Requests: 1 HTTP requests in this frame

Frame: https://96b20f8e90d389581d4201d324a7b64d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1FF3EF58740050A3A6154C6E3A18932F
Requests: 1 HTTP requests in this frame

Frame: https://1aa115841f28291ebd7590ab61c77aae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 911DFF07948DBAC78F6333BD4E79B32E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Frame ID: BC85ACF4FEF74243671660597E6E11D2
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Frame ID: 78FCA2F72FEBE529694D80D006E43774
Requests: 2 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZGiq3MCo8YsAALzyuQcAAAAA
Frame ID: 1BB65E8BFF080A7CA4C11702C3EE7FFB
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 3B1C812ECAB39833111F67A29B37A8DA
Requests: 12 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0876446D603F2A187DEFE707E0C7B143
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPih84DEI_JptQDGJ3kmukBMAE&v=APEucNWI8YJgZVAq62QvPCk9L6gQiH1J5J6VYhxpwzY5lbNiEuOM3CGb0s9u0hO-huO-ELNZQYjWB3ljuQfPvwTvCRSdisKfQQ
Frame ID: 47BF6A790574ED427DEC3461A672850B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D186EEA404F417B790773F36C1485503
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 88E0B7836BC28EC4429BA7FCB63C5BB9
Requests: 3 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
Frame ID: 7C96F444AA1C92CDA63DF2B3C8E93493
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6681BF6B814E454BCC14F8847B5C8096
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D55412322A1D65EDE0FD5F8D549591C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A3310768D6DB10A0102C620E3908DC2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAE9C9E32A60A72D94BA629E30DA0D89
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E19812F85175A21176F85C7C73DBF2D2
Requests: 9 HTTP requests in this frame

Frame: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 59A0D3D619484440160B5BEB5AD3C824
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8EE86ECEE7248AD3DC2BBAAAD9CD160D
Requests: 3 HTTP requests in this frame

Frame: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 075EF0C4D65FA62B7266EF75B3804826
Requests: 30 HTTP requests in this frame

Frame: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0A38209EB2D5E6FBB8D35A9ABAA96A3
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: DE23C14DF3D3AF2B20F277B83425074D
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13850589910671504582/300x250.html
Frame ID: 0BEA1819006AD73D833E4517380E913A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf37gIQlK-3zwMYme7o0wEwAQ&v=APEucNWQ9JEmPMOB5SDrTGjM1LfS_cWFjDNsKnn80FnWXdoLgGOchh3WIzQWo0x_luRiHKuW_dVHjwNkpuBEokIni5Y0ViGKzA
Frame ID: E9CF204CAF985408A3EBCCB42443A48A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: E883F4ED9E4B8409D3261230751AA1DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 56943A0CA17C1B3854C6834B015D21AA
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C89F114E7C883D70F6EB877E005CC9B2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=2152568021&adf=552093736&pi=t.ma~as.9099904862&w=300&lmt=1684581086&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230307%2FnyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581085650&bpp=4&bdt=253&idt=359&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&correlator=7039889998614&frm=8&ife=1&pv=2&ga_vid=1448893137.1684581086&ga_sid=1684581086&ga_hid=1695692975&ga_fc=0&nhd=3&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1851353548&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788441%2C44789779&oid=2&pvsid=862713920363506&tmod=1924007829&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lhkrro460jfl&fsb=1&dtd=383
Frame ID: 5CBA476FD2DDFC2984DBBF202FB0ED08
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B213756DC2E90DECC2604B58E7247C89
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A478F5EFF8887760FDF85F25EFEDFDB3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C43FC44AEA1C4F6073BCDB14DE4E792
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5AA34D060DE66D05F8E0FA662DA591B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2940938A9818F34A714EB89A9339A42
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95C7B8626A88D0AA622F3BDB2D6D3ADA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC725494B3204E7B231069DFE1C89E01
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E725D2FD0B0A5B02C29E8A3F44ECD10A
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 264C8B470DAC2306D282C5BE02BD7F96
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 52D5ADA61E56AE76E18CECD8DDF26050
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C7CB01D00DBAC0D7EB107B8C70EA1BAE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8B15822A43EBBEDB65CE68DCF42DAAD8
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1684581082264
Frame ID: 3F6C1D41AD1EBA9B6E4FA729EB2E576F
Requests: 14 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: D73E57F7D7320C8CC4F7962F83F5B258
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63762D21A0AFA9E81328018564D3AE86
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 393BEC9C265B693CBA1E553E6E195327
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 12470DE308B9CF0464BBB3C0155E40D6
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 76347A5486E3D9071311D66E1C9D9361
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 49316E32888DE61E14DAB4CA55011547
Requests: 12 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 23457C62AF9B1FFF1282C1EBCA707B78
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: FD080DC7658FCB7B9FD78AAB02F430CA
Requests: 10 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
Frame ID: 2CB58FD6680F5D226B38A79026084D22
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 8CB882FEEFF22525A44DB37E88B4ECD0
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 4EF94E6D3E27A5B90FFE34BF4CE0A9BE
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 799E741C01EFC7AEFCC1A933E9E73012
Requests: 2 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: AFDC7070659DF44F2968301109C3F619
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Frame ID: 7D8A6DD5764F622FAC937BF23E48539E
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Drkt%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D%7Buserid%7D
Frame ID: 1134D86F36D2A13F93F0F056B973E373
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dpba%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3DPM_UID
Frame ID: EE18B696E69BDA6F4767D15F74E39452
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 6E15FC3F638ED49563C9D57590FCCE81
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_46c5d185-140f-403c-803c-9934d8a546ee&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: B7F666ED43AEF66A8741B439D91B5626
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 055BB1DBD218192527B75B696290DC18
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=7fc38604-7561-40d5-8fc3-88b242d19c34
Frame ID: 61D0E4874C8C074F7403AB81D4E6C695
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
Frame ID: F55E57E236A66BEC175C18848FF6C3DF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZGiq5AALaJk-lgA9&gdpr=0&gdpr_consent=&_test=ZGiq5AALaJk-lgA9
Frame ID: 313E458689FD4636F03A72C57F6BED53
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80NmM1ZDE4NS0xNDBmLTQwM2MtODAzYy05OTM0ZDhhNTQ2ZWU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 4DC965E16F542F15503F10F2BA40723B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZGiq3MCo8YsAALzyuQcAAAAA
Frame ID: 3112BDA4CDC030A8D79EAF91961A682B
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_46c5d185-140f-403c-803c-9934d8a546ee&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: C11952D2736378779E064C847F944182
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: F3F337D41B7B7FD33D03A81781A2039E
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: C71DD80F335EF7EF5E43FB8DB7DC4141
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Frame ID: 76E27D59F985E7509E965BBD5257CAEA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: BEB4BB24101F8199CE242335E982F0F2
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

吳哲源右肩挫傷5月歸隊有困難 王建民:無法預估時間 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

556
Requests

68 %
HTTPS

0 %
IPv6

98
Domains

182
Subdomains

104
IPs

15
Countries

6456 kB
Transfer

14096 kB
Size

143
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 38
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684581080792&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&c8=%E5%90%B3%E5%93%B2%E6%BA%90%E5%8F%B3%E8%82%A9%E6%8C%AB%E5%82%B75%E6%9C%88%E6%AD%B8%E9%9A%8A%E6%9C%89%E5%9B%B0%E9%9B%A3%E3%80%80%E7%8E%8B%E5%BB%BA%E6%B0%91%EF%BC%9A%E7%84%A1%E6%B3%95%E9%A0%90%E4%BC%B0%E6%99%82%E9%96%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684581080792&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&c8=%E5%90%B3%E5%93%B2%E6%BA%90%E5%8F%B3%E8%82%A9%E6%8C%AB%E5%82%B75%E6%9C%88%E6%AD%B8%E9%9A%8A%E6%9C%89%E5%9B%B0%E9%9B%A3%E3%80%80%E7%8E%8B%E5%BB%BA%E6%B0%91%EF%BC%9A%E7%84%A1%E6%B3%95%E9%A0%90%E4%BC%B0%E6%99%82%E9%96%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
Request Chain 152
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7fc38604-7561-40d5-8fc3-88b242d19c34
Request Chain 153
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ILpN_9xE2oQJNutUb6435kF2Tb9WNc9PDEPH3A--~A
Request Chain 154
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-06osZhxE2uFiE_4cSt7vWI1I6osX8f6w~A&gdpr_in_effect=0
Request Chain 188
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082781&bpp=12&bdt=1556&idt=528&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=1&ga_vid=1618561996.1684581083&ga_sid=1684581083&ga_hid=883589078&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1578&biw=1600&bih=1200&isw=336&ish=280&ifk=1191537871&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44782466%2C44788441%2C44792089&oid=2&pvsid=746823519558503&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qhdtoviu5ck0&btvi=1&fsb=1&dtd=548 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Request Chain 192
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZGiq3MCo8YsAALzyuQcAAAAA
Request Chain 193
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=58de722828b344bea7086abb3aff19da HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=58de722828b344bea7086abb3aff19da
Request Chain 195
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW2ZQ0-1Q-DG4O
Request Chain 196
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ev59YhBE2oRwwFHDwrFevxfxnl0MGeaGSZwU1Q--~A
Request Chain 197
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=6ecafbf8dccc891c3e59ba05cc40594e
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjwSnVZp4Le_iGCA39lIWQ&google_cver=1
Request Chain 200
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
Request Chain 201
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7fc38604-7561-40d5-8fc3-88b242d19c34
Request Chain 205
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f7062fdb-10b3-4349-8439-504c96000fa8
Request Chain 206
  • https://id5-sync.com/s/464/9.gif?puid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-3656KS_OH6GQshtes8IRFQfQFEWLEXpn7TCX3Bcn-Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/6/2.gif?puid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7fc38604-7561-40d5-8fc3-88b242d19c34&ttl=%%TTL%% HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LHVW306E-12-9PM4&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/3/5.gif?puid=afe268f8acf791be5188634701323e07&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=afe268f8acf791be5188634701323e07&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=afe268f8acf791be5188634701323e07&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/485/2/6.gif?puid=08824236776112981773841656358166746996&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/1/7.gif?puid=e_46c5d185-140f-403c-803c-9934d8a546ee&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fid5-sync.com%2Fa%2F464%2F1132%2F0%2F8%2Fgif%2F0%2F0%2F HTTP 302
  • https://id5-sync.com/a/464/1132/0/8/gif/0/0/d287bd84-e581-47c4-a797-199ba0e2bd17
Request Chain 207
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=2199b558-da5e-44b6-832f-101a308b5b95&ssp=taboola&bsw_param=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
Request Chain 208
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=09f399e4-c6e0-4493-b1a9-5aac0861555e HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=09f399e4-c6e0-4493-b1a9-5aac0861555e&tbid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&query=taboola_hm%3D09f399e4-c6e0-4493-b1a9-5aac0861555e&isDirect=0
Request Chain 210
  • https://eb2.3lift.com/xuid?mid=7772&xuid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&dongle=tbla&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 211
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY
Request Chain 212
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&crf=1
Request Chain 214
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
Request Chain 218
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ev59YhBE2oRwwFHDwrFevxfxnl0MGeaGSZwU1Q--~A
Request Chain 219
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-06osZhxE2uFiE_4cSt7vWI1I6osX8f6w~A&gdpr_in_effect=0
Request Chain 225
  • https://aw.dw.impact-ad.jp/c/map/?oid=26eb996a1a9c6758&cid=MVXleWlkuuc4M2S3r5x3_pUsPls&sp=dsd HTTP 303
  • https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=MVXleWlkuuc4M2S3r5x3_pUsPls&sp=dsd
Request Chain 226
  • https://image8.pubmatic.com/AdServer/ImgSync?p=162474&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162474%26pr%3Dhttps%253A%252F%252Fsync.logly.co.jp%252Frtb%252Fpubmatic.gif%253Fbuyeruid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=162474&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162474%26pr%3Dhttps%253A%252F%252Fsync.logly.co.jp%252Frtb%252Fpubmatic.gif%253Fbuyeruid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkY4NTFCMUUtMzA3Ni00RjM0LUIwNTMtMThCRTJGRENCQUE4&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=162474&pr=https%3A%2F%2Fsync.logly.co.jp%2Frtb%2Fpubmatic.gif%3Fbuyeruid%3DFF851B1E-3076-4F34-B053-18BE2FDCBAA8 HTTP 302
  • https://sync.logly.co.jp/rtb/pubmatic.gif?buyeruid=FF851B1E-3076-4F34-B053-18BE2FDCBAA8
Request Chain 242
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5193034627608884685&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
Request Chain 245
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1&C=1
Request Chain 247
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGiq3DjU40k.X6Q0gow1ygAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1&google_hm=2
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJoXMYLcPwjw5-BBxPj5n_o&google_cver=1
Request Chain 249
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwODE3NjAyNjEyMTM5NDQwNg%3D%3D
Request Chain 265
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LHVW2ZQ0-1Q-DG4O HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW2ZQ0-1Q-DG4O&gdpr=0&us_privacy=1---
Request Chain 277
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJ7vRRuhP5sLlsnM5ByZP-M&google_cver=1&google_push=ATf1kGO3CBX71dPw9kST26Lr6jXjJ6cviewwc725_uMBYHxtjFQTBXt_0mAkDXqZWUufysIoYCbKsZDIV4O8oL49AlVUmEBXMvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmUyNTg2YmEtYjhkMS00ZGZhLWIxZWYtMWZjODc5MGE3NTU4&google_gid=CAESEJ7vRRuhP5sLlsnM5ByZP-M&google_cver=1&google_push=ATf1kGO3CBX71dPw9kST26Lr6jXjJ6cviewwc725_uMBYHxtjFQTBXt_0mAkDXqZWUufysIoYCbKsZDIV4O8oL49AlVUmEBXMvQ
Request Chain 278
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF6DzgNps4VkMragQLH-EUg&google_cver=1&google_push=ATf1kGNrefBk5ndWd2H_sd311dtUP7gydtYSwnO5xMUfVwBZUB8R9e7YNy3eYLUElag3NWBJTUsE1lJj5Y14z-mb_RAIa1Jwhfs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDjbKskz2ntMWBdbCjztp8hejvf005YNpA&google_push=ATf1kGNrefBk5ndWd2H_sd311dtUP7gydtYSwnO5xMUfVwBZUB8R9e7YNy3eYLUElag3NWBJTUsE1lJj5Y14z-mb_RAIa1Jwhfs
Request Chain 280
  • https://cs.media.net/cksync?type=g&google_gid=CAESEKSbA0yu-ytzHRcWB0FniOc&google_cver=1&google_push=ATf1kGOGHFpbrLi2bVkYyXkEEM8q2EIhlOFm5mLr9zvhHvpMO6Rzb8YcalzqeJjhxwgn-Qd2JiCfGvJLpgs0C2LY0Hc-WiA9ZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI3NTgyNjg4NDI2NDY3MjAwMFYxMA%3d%3d&mn_hm=MzI3NTgyNjg4NDI2NDY3MjAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGOGHFpbrLi2bVkYyXkEEM8q2EIhlOFm5mLr9zvhHvpMO6Rzb8YcalzqeJjhxwgn-Qd2JiCfGvJLpgs0C2LY0Hc-WiA9ZA&gdpr=&gdpr_consent=
Request Chain 281
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBjgVoGBlqLtE3wXaU2K_Kc&google_cver=1&google_push=ATf1kGN0TH2_iHgDZRc3W29AaUq5wOqpRftgjGygne1WF9Mqs_bV39VR8gr9p_MorVw3g61nW3_1SfwsNLGnujl99Fe997Ee2Ks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGN0TH2_iHgDZRc3W29AaUq5wOqpRftgjGygne1WF9Mqs_bV39VR8gr9p_MorVw3g61nW3_1SfwsNLGnujl99Fe997Ee2Ks&google_hm=ODQyODUwNDI0MzcyNTc2MjUxNg%3D%3D
Request Chain 282
  • https://sync.inmobi.com/gob?google_gid=CAESELrqTbwdyuWhJtYtZQnT2uQ&google_cver=1&google_push=ATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdEYkASHU2D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdEYkASHU2D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-307dRJXVz5Xmva1BMYXQwaExT1NY6nEHWRJ4gEQKvw&google_push=ATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdEYkASHU2D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=DwPIdHtpW-WpOju7F2Rb&google_push=ATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdEYkASHU2D&google_nid=inmobi_new_eb
Request Chain 283
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBVwdWhmtsMqqCcg8TyB0-Y&google_cver=1&google_push=ATf1kGNJB2eqUNUfY7DDzpOK4GWJeJjCa8B6lKlJ7E5vrgIomyRG65DtuRFMclj9SIOcUQVHX0elqHwnivMLFdFbUMYMlM5Nzg3M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTg1ODgxMzgtN2JmNi00YTRjLWJlNTYtNGIxYjRkMjA2MTli&google_push=ATf1kGNJB2eqUNUfY7DDzpOK4GWJeJjCa8B6lKlJ7E5vrgIomyRG65DtuRFMclj9SIOcUQVHX0elqHwnivMLFdFbUMYMlM5Nzg3M HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 287
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LHVW306E-12-9PM4 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW306E-12-9PM4&gdpr=0&us_privacy=1---
Request Chain 288
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=&expires=30
Request Chain 289
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHVW306E-12-9PM4&gdpr=0&us_privacy=1---
Request Chain 291
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/41xqNzZv5JQoOBorGpyGisn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Eh4uUoBE2oLMBNQMNCSotS6MGYI6jaJ.0ZPVaQ--~A
Request Chain 292
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4MmE1ZmU0YTQxYzk2MDEyMDdlYjFjYjczMzViYTc3ZWVmYzEzNQ&gdpr=0&us_privacy=1---
Request Chain 293
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhWVzMwNkUtMTItOVBNNA==&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESELsAz-28w4SUo2dKtFnJnKY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhWVzMwNkUtMTItOVBNNA==&google_push=&gdpr=0
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBwIDk6Xv6ZqsofMs_8zAhs&google_cver=1
Request Chain 295
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_uy3WFg9QcWbT76ns8GNoQ&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_uy3WFg9QcWbT76ns8GNoQ&gdpr=0
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1yFG86cMrTY3xVP1M3HGQ&google_cver=1
Request Chain 325
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlkNWNhM2UtMDRlMy0yMTM2LWQ1MGMtNTNjZmEyNTA3MjMx
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOyI1ZfWv0rhKxNS1Rjx3H0&google_cver=1
Request Chain 327
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YTg1ODgxMzgtN2JmNi00YTRjLWJlNTYtNGIxYjRkMjA2MTli
Request Chain 330
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBO8xHOolEWOW38jksfw6nM&google_cver=1&google_push=ATf1kGO2O0Tc7hu44lqCO51sO1W2sAedZQ0qlPc0CG5vyiUDuX7lk14UuSgOp6GbNze-LwYaIV0KonRq9c4_wpMDjq-oNR9oC7ce HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO2O0Tc7hu44lqCO51sO1W2sAedZQ0qlPc0CG5vyiUDuX7lk14UuSgOp6GbNze-LwYaIV0KonRq9c4_wpMDjq-oNR9oC7ce
Request Chain 331
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPknlx_SzKqH6tQO_Q_lyf0&google_cver=1&google_push=ATf1kGM5CRA3cyMUY8KvanJdgB-iLB7uYKKrEBRAHHYE_fq1GH5nK61sR7LqwrV7P-5jVOmE57UILETuVfzj8a1jtJPf1KTx6WM- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGM5CRA3cyMUY8KvanJdgB-iLB7uYKKrEBRAHHYE_fq1GH5nK61sR7LqwrV7P-5jVOmE57UILETuVfzj8a1jtJPf1KTx6WM-&google_hm=eS0yeFlRRTJWRTJwRTEuMUg3ZUM0WHhMaGdWRGZ1Y2pJR35B
Request Chain 332
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHCn787ufZcnXBqo2LEcK6U&google_cver=1&google_push=ATf1kGNToT5BN7fxgOdBnudZ_Cj6tqqMVR1TOuPKg_4fnJIvF0ozvH_GFSIZ8nz_DYR80ISpTgiNmw0_Uy47_60eBR6Fms7WRywq HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHCn787ufZcnXBqo2LEcK6U&google_cver=1&google_push=ATf1kGNToT5BN7fxgOdBnudZ_Cj6tqqMVR1TOuPKg_4fnJIvF0ozvH_GFSIZ8nz_DYR80ISpTgiNmw0_Uy47_60eBR6Fms7WRywq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjM3Nzg1NTkwMzYyMzYwNzYyMA&google_push=ATf1kGNToT5BN7fxgOdBnudZ_Cj6tqqMVR1TOuPKg_4fnJIvF0ozvH_GFSIZ8nz_DYR80ISpTgiNmw0_Uy47_60eBR6Fms7WRywq
Request Chain 333
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHJrvOfYO6oe8yJAvrhokiE&google_cver=1&google_push=ATf1kGOJZoyI-bx8Bmsqncja48u29BpPPQz4V6NMrFwu4cF8y7t6JC59_iV5CP5pivkNtJFCKEgTMRemI11igNH3i32g9jHd3Z4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOJZoyI-bx8Bmsqncja48u29BpPPQz4V6NMrFwu4cF8y7t6JC59_iV5CP5pivkNtJFCKEgTMRemI11igNH3i32g9jHd3Z4
Request Chain 377
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=1&gdpr_consent=
Request Chain 379
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7208176026121394406
Request Chain 381
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDjbe15V3vDCdQ01jKK4qhJZWb2hNWyvyA
Request Chain 384
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eH6DToD106tEipBepHBuyLyR5KYFBvO7DM9qk_bQYIY
Request Chain 386
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF6DzgNps4VkMragQLH-EUg&google_cver=1
Request Chain 388
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=
Request Chain 392
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7fc38604-7561-40d5-8fc3-88b242d19c34&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 393
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4MjQ0MDQ5NjEyODY5NTU4Nzc4Nw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK44aCgIoe2glebDIqwM2Ew&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 395
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4MjQ0MDQ5NjEyODY5NTU4Nzc4Nw%3D%3D
Request Chain 397
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3382440496128695587787&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=96341a79-5240-46ee-9aee-113efca37709&ssp=triplelift&expires=30&user_group=5&bsw_param=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 399
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3382440496128695587787?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8.r5Wy5E2oRDph3l1_A1gAGkU6B0i3wGBs4GukqJRg--~A&dongle=0883
Request Chain 400
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=HXYMEbQh5-OVBVfp6wcH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBMFSTKFMJIWQNJNJ5LEEVTGOA3HOY2I&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBMFSTKFMJIWQNJNJ5LEEVTGOA3HOY2I HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HXYMEbQh5-OVBVfp6wcH
Request Chain 401
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7208176026121394406&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 402
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff616468-aadf-4e00-b282-69fbe17f5561
Request Chain 404
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5193034627608884685
Request Chain 405
  • https://match.adsrvr.org/track/cmf/openx?oxid=25ba19f4-cd94-7f92-c0ec-097668b2bc51&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7fc38604-7561-40d5-8fc3-88b242d19c34&ttd_puid=25ba19f4-cd94-7f92-c0ec-097668b2bc51&gdpr=0&gdpr_consent=
Request Chain 407
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1yFG86cMrTY3xVP1M3HGQ&google_cver=1
Request Chain 425
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBO8xHOolEWOW38jksfw6nM&google_cver=1&google_push=ATf1kGNxvio65yk--sP_Mzi6vpuqaVLseRwUZaQQDr5iA1snnJRDIvIN_omPANPkpXSqtwxHzxOh3nhNK7EWa17e93lQ8k875FVDAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=_2FkaKrfTgCygmn74X9VYQ&google_push=ATf1kGNxvio65yk--sP_Mzi6vpuqaVLseRwUZaQQDr5iA1snnJRDIvIN_omPANPkpXSqtwxHzxOh3nhNK7EWa17e93lQ8k875FVDAA
Request Chain 426
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPknlx_SzKqH6tQO_Q_lyf0&google_cver=1&google_push=ATf1kGO6IMMiPSPwW-JRT7ElnU_DRZo2k9tqVaIHAYvJm2WcsLD90efmthKANxQbHlv-hOmJ8zGEN-HGsi8YacHeEHNJ8i9hA4LZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO6IMMiPSPwW-JRT7ElnU_DRZo2k9tqVaIHAYvJm2WcsLD90efmthKANxQbHlv-hOmJ8zGEN-HGsi8YacHeEHNJ8i9hA4LZ&google_hm=eS0yeFlRRTJWRTJwRTEuMUg3ZUM0WHhMaGdWRGZ1Y2pJR35B
Request Chain 427
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHCn787ufZcnXBqo2LEcK6U&google_cver=1&google_push=ATf1kGPbX8UIYiwOInKs8LwX0BhYKsxHBrQL8-OGlN9B9uejtmzg7tjN2ImBBEZROkvDk4xeiNwZ1eMyIns7O19op_IAiLcUmnM7Sg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE5MzAzNDYyNzYwODg4NDY4NQ&google_push=ATf1kGPbX8UIYiwOInKs8LwX0BhYKsxHBrQL8-OGlN9B9uejtmzg7tjN2ImBBEZROkvDk4xeiNwZ1eMyIns7O19op_IAiLcUmnM7Sg
Request Chain 428
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHJrvOfYO6oe8yJAvrhokiE&google_cver=1&google_push=ATf1kGOkf2jJm4cImWGx-MkLlTK7XdbpFWNJvfCt28y8ftw3iIsNL3JXjbVuGsr0igXd6jatTNJSFLvbvHQxhsQIzFS12BxaI2Lj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOkf2jJm4cImWGx-MkLlTK7XdbpFWNJvfCt28y8ftw3iIsNL3JXjbVuGsr0igXd6jatTNJSFLvbvHQxhsQIzFS12BxaI2Lj
Request Chain 434
  • https://gcdn.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/815536C6123F20C7ECBAFD9CC18B9846B0351FAD.8551B77B14585439A67F46ED1AFE94D8633CA58E/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1969C57ACAFE5E4643CB48B23402DB608B4596DB.08EC8D8B1B986AE5105A63294C89BC3B9BCB210F/key/cms1/cms_redirect/yes/mh/v9/mip/91.239.206.150/mm/42/mn/sn-4g5lzney/ms/onc/mt/1684580684/mv/m/mvi/5/pl/24/file/file.mp4
Request Chain 450
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7208176026121394406
Request Chain 452
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=GrT_pLZHSRLHEfOAT56M3_Th
Request Chain 456
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb-9bf2331641d5%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/470?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=6a0725af-17bc-4465-80cb-9bf2331641d5&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=7208176026121394406 HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb-9bf2331641d5%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/1/470?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=6a0725af-17bc-4465-80cb-9bf2331641d5&bidder=adform&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=5193034627608884685 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb-9bf2331641d5%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/2/470?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=6a0725af-17bc-4465-80cb-9bf2331641d5&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=ZGiq3DjU40k.X6Q0gow1ywAA%262192 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb-9bf2331641d5%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 457
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
Request Chain 459
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
Request Chain 461
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=3275826914264604000V10
Request Chain 466
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dapx%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=apx&refUrl=&vid=45810916313275826914264604000V10&ovsid=7208176026121394406
Request Chain 467
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dopx%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3275826914264604000V10&type=opx&refUrl=&vid=45810916313275826914264604000V10&ovsid=ed96706b-6694-4572-a3a3-7718da5d2e8d
Request Chain 468
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dmma%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=mma&refUrl=&vid=45810916313275826914264604000V10&ovsid=ff616468-aadf-4e00-b282-69fbe17f5561
Request Chain 470
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=dxu&refUrl=&vid=45810916313275826914264604000V10&ovsid=GnHNNGy41Q0kuM5
Request Chain 471
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f7062fdb-10b3-4349-8439-504c96000fa8
Request Chain 472
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-ww.oPL9E2pkV_pSgIbJN4XWBmBC0CGW_t9wsbw--~A&expires=5&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 473
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dzem%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=HXYMEbQh5-OVBVfp6wcH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKILBMU2RLCKFUDKLKPKZBFMZTQGZ3WGSDIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU2DKOBRGA4TCNRTGEZTENZVHAZDMOJRGQZDMNBWGA2DAMBQKYYTAJTWONUWIPJTGI3TKOBSGY4TCNBSGY2DMMBUGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKILBMU2RLCKFUDKLKPKZBFMZTQGZ3WGSDIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU2DKOBRGA4TCNRTGEZTENZVHAZDMOJRGQZDMNBWGA2DAMBQKYYTAJTWONUWIPJTGI3TKOBSGY4TCNBSGY2DMMBUGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=HXYMEbQh5-OVBVfp6wcHhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=45810916313275826914264604000V10&vsid=3275826914264604000V10
Request Chain 474
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3275826914264604000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=09f399e4-c6e0-4493-b1a9-5aac0861555e&cs=1
Request Chain 475
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7fc38604-7561-40d5-8fc3-88b242d19c34
Request Chain 476
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
Request Chain 477
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LHVW306E-12-9PM4&gdpr=0
Request Chain 478
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7208176026121394406
Request Chain 480
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=108428236549357317
Request Chain 482
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=--3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w
Request Chain 483
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMesy4evnQ_XBFQdWUswQcA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 484
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
Request Chain 485
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
Request Chain 491
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTJpOUV2M0FXazVSLWlJS1Q3Q2JGVDFRQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDkyaTlFdjNBV2s1Ui1pSUtUN0NiRlQxUUEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDkyaTlFdjNBV2s1Ui1pSUtUN0NiRlQxUUEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDkyaTlFdjNBV2s1Ui1pSUtUN0NiRlQxUUEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5193034627608884685&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDkyaTlFdjNBV2s1Ui1pSUtUN0NiRlQxUUEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=92i9Ev3AWk5R-iIKT7CbFT1QA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=108428236549357317&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 492
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=
Request Chain 496
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7fc38604-7561-40d5-8fc3-88b242d19c34&expiration=1687173091&gdpr=0&gdpr_consent=
Request Chain 497
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPfPkhhEOMwinPjsYZhU78w&google_cver=1
Request Chain 498
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7208176026121394406
Request Chain 500
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=82197827-6e83-0d1a-0083d161
Request Chain 501
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=108428236549357317&gdpr=0&gdpr_consent=
Request Chain 502
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3a27f7dfc1b31f88&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAM6i4u97ZsxAMWJHFQAAAAAAA&expiration=1684667494&is_secure=true
Request Chain 506
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ff616468-aadf-4e00-b282-69fbe17f5561
Request Chain 507
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZGiq5AALa-2qkwAn HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGiq5AALa-2qkwAn&_test=ZGiq5AALa-2qkwAn
Request Chain 509
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7208176026121394406
Request Chain 510
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=108428236549357317&gdpr=0&gdpr_consent=
Request Chain 516
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_3m84DENbRs4QEGJfThuoBIAEwAQ&v=APEucNWXoxsVsaL4KjiO0IxA1YnIGzSWahD6OhdyM-eWMkr8xumTuu1EthoDVYD0nZaptizaxkeRddOuAvBk29OrxTt_BDIpLreVcoXIQM5-WVwO7W6SJNE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEN_BIby4UfLI0pGmsUQK-vM&google_cver=1
Request Chain 521
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7208176026121394406
Request Chain 522
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_46c5d185-140f-403c-803c-9934d8a546ee&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d577b2dc-f8b4-471b-bf1f-3a0916859009&ssp=gumgum2
Request Chain 523
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f118b6a9-2026-55d6-5087-02b88043e06b$ip$91.239.206.150
Request Chain 524
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_46c5d185-140f-403c-803c-9934d8a546ee&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=HXYMEbQh5-OVBVfp6wcH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SCYLFGUKYSRNA2S2T2WIJLGM4BWO5RUQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SCYLFGUKYSRNA2S2T2WIJLGM4BWO5RUQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=HXYMEbQh5-OVBVfp6wcH&us_privacy=1---
Request Chain 525
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=QWNblvK6VZsO&ev=1&pid=558355
Request Chain 526
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Bq7-qtVvWvEkZamET5lV1nxYDSg9_hYHXFwExBTR0faZ8ryinjX4OvooDFcaRyoY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Bq7-qtVvWvEkZamET5lV1nxYDSg9_hYHXFwExBTR0faZ8ryinjX4OvooDFcaRyoY%29
Request Chain 527
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=d287bd84-e581-47c4-a797-199ba0e2bd17
Request Chain 528
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-LPIfLRhE2pdqo0HSHbvpGaGZhqsuLXb0Wnt0~A
Request Chain 529
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=9547bbd2-30a5-40c0-b06f-9dce72c87a2a
Request Chain 530
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DE3420ABE853148AE9778249FA0DC859C%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fusersync.gumgum.com%252Fusersync%253Fb%253Dsnc%2526i%253D%255BUSER_ID%255D%26uid%3D
Request Chain 533
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=108428236549357317
Request Chain 538
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=7fc38604-7561-40d5-8fc3-88b242d19c34
Request Chain 539
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
Request Chain 540
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZGiq5AALaJk-lgA9 HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZGiq5AALaJk-lgA9&gdpr=0&gdpr_consent=&_test=ZGiq5AALaJk-lgA9
Request Chain 542
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZGiq3MCo8YsAALzyuQcAAAAA
Request Chain 547
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1YN- HTTP 302
  • https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=7208176026121394406&us_privacy=1YN-

556 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
www.bg3.co/a/
51 KB
15 KB
Document
General
Full URL
https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a9cac781c49705b59a61d830e69d6ef3960aae8bb5e5e8dde06a4806a31b2abf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Cache-Control
max-age=900
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 20 May 2023 11:11:19 GMT
ETag
"cd2d-ulsvZdMqjuUWnPyUSLc3LhweB6U"
Expires
Sat, 20 May 2023 11:26:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/
277 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
edcfddd81e044f1f01beb69b5224a8a3f9913a456a06c4025b97458c40c3b677
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 20 May 2023 11:11:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72834
x-xss-protection
0
server
sffe
etag
"c158f1ffbc9a288c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 20 May 2023 11:11:19 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
9b4ddda16364d41b44d0e83b2b9f60d1e810d96f9e9078c1a5fae8e16e497b88
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 20 May 2023 11:11:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9669
x-xss-protection
0
server
sffe
etag
"94af10a30687371b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 20 May 2023 11:11:19 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
24 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
d7e79e05f378e7ee1eaf703981ac7f5ac32c4c410b2084c2e270a26d88b52ff1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 20 May 2023 11:11:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7579
x-xss-protection
0
server
sffe
etag
"1949638f3ef2fc93"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 20 May 2023 11:11:19 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
39 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6097
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39829
last-modified
Tue, 25 Apr 2023 05:37:58 GMT
server
cloudflare
etag
"64476736-9b95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqdUoEveA5sPMQ99ieW9IRo9j%2BIm4mr1QHzUfF0FNO%2B0Ls6npBFojB67iuW0hYJRVV7t4eHG58nKQoPoumLUc%2FZaUWQBt39%2Fx5%2F3oWdwLpZ5XrPdviu0EOBasrfAs8dffA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ca4236baf0f1989-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/
36 KB
10 KB
Script
General
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-216.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
be0ca15f5073bed54f80c57ecf0c6331876bbc9237f60637fe14f480c5a4db15

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Sat, 20 May 2023 11:11:20 GMT
content-encoding
br
last-modified
Sat, 20 May 2023 07:00:32 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
GE
content-length
9916
expires
Sat, 20 May 2023 12:11:20 GMT
adpushup.js
cdn.adpushup.com/42753/
625 KB
133 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
e161db137b9daa02046cd296efa27dc01e310ab95d752c238e19b5189c8549a3

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Sat, 20 May 2023 11:11:20 GMT
content-encoding
br
last-modified
Fri, 12 May 2023 14:25:52 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=95, origin; dur=207, ak_p; desc="467939_399431004_92313053_30203_1269_63_0";dur=1
x-cf-geodata
GE
expires
Sat, 20 May 2023 12:11:20 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/
270 KB
44 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1173e6be2990b14770cb9d33f323a9b0642597cdd8ba7ef22d3be8c8a00b6c8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Efqt4Du5Brb6dHOchVt_5E.fNrBAFmQ4
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:20 GMT
x-amz-request-id
ZCV9G3XVE0WWD9TJ
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
44448
x-amz-id-2
43x7Uv7A/Pt7vJOTey04lup2DOx8FJg7pJnVn3bmdYEOcPTooX+LEmvIzuYI/qRRkFR5mESl0es=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:23:42 GMT
server
AmazonS3
x-timer
S1684581080.965303,VS0,VE127
etag
"87b4430a96d129b20f9b45507d094b98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
lift_widget.js
nt.compass-fit.jp/
77 KB
16 KB
Script
General
Full URL
https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.156.25 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-156-25.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a95d8cccc868d5be4737b00adcb0e2433f243e0de65042049220174a0074738f

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type
text/javascript
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
286170918e27e21270112e97afc92d91.jpg
static.bg3.co/imgs/202106/
0
0

ba877cbd8734dbca67656192d6869ddf.jpg
static.bg3.co/imgs/202111/
0
0

9f35c3b104d658a8a5a8419e2a722f10.jpg
static.bg3.co/imgs/202106/
0
0

5ad15567d45411d5a4c20e7083159619.jpg
static.bg3.co/imgs/202105/
0
0

ee6ab2ca802eef031448821870beffc4.jpg
static.bg3.co/imgs/202105/
0
0

d274ae92da504786aa3076598efe823e.jpg
static.bg3.co/imgs/202205/
0
0

c08ceb7d1df0581b91a52c02b2662032.jpg
static.bg3.co/imgs/202202/
0
0

fbd4a0f3e0fb11da895d3a63d5a618de.jpg
static.bg3.co/imgs/202106/
0
0

dafbcc48b20dd55d99d006babb3c01ec.jpg
static.bg3.co/imgs/202105/
0
0

87dc9530c0777dc5b7dd5c9c45572eea.jpg
static.bg3.co/imgs/202105/
0
0

51d79b2a891cdeac828fd7ed215d5bf3.jpg
static.bg3.co/imgs/202105/
0
0

3394fa6d010bc1c665a9ac760976478d.jpg
static.bg3.co/imgs/202205/
0
0

3be016f3bcd694e1b9a125f5a35de0c4.jpg
static.bg3.co/imgs/202105/
0
0

4b373f70b87ab65f7ff653b5d5bf0c28.jpg
static.bg3.co/imgs/202106/
0
0

3f37cc02386db7cd29fcf0c47d60cc54.jpg
static.bg3.co/imgs/202105/
0
0

13de079290efc47f9c5ca3ee4e680e06.jpg
static.bg3.co/imgs/202204/
0
0

33cdb6e5792635bc114a8c1fe3087156.jpg
static.bg3.co/imgs/202105/
0
0

823e66a0c79d9d8349201f2120f4f853.jpg
static.bg3.co/imgs/202105/
0
0

fbbe76aca7804953359ba2f29f5505b3.jpg
static.bg3.co/imgs/202105/
0
0

e3b97bb8cd6cc7684a189ca27e481995.jpg
static.bg3.co/imgs/202106/
0
0

amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012304262219000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
bc5d5c8cc50cf0377951ada6a7602f54ea87fc0014898d6f80d1be2b7273ef2b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 20 May 2023 01:31:03 GMT
age
34817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2993
x-xss-protection
0
server
sffe
etag
"80572a9372124496"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 19 May 2024 01:31:03 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012304262219000/v0/
82 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
4189eed67d24cf577ee7521b01980c1c76874f2ca7830c761b383215656230b3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 20:01:32 GMT
age
313788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23125
x-xss-protection
0
server
sffe
etag
"a783e6619a690963"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 May 2024 20:01:32 GMT
ama
pagead2.googlesyndication.com/getconfig/
3 KB
827 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
dbbc8f98e685c868ce6a5a35d5f42aa6cc8b30647e81fce34ae1792b1019054a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012304262219000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
9ea369b57f0c666e908689cd3d672a6636958094d2d1bf6620cb2de468ffdcd2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 20:01:32 GMT
age
313788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3935
x-xss-protection
0
server
sffe
etag
"ef1a1904dcb0cee5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 May 2024 20:01:32 GMT
impl.20230518-8-RELEASE.js
cdn.taboola.com/libtrc/
765 KB
160 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9f8436738716d8dc738dbdb896a1634ce8bc9403d2a70e13d32b64d1766ee50d

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
22kzlXkOKo_CDQO_Y4_mn1EfrRXIljyz
content-encoding
br
via
1.1 varnish
date
Sat, 20 May 2023 11:11:20 GMT
x-amz-request-id
MY9GTQYB34VPY16F
age
7308
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
162982
x-amz-id-2
pB60ss4O7/B5OZqrVEQnkySmx150nt1TonTxt9A6HN+i/gFpDMnYxfkIa3rOy7/UzkU4oSS0NcBvaLUdifc6hA==
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:08:18 GMT
server
AmazonS3-br
x-timer
S1684581080.368602,VS0,VE0
etag
"9bb10a17397d53dd918cb9488a52492f"
vary
Accept-Encoding
content-type
application/javascript
abp
15
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
28864
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-85.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 03:12:23 GMT
content-encoding
gzip
via
1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
29047
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
JokYI9brDh1-XXGT28QldEYT-c_8f6zXiIPn9r8DX96ggTvfPBNKoA==
jquery-2.2.2.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:20 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1684581080.dop217.ve1.t,1684581080.cds247.ve1.hn,1684581080.cds227.ve1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
276257
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/
64 KB
19 KB
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A11%3A20.629&lti=deflated&data=%7B%22id%22%3A212%2C%22ii%22%3A%22%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1684401817253%2C%22vi%22%3A1684581080626%2C%22cv%22%3A%2220230518-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%2C%22vpi%22%3A%22%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3312%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A696%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
59916c15c2eb4efa1418f3d26993fe3fec89b719f4907e8d37958537a9a276d4

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
813
date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-sof1510027-SOF
server
nginx
x-timer
S1684581081.686198,VS0,VE813
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.bg3.co
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:20 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1684581080.dop217.ve1.t,1684581080.cds247.ve1.hn,1684581080.cds210.ve1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684581080792&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684581080792&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui...
0
227 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684581080792&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&c8=%E5%90%B3%E5%93%B2%E6%BA%90%E5%8F%B3%E8%82%A9%E6%8C%AB%E5%82%B75%E6%9C%88%E6%AD%B8%E9%9A%8A%E6%9C%89%E5%9B%B0%E9%9B%A3%E3%80%80%E7%8E%8B%E5%BB%BA%E6%B0%91%EF%BC%9A%E7%84%A1%E6%B3%95%E9%A0%90%E4%BC%B0%E6%99%82%E9%96%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
99.84.88.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-85.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
via
1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
x6jJJm4Yz6hPuQv-OrS6QxhxnqsfbmyPJFwy1bzddfZisVNrEmzjCw==
x-cache
Miss from cloudfront

Redirect headers

date
Sat, 20 May 2023 11:11:20 GMT
via
1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
location
/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684581080792&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&c8=%E5%90%B3%E5%93%B2%E6%BA%90%E5%8F%B3%E8%82%A9%E6%8C%AB%E5%82%B75%E6%9C%88%E6%AD%B8%E9%9A%8A%E6%9C%89%E5%9B%B0%E9%9B%A3%E3%80%80%E7%8E%8B%E5%BB%BA%E6%B0%91%EF%BC%9A%E7%84%A1%E6%B3%95%E9%A0%90%E4%BC%B0%E6%99%82%E9%96%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
content-length
0
x-amz-cf-id
k4JqEqDlP8GHqOdhFMSmAclfjIaZUs-4-gr9CUVpXPeszNLiW3aFfQ==
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012304262219000/v0/
40 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
fd1e988c31d1963cd1d2813571485232a6687e960466a86ca4cd3d8eef72ab8f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 20:01:39 GMT
age
313781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10285
x-xss-protection
0
server
sffe
etag
"2320e5b2e82da2b8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 May 2024 20:01:39 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012304262219000/v0/
214 KB
57 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
4da2872473cf32bbc42de664d1b0aece2263bff56a204f67dcfc9333518a7db8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 20:01:41 GMT
age
313779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57955
x-xss-protection
0
server
sffe
etag
"77f449b73afe6f4d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 May 2024 20:01:41 GMT
block.jpg
delivery.adrecover.com/
631 B
866 B
Image
General
Full URL
https://delivery.adrecover.com/block.jpg?ts=1684581080995
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-216.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Sat, 20 May 2023 11:11:21 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Sat, 20 May 2023 12:11:21 GMT
pb.42753.1674819540207.js
cdn.adpushup.com/prebid/
349 KB
94 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
br
last-modified
Fri, 27 Jan 2023 11:39:13 GMT
server
nginx/1.18.0
etag
W/"63d3b7e1-5744c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="467939_399431004_92313470_565_1055_61_0";dur=1
content-length
95255
expires
Sun, 19 May 2024 11:11:21 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
551 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467939_399431004_92313472_30_762_61_0";dur=1
content-length
211
expires
Sun, 19 May 2024 11:11:21 GMT
linkPreview.js
cdn.adpushup.com/42753/
75 KB
18 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=5, origin; dur=90, ak_p; desc="467939_399431004_92313471_9506_1039_61_0";dur=1
content-length
18371
expires
Sat, 20 May 2023 12:11:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
76 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
51141fdaf300b23f8eb037a6ec85982fa7e33eb86c558b1d462f4988a5c950a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25311
x-xss-protection
0
server
cafe
etag
402 / 19497 / 31074750 / config-hash: 12351717780372853951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:21 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
365 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:21 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012304262219000/v0/
110 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
d126806fb8446a0c0a359295c6706b4e82c2de595c5dab9505b82b2e76f2e33e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 19:10:27 GMT
age
403254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32107
x-xss-protection
0
server
sffe
etag
"a4272cdf93e6e0f7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 19:10:27 GMT
integrator.json
adservice.google.com/adsid/
86 B
479 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
nameframe.html
d-3510923640969853414.ampproject.net/2304262219000/
0
0
Other
General
Full URL
https://d-3510923640969853414.ampproject.net/2304262219000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ucfad-formats.css
cdn.aralego.net/css/dev/
975 B
640 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
499
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Exuych9W4tVTFpsiRp09us4M6HbFuEWv2EjZ0egwI%2BpJJamdKJ2qQ9cert3kpbMqqq%2BM2jO3YpQMj4fwgJmUx4eXDb0NaeVK%2FOOBKN4Kuyq8h%2BG5BozVUgHjt8j6vHHexg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7ca4236dea3b1989-FRA
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
b62df2003fd844cec94c8bcfa0ab38549da9ccbf4ea5a96d4b88d25be381def4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
b62df2003fd844cec94c8bcfa0ab38549da9ccbf4ea5a96d4b88d25be381def4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODQ1ODEwODEyNDIsInBhY2tldElkIjoiMDAwMEE3MDEtOTUxNmNjZmMtZDVjNi00NGE1LThlMGUtNzI5OWY1MDFhNWY0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3d1LXpoZS15dWFuLXlvdS1qaWFuLWN1by1zaGFuZy01eXVlLWd1aS1kdWkteW91LWt1bi1uYW4td2FuZy1qaWFuLW1pbi13dS1mYS15dS1ndS1zaGktamlhbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjF9&c_b=3282.2999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2ODQ1ODEwODEyNDIsInBhY2tldElkIjoiMDAwMEE3MDEtOTUxNmNjZmMtZDVjNi00NGE1LThlMGUtNzI5OWY1MDFhNWY0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3d1LXpoZS15dWFuLXlvdS1qaWFuLWN1by1zaGFuZy01eXVlLWd1aS1kdWkteW91LWt1bi1uYW4td2FuZy1qaWFuLW1pbi13dS1mYS15dS1ndS1zaGktamlhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MX0%3D&c_b=3282.8999977111816
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/
8 KB
9 KB
Image
General
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sof/4388) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
last-modified
Thu, 09 Feb 2023 08:49:47 GMT
server
ECAcc (sof/4388)
age
10000
etag
"63e4b3ab-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Sat, 20 May 2023 15:11:21 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2ODQ1ODEwODEyNDgsInBhY2tldElkIjoiMDAwMEE3MDEtOTUxNmNjZmMtZDVjNi00NGE1LThlMGUtNzI5OWY1MDFhNWY0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3d1LXpoZS15dWFuLXlvdS1qaWFuLWN1by1zaGFuZy01eXVlLWd1aS1kdWkteW91LWt1bi1uYW4td2FuZy1qaWFuLW1pbi13dS1mYS15dS1ndS1zaGktamlhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxfQ%3D%3D&c_b=3288.2999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ad_request
ads.aralego.com/
513 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5272259517499231&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:21 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
513
ad_request
ads.aralego.com/
513 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9316246088708322&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:21 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
513
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODQ1ODEwODEyNDIsInBhY2tldElkIjoiMDAwMEE3MDEtOTUxNmNjZmMtZDVjNi00NGE1LThlMGUtNzI5OWY1MDFhNWY0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3d1LXpoZS15dWFuLXlvdS1qaWFuLWN1by1zaGFuZy01eXVlLWd1aS1kdWkteW91LWt1bi1uYW4td2FuZy1qaWFuLW1pbi13dS1mYS15dS1ndS1zaGktamlhbi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjF9&c_b=3303.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
im-uid-hook.js
dmp.im-apps.net/scripts/
633 B
681 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Content-Type
text/javascript
Cache-Control
private, no-store
Connection
keep-alive
Content-Length
445
lift.json
l.logly.co.jp/
4 KB
3 KB
Script
General
Full URL
https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4NDU4MTA4MF8xX2ZlNmE4ODViNGI1MA%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ref=
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-116.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
9ad0e6be048a6d763379283d4aa0ea3f9706ea47dbe60063d8a5aff0293e377c

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:21 GMT
Content-Encoding
gzip
Via
1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P2
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Connection
keep-alive
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id
0KdrkxTqJVx_Fm8OeTjb8vm_rBJNrYu6k1Ngcvp_Kuy1Y-4LPfhNGw==
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
googleanalytics.json
cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/
2 KB
812 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 21:19:56 GMT
age
309085
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"c331f834e77c69a1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 May 2024 21:19:56 GMT
ga4.json
amp.analytics-debugger.com/
5 KB
2 KB
Fetch
General
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only, master-only
age
67405
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, same-origin
last-modified
Fri, 19 May 2023 16:27:56 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYZYJbiIgSPLDyv40UWqS8NVuvS2NPmoRy%2BjyGv1s7CkfEJ5z5K%2BYdWxbvxZffQJ%2FhcVKb8%2F%2FEVQYMIWewrw1RXowmtf%2Bxkr9xoWMXhoxWODPcyJxX6tKn6iIsBJfsEi%2F1H%2FJQdADFj5Dmx%2B6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230423b
cf-ray
7ca42370db6d2bf1-FRA
gtag.json
cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/
2 KB
931 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 21:27:37 GMT
age
222224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
901
x-xss-protection
0
server
sffe
etag
"753be08e58acf9ea"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 16 May 2024 21:27:37 GMT
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 27 May 2023 11:11:21 GMT
amp
www.googletagmanager.com/gtag/
613 B
716 B
Fetch
General
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
259
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
floating-unit.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
8 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f87ae44c44b78265bdc71514ec40bb77c440abf5c96f0350a4dcff813dee9f39

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
12zE2SpIdlUF9nbNJF4PIuh74jUxasMG
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
RDEMH8GRHFJ3B9KA
age
179416
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
u1EUS8EcF7+bdpAlXWWpEH7JusMVeSlFwtnWrX8GIAtbbEK4COZahaD9JKiZ4gfQyqn5x7HpD2M=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:21:04 GMT
server
AmazonS3
x-timer
S1684581082.670104,VS0,VE0
etag
"d9346dfd2319f4f68833e67358a2f634"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
52967
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.0.1/
111 KB
31 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
via
1.1 31035bb61f7468c9d95f8f0f36403248.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
BUD50-C1
age
957827
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
31023
x-served-by
cache-sof1510027-SOF
last-modified
Tue, 09 May 2023 09:06:26 GMT
server
AmazonS3
x-timer
S1684581082.674581,VS0,VE0
etag
"f42b894e197d2128ee7d3b438e0ac56d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aY7NXF7zeUsW8rBTSv9KNLwtWCqmH-hX4KOvDNHDDauOB7LLZw-vow==
x-cache-hits
46869
feed-card-placeholder.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e0965136e734301a52949c28baca0805656c2f10c760df1bff1f1c77adca2f2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
24VOG_407KKCv5MlYdKGfDqed2N7lgcO
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
EFFA4MC7028TP0TD
age
179402
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
gsf+DMaiBBF3CBwVZezLqFqvJJciY5LNODDhJsBKOJ8DMVuuK8co1dg/GgwjXBMW5v6U6LOqujA=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:21:20 GMT
server
AmazonS3
x-timer
S1684581082.678447,VS0,VE0
etag
"3227529fecd4f73c0897564641aecf94"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
478743
userx.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c11a0a8024a93ad645ce69ca93cfa8bd0054ae75f5ca36a24e1e448257d5dab8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RArzGiLUn3wCwrqgb8Xi9pnIOzkTQdqf
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
MHE6ERXHXVA9SRR0
age
179421
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
vFglEXm3e94SayTpeKRf3a7Vjr0uLV66wdiwrPl3FRLECo3kyUCWEEtOSY4HNczEUsUPiDWUugA=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:21:01 GMT
server
AmazonS3
x-timer
S1684581082.700718,VS0,VE0
etag
"ee026d2d010dee59f1b9ad943b815f82"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
72831
distance-from-article.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e55ca76e105c30a8de2bd2b139abc4fdfa427006463089b50cc1b10b239129b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ShlPRe8H11jQc7yIWY7KwqEnIv6rP4ep
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
NEJAP95RY8166952
age
179385
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1135
x-amz-id-2
AnuOqtJjqs0DYt5s+c67gsttkYLfc3vSfS86TOUM1IaEizSgcLjjlUB4eFiYHYI4fWL14sFqaBk=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:21:37 GMT
server
AmazonS3
x-timer
S1684581082.713985,VS0,VE0
etag
"932efecd9af20727d5c178fbc31974e2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
595804
article-detection.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
259481fa6cfdf7020f1881da103ea0c9b7b0cdaa973b540a38562610b431fc89

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Vzoa1IIspc_sVTs51ACYO.rW2Sm4.Odv
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
321GCQHNW4HPBA95
age
179366
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1236
x-amz-id-2
XgVSEME61Vizh6CrcWk3K9Qys/WdLcuVbHCaDSgXFTunjtt7Ap6OCckUm3YvP5+uIYpj/PNv9Ow=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:21:55 GMT
server
AmazonS3
x-timer
S1684581082.714090,VS0,VE0
etag
"4b754fb87a86aa832f9afb70da675578"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
712090
share-buttons-detection.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
1 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/share-buttons-detection.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c9ece454c486d93962d0c5defd04da41bbf7d347e047f466cb7425937f42fd6

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jyXwo0ZAXVcBXdkRYv_Pfpo4RfXXAxCp
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
B9WTEZ1QHVY2P7RA
age
179444
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
679
x-amz-id-2
H3xwrClS+Z9DG+P7QpK/sHLg/qE2lCDeZzS5/ONuhnqVsmi2LaJMbnW+HXanjQveJ+obGMjeXUI=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:20:37 GMT
server
AmazonS3
x-timer
S1684581082.714100,VS0,VE0
etag
"a820c665139b9bb9c53e139ff388254e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
711550
explore-more.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
28 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef0ce8db3461ab019cb679566fa84fa277c98db88efc9e2d6d9fb7109cd6e6fb

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kruvgn.lahOVr1SJfIUp2kRkk9FmF7lH
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
NB4BWE7Y4WRCYXXV
age
179396
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8146
x-amz-id-2
NsTQuMoulwMN63TQyNKUSJ30cG3OQPYKU1REnb9ncq6SLCs7/CXELUmUdN79id22/sQTJK6qXyw=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:21:25 GMT
server
AmazonS3
x-timer
S1684581082.722364,VS0,VE0
etag
"280d4972aa87614c61c56b14a61eb0d4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
363094
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
363 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=11%3A11%3A21.620&id=5549&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1684581081622%7D&tim=11%3A11%3A21.623&id=6872&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-skip-vignette%22%2C%22type%22%3A%22%7B%5C%22skipVignette%5C%22%3A%7B%5C%22reason%5C%22%3A%5C%22no%20recommendations%5C%22%2C%5C%22details%5C%22%3A%5C%22%5C%22%7D%7D%22%2C%22eventTime%22%3A1684581081623%7D&tim=11%3A11%3A21.623&id=1658&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1684581081648%7D&tim=11%3A11%3A21.648&id=6228&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.656&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-a-delta&llvl=2&id=3154&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.673&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-a-delta&llvl=2&id=3025&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A11%3A21.673&id=5651&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.676&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2033&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.677&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=456&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.678&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4115&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.679&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-y-delta&llvl=2&id=9709&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.680&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-y-em-delta&llvl=2&id=4453&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.681&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-y-em-delta&llvl=2&id=8293&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.684&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3993&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
DKWHBZA6EDB45JGV
age
81
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
FIJvtcR4Qgl/Dvj+kTUODH/tgrcfPeD3Gv/ev/Faq7FQFYwPfSXV58/ZdOuypiTmhHvfvgzkoZg=
x-served-by
cache-sof1510027-SOF
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1684581082.739220,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
55
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
179
json
trc.taboola.com/palmate-bg3co/trc/3/
11 KB
4 KB
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A11%3A21.706&route=AM:IL:V&lti=deflated&data=%7B%22id%22%3A993%2C%22ii%22%3A%22%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB%22%2C%22ui%22%3A%227d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058%22%2C%22uifp%22%3A%227d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058%22%2C%22lbt%22%3A1684401817253%2C%22vi%22%3A1684581080626%2C%22cv%22%3A%2220230518-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%2C%22vpi%22%3A%22%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3596%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A966%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3af4e8491d6df0346d39b0d4d9d101ab92e19ec8854bb7416066bcdfd206c49

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
827
date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-sof1510027-SOF
server
nginx
x-timer
S1684581082.756526,VS0,VE827
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.bg3.co
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.714&type=usage&msg=New_CTA-event-1684581081714&llvl=2&id=2007&cv=20230518-8-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~1496795168096646762~~k-KJw-0cGXt0x%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.715&type=usage&msg=New_CTA-event-1684581081715&llvl=2&id=9917&cv=20230518-8-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~1496795168096646762~~k-KJw-0cGXt0x%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
ed9389ef8191521666d0d5a7f99ca9da.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed9389ef8191521666d0d5a7f99ca9da.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1bc7eaf43db99796ffd670eda154adfe69aa0e02d669a8275ee2a70f9eb81c75

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 20 May 2023 11:11:21 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed9389ef8191521666d0d5a7f99ca9da.png
age
4437854
edge-cache-tag
298215444638712628103463735948760025215,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
298215444638712628103463735948760025215,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
130
req-referer
https://lankacnews.com/
content-length
24200
x-request-id
eb72637c7bcf8afc0b9d6dd280b0d970
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000148-IAD, cache-iad-kiad7000098-IAD, cache-chi-klot8100077-CHI, cache-iad-kcgs7200100-IAD, cache-sof1510027-SOF
last-modified
Fri, 10 Mar 2023 03:50:44 GMT
server
nginx
x-timer
S1684581082.802365,VS0,VE1
etag
"5c20e59971935704b29f700abb213e5f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3, 0, 13, 1
ac809a2f6b6619340447e02b01796a4d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
31 KB
31 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac809a2f6b6619340447e02b01796a4d.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
012674dc83fa4032d4098f533f67ad4ea4ad3cb2427a2d1f7d0caf9d3b5e1fc9

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 20 May 2023 11:11:21 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ac809a2f6b6619340447e02b01796a4d.jpeg
age
4386011
edge-cache-tag
439686730316032705873104646171736421024,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
439686730316032705873104646171736421024,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
337
expiration
expiry-date="Sun, 09 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.news247.gr/
content-length
31252
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000132-IAD, cache-iad-kiad7000121-IAD, cache-lax10663-LGB, cache-iad-kcgs7200160-IAD, cache-sof1510027-SOF
last-modified
Thu, 09 Mar 2023 14:39:34 GMT
server
nginx
x-timer
S1684581082.877958,VS0,VE1
etag
"41bfecc6a79ad18094bee80ecb496b3d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 45, 1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/
407 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e82579c7719e508e943bb982cbe82945941dbdc5e67b2f3364e37a55b276296d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:36:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84896
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128505
x-xss-protection
0
server
cafe
etag
9552717522506389512
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 18 May 2024 11:36:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
114 B
102 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
x-xss-protection
0
expires
Sat, 20 May 2023 11:11:22 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230520
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9cb1ec1a1efc437616bfe72c8c5401c84b43d973822b9eea8fabcb654fa2f764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 20 May 2023 11:11:22 GMT
x-content-type-options
nosniff
content-encoding
br
age
25835
x-jsd-version
1.0.1701
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
834
x-served-by
cache-fra-eddf8230103-FRA, cache-mxp6948-MXP
x-jsd-version-type
version
etag
W/"63b-glVkVd6d5oGZBKCCY7zsKrXwpSc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
adreq
ads.servenobid.com/
734 B
720 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=603
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9b429d417d7447514919be6691465c69af439790a930527623019690e5886d1c

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/
23 B
236 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
fc653c4813fc32811b9dad4bc9f4a717c15a7426c878709a45799d74f8c6683b

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
48
content-type
application/json
prebid-request
onetag-sys.com/
15 B
498 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/
0
332 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
332 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
332 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:21 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
332 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3f9e57497ff37a008ecac1a2524251cc0c75b2f354d7333aae80fa8cfa5f96f9

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 20 May 2023 11:11:22 GMT
cygnus
htlb.casalemedia.com/
37 B
313 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22188700ef9d2898a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A2%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222588b6b7ad8a8f8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22283ed740c08f4d1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f61626ad-6413-4065-9a3a-c19e0c958fac%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38f3198d5f06ef2bb9eba83b819ceccd0f7c68287455406902c6f14db9a984c

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvrAD972SdZqZPL%2Bkj2xkydubiZmu4p1NHzp0z14zUFLJSWoX2%2B4AnX7TAfRpJEHoERAvq92Ut8Z3h4YP5cReyyY00KG6cmU07ygR8d%2BBgxd%2F5JGmyxPBJS6%2FvNvNRXnFHmz54bi"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ca42373ca593a86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/
37 B
562 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22188700ef9d2898a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A2%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22283ed740c08f4d1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f61626ad-6413-4065-9a3a-c19e0c958fac%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38f3198d5f06ef2bb9eba83b819ceccd0f7c68287455406902c6f14db9a984c

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kwclhuY%2FingThqw9AK5Ym80hhCWOgb%2FxBMGds86OYPCRR7YMVuNqgkTbpEofITltnDX6vCvQq7oE8HmdKIsyH2RRT2LpSmngfbP3%2B4UQ0pf6fJ6kviuUPf9jS6TftxzStGDFfQi"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ca42373ca5b3a86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
arj
adpushup-d.openx.net/w/1.0/
174 B
382 B
XHR
General
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d6933eea-ec60-4be5-b8c7-f4b0fa16a1e2%2C99be1365-6b6d-495b-80d8-38394323db70&nocache=1684581081857&pubcid=f61626ad-6413-4065-9a3a-c19e0c958fac&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&aucs=%2C&auid=545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ee7b0cfe33115d9b538b71f3978f09cdcf6c181bd6de315b535671bfa3f40797

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
296 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7f2ca206-358e-4c5a-90e1-12cb5dd3c28d&nocache=1684581081858&pubcid=f61626ad-6413-4065-9a3a-c19e0c958fac&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
504 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cddeb299-f648-405b-b080-6589397e81c3&nocache=1684581081858&pubcid=f61626ad-6413-4065-9a3a-c19e0c958fac&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/
16 B
502 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 20 May 2023 11:11:22 GMT
prebid
ib.adnxs.com/ut/v3/
19 KB
10 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
861fb4453abee6bec70ec05d06e73b1d65f81bdad7297d5acaee0f0a730df9c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 May 2023 11:11:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4757f29d-f1ac-4358-884b-edff67ea873e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/
3 B
454 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
8
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/
0
167 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sat, 20 May 2023 11:11:21 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
auction
tlx.3lift.com/header/
19 B
536 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.221.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-221-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
accept-ch
sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
x-auction-status
29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=13112281704
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 May 2023 11:11:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
406 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.143.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-143-68.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
00397d7c58b513c5dcf3d64bd75e21e943e50694ccb8fab4d8cedd73720856bf

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
gzip
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
186 B
407 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.143.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-143-68.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
16b2b05c6abc8dd6b0a211db446b5a17aef25c53e415b5da1b875564836e62d0

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
gzip
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
0
0

sync.html
sync.logly.co.jp/sync/ Frame 9020
495 B
665 B
Document
General
Full URL
https://sync.logly.co.jp/sync/sync.html
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.118.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-118-121.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=2592000
content-length
495
content-type
text/html
date
Sat, 20 May 2023 11:11:23 GMT
etag
"64665513-1ef"
last-modified
Thu, 18 May 2023 16:40:51 GMT
server
nginx
im-uid.js
dmp.im-apps.net/sdk/
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding
gzip
Date
Sat, 20 May 2023 11:11:22 GMT
Last-Modified
Fri, 21 Apr 2023 06:05:08 GMT
ETag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2434
next-up-widget.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
16 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
966a2a4189d9f8c8f34fdde94f941f1618ff8445b3eba3e0fd6bbe3a2408dcd5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yN.DWYFphYG74zuJOc0fFUq.6ezeNQ1z
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:21 GMT
x-amz-request-id
BE39WZD5HJ8DEDMM
age
179424
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
goFcJ0A7+JoR9pq52+vOpBO7L1vz5rCU+ipgADs8bT2XZQOJq6bHiErBTyF4koA1pFfOkESunsA=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:20:53 GMT
server
AmazonS3
x-timer
S1684581082.994626,VS0,VE0
etag
"4bcf7a52feb99d75fca7d402a0c12cb0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
52465
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A21.964&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7949&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107892
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%2218%22%2C%22eventTime%22%3A1684581082019%7D&tim=11%3A11%3A22.019&id=1791&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
spa-detector.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b50e72591217e54a96293a284b44fbdea71268f02145c6e6553552f939887b0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kPPFWGaBtiZEWuZ40blY3FU.mWliSV2z
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:22 GMT
x-amz-request-id
NQZD6M2CY9NFNADR
age
179441
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
810
x-amz-id-2
4nA+f0HjMjaW7NPhHkRmJ43t3qtee6zQ2YpGHluj3pJhwIzL+yo19dZkzRqhAbPTfj0ui4Mvp+g=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 18 May 2023 09:20:40 GMT
server
AmazonS3
x-timer
S1684581082.072788,VS0,VE0
etag
"3d2cb218ea5f35dc061622a40bb727aa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
365454
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A11%3A22.021&id=688&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1684581082021%7D&tim=11%3A11%3A22.021&id=2330&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%2C%20%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A11%3A22.023&id=5309&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
362 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=8c176347c5320e2277b5179e004f65ff&sd=v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581080_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&pi=/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&wi=-8567727708447404369&pt=text&vi=1684581080626&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1684581082024%7D&tim=11%3A11%3A22.024&id=6633&llvl=2&cv=20230518-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
635 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-25.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:45:45 GMT
via
1.1 f4d15e906467f56692c7fc70be861e04.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
1538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
X2vsqMmDddZmqWhK6dGJQ8l7vfYodW58Ph0NU6JQV_DEEo58xy4uvw==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E779
91 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
06118facd8482fe4d331275942eb2752a187d7bcefc50542fc6e27cb79a2f6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32373
x-xss-protection
0
server
cafe
etag
16016845355876337209
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:22 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FD76
91 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
35dbe214d2a3fbbc7e95172f3a00192977d0099651af55aa330c76d332ab0add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32373
x-xss-protection
0
server
cafe
etag
12090451147085473381
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:22 GMT
bc
b.logly.co.jp/
43 B
384 B
Image
General
Full URL
https://b.logly.co.jp/bc?ac=VfqTamw0UCrQsZVeWZCTlw&ad=3332130
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.119.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-119-46.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 20 May 2023 11:11:23 GMT
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
bc
b.logly.co.jp/
43 B
248 B
Image
General
Full URL
https://b.logly.co.jp/bc?ac=VfqTamw0UCrQsZVeWZCTlw&ad=3518066
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.119.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-119-46.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 20 May 2023 11:11:23 GMT
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
bc
b.logly.co.jp/
43 B
248 B
Image
General
Full URL
https://b.logly.co.jp/bc?ac=VfqTamw0UCrQsZVeWZCTlw&ad=2948377
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.119.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-119-46.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 20 May 2023 11:11:23 GMT
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
collect
www.google-analytics.com/r/
35 B
158 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%90%B3%E5%93%B2%E6%BA%90%E5%8F%B3%E8%82%A9%E6%8C%AB%E5%82%B75%E6%9C%88%E6%AD%B8%E9%9A%8A%E6%9C%89%E5%9B%B0%E9%9B%A3%E3%80%80%E7%8E%8B%E5%BB%BA%E6%B0%91%EF%BC%9A%E7%84%A1%E6%B3%95%E9%A0%90%E4%BC%B0%E6%99%82%E9%96%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-7irXEYm67G2Xodj-e5Y5Jw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.41754605956757085&gjid=0.9582295385891728&_r=1&a=9639&z=0.8402572016668506&gtm=45De000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=9639&cid=amp-7irXEYm67G2Xodj-e5Y5Jw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&dr=&dt=%E5%90%B3%E5%93%B2%E6%BA%90%E5%8F%B3%E8%82%A9%E6%8C%AB%E5%82%B75%E6%9C%88%E6%AD%B8%E9%9A%8A%E6%9C%89%E5%9B%B0%E9%9B%A3%E3%80%80%E7%8E%8B%E5%BB%BA%E6%B0%91%EF%BC%9A%E7%84%A1%E6%B3%95%E9%A0%90%E4%BC%B0%E6%99%82%E9%96%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1684581082&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
0

cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6771
714 B
797 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
age
12642
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7ca42373e8a69150-FRA
content-encoding
br
content-type
text/html
date
Sat, 20 May 2023 11:11:22 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVZJjwZirjYCxOssiRCBbcOfj2MzA0V9pEAR9fGuLUdrCJahZTeZg64T1qQ6odyATWPSU9%2FVmhDC1fjwwg2XtWXDFlwUGveWD5jYPr1L%2Bm9t5o0RGekTMOEq%2FrleAFg3wA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/
35 B
384 B
Image
General
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:29 GMT
connection
close
content-length
35
content-type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame C938
714 B
757 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
age
12642
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7ca42373f8ac9150-FRA
content-encoding
br
content-type
text/html
date
Sat, 20 May 2023 11:11:22 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sp9Gt9CbOp2TlvT5HaJolThsULGdG6xN6FpSWjLWTcz5Vqpa9Qb6ekQbFyvAvjHhnuErPGTO42H2XVFH5IvLmqwyViJ0D5JxGYcV9WfrkXqS85V123suUqXQC85KB023mg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A22.178&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20next-up-a&llvl=2&id=9574&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107369
get
audiencedata.im-apps.net/imuid/
10 B
180 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H0WDPS2C8W0J99JZD83854FA
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
193.96.120.34.bc.googleusercontent.com
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 20 May 2023 11:11:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
st
imprammp.taboola.com/ Frame 5EF3
439 B
361 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1684581082210&uv=3280&tms=1684581082210&abt=nonrv_vA!nrlc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5196f492-d60c-4812-920f-fc0c14e9b109&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cff9f4093941390dbe9101c632e486c43a306a85864315ba12ba6ecd030294f5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sat, 20 May 2023 11:11:22 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-sof1510027-SOF
x-timer
S1684581082.270718,VS0,VE35
sync
am-match.taboola.com/ Frame 36DF
566 B
661 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
36c56abb3a3e0a2ef3bbbbba296ba7e3dff812bd5c8050ab74685bb789a8d484

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 20 May 2023 11:11:23 GMT
machineid
3408
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/
1 KB
725 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684581082215&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1518&pt=487024715&tz=0&viewable=true&ddast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!nrlc_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24fe78f1280f51c6051b193b5649f2501922d573c810cc60e330e26e8438b6a1

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1490
x-cache
MISS
x-served-by
cache-sof1510027-SOF
pragma
no-cache
server
nginx
x-timer
S1684581082.271812,VS0,VE462
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&cmcv=&pix=31589837&cb=1684581082210&uv=3280&tms=1684581082210&abt=nonrv_vA!nrlc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1684581077960.4!ts:1684581082209&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
content-length
0
server
nginx
ads
googleads.g.doubleclick.net/pagead/ Frame 6D88
603 B
534 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2172911138392264553&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3222&oid=2&is_amp=5&amp_v=2304262219000&d_imp=1&c=767255009639&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&ga_hid=9639&dt=1684581081445&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&bdt=1800&dtd=473&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:22 GMT
expires
Sat, 20 May 2023 11:11:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6771
76 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c81985e3508924a51945839a417b1268ee98099245d2bd089fda2ca8a1e4dfb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25311
x-xss-protection
0
server
cafe
etag
635 / 19497 / 31074711 / config-hash: 12351717780372853951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C938
76 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9da32205478006344444fa754fdc218f8e5a8b3643fecfa546202d8e1cb2d771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25323
x-xss-protection
0
server
cafe
etag
880 / 19497 / m202305150101 / config-hash: 12351717780372853951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:22 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 5EF3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7fc38604-7561-40d5-8fc3-88b242d19c34
0
183 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7fc38604-7561-40d5-8fc3-88b242d19c34
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1684581082210&uv=3280&tms=1684581082210&abt=nonrv_vA!nrlc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5196f492-d60c-4812-920f-fc0c14e9b109&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Sat, 20 May 2023 11:11:23 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1684581083.393740,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-sof1510027-SOF

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7fc38604-7561-40d5-8fc3-88b242d19c34
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 5EF3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ILpN_9xE2oQJNutUb6435kF2Tb9WNc9PDEPH3A--~A
0
231 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ILpN_9xE2oQJNutUb6435kF2Tb9WNc9PDEPH3A--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1684581082210&uv=3280&tms=1684581082210&abt=nonrv_vA!nrlc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5196f492-d60c-4812-920f-fc0c14e9b109&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68793

Redirect headers

date
Sat, 20 May 2023 11:11:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ILpN_9xE2oQJNutUb6435kF2Tb9WNc9PDEPH3A--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 5EF3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-06osZhxE2uFiE_4cSt7vWI1I6osX8f6w~A&gdpr_in_effect=0
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-06osZhxE2uFiE_4cSt7vWI1I6osX8f6w~A&gdpr_in_effect=0
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1684581082210&uv=3280&tms=1684581082210&abt=nonrv_vA!nrlc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5196f492-d60c-4812-920f-fc0c14e9b109&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68793

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-06osZhxE2uFiE_4cSt7vWI1I6osX8f6w~A&gdpr_in_effect=0
date
Sat, 20 May 2023 11:11:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel;r=57832003;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html;uh=e51ed67dfb8d91dc24b15e2...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=57832003;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-887792277-1684581082027;pbc=f61626ad-6413-4065-9a3a-c19e0c958fac;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1684581082481;tzo=0;ogl=;ses=d1e60ea1-55c8-4f0a-8259-acc6f67b37f0;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/ Frame 6771
407 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e82579c7719e508e943bb982cbe82945941dbdc5e67b2f3364e37a55b276296d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 07:11:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
14406
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128505
x-xss-protection
0
server
cafe
etag
9552717522506389512
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 19 May 2024 07:11:16 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ Frame C938
408 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
2103
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128722
x-xss-protection
0
server
cafe
etag
7615930951174331818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 19 May 2024 10:36:19 GMT
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A22.704&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=1512&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107530
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A22.715&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-delta&llvl=2&id=6063&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107530
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A22.734&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-delta&llvl=2&id=8580&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107530
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A11%3A22.743&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rec-reel-sc2-delta&llvl=2&id=3358&cv=20230518-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
107530
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame E779
355 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c1d46522ddbd1ae1514ee724543008a1c8021e2a2bf16c3df46f4d4b3a1281f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122655
x-xss-protection
0
server
cafe
etag
12701500956513993249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:22 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame FD76
355 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1fe6c698f3509d1442675bf789a469b6ddc844abcf1c71af2dfe461448713742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122654
x-xss-protection
0
server
cafe
etag
5462525236549407908
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:22 GMT
8fcbf915447480f04c424a0268a8636d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
40 KB
41 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8fcbf915447480f04c424a0268a8636d.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a68421f97f1c5e283f909fbeb604fc4cc4c72c0c78a372586a85ac564d872f32

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 20 May 2023 11:11:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8fcbf915447480f04c424a0268a8636d.png
age
3364137
edge-cache-tag
608262576327528520140867059020889082533,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
608262576327528520140867059020889082533,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
225
expiration
expiry-date="Fri, 14 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.consejosytrucos.co/
content-length
40826
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000056-IAD, cache-iad-kjyo7100031-IAD, cache-chi-kigq8000144-CHI, cache-iad-kcgs7200054-IAD, cache-sof1510027-SOF
last-modified
Tue, 14 Mar 2023 10:59:39 GMT
server
nginx
x-timer
S1684581083.843479,VS0,VE0
etag
"6cc62e5363f6daaaab2e93d374bcb2aa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 287, 23
1291588036__hbYpxYUW.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/
93 KB
94 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/1291588036__hbYpxYUW.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05115587db562efc0f5f5e733fafac1412dfbf5c15541f06d66432cc557a3d2e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 20 May 2023 11:11:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/1291588036__hbYpxYUW.jpg
age
2845396
edge-cache-tag
523180236836719608478041121792539295410,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
523180236836719608478041121792539295410,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
2270
req-referer
https://www.gulte.com/
content-length
95592
x-request-id
c52a0ca7f5c301b49cebf05e613c2f21
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100025-IAD, cache-lax10641-LGB, cache-iad-kjyo7100119-IAD, cache-sof1510027-SOF
last-modified
Fri, 31 Mar 2023 10:17:31 GMT
server
nginx
x-timer
S1684581083.843683,VS0,VE1
etag
"157397479b329d1667b542fed8297a4c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 66, 1
bulk
trc.taboola.com/palmate-bg3co/log/3/
0
429 B
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=19
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
118
pragma
no-cache
date
Sat, 20 May 2023 11:11:23 GMT
via
1.1 varnish
x-served-by
cache-sof1510027-SOF
server
nginx
x-timer
S1684581083.922129,VS0,VE118
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.bg3.co
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_8_0/infra/
889 KB
147 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
09a68992ad29d201e9df1c7257e25528219c03bc00a5dde8a5b3cb05a022dfd4

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1684239762
date
Sat, 20 May 2023 11:11:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
B3QZV7PME076MAD3
age
341196
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1684239763
x-amz-meta-mode
33188
content-length
149975
x-amz-id-2
To1Hntu7CBq/uyHV1wb3rnJZrYGKRil9TqCaQTaXUB0b3rlBgTu+U8jiEWdeCBnArD4qrB6b5e0=
x-served-by
cache-mxp6936-MXP
last-modified
Tue, 16 May 2023 12:22:44 GMT
server
AmazonS3-br
x-timer
S1684581083.488476,VS0,VE0
etag
"60ccdbe8a6cbccc003e38ee4081baab1"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
230075
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_8_0/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/32_8_0/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1684239781
date
Sat, 20 May 2023 11:11:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Y8K8S4Z219X7KHJ6
age
341191
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1684239781
x-amz-meta-mode
33188
content-length
7877
x-amz-id-2
BZL+TqR/Tp2zgSfP/ySPQ2xcqrjS1dbn0V/B5SUa66tC4jAfHyyHIAX9objcdIqWa7rNLrsLUZU=
x-served-by
cache-sof1510027-SOF
last-modified
Tue, 16 May 2023 12:23:02 GMT
server
AmazonS3-br
x-timer
S1684581083.929073,VS0,VE0
etag
"92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
683038
logs
http-intake.logs.datadoghq.com/api/v2/
2 B
253 B
Fetch
General
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.156.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-156-15.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2Evd3UtemhlLXl1YW4teW91LWppYW4tY3VvLXNoYW5nLTV5dWUtZ3VpLWR1aS15b3Uta3VuLW5hbi13YW5nLWppYW4tbWluLXd1LWZhLXl1LWd1LXNoaS1qaWFuLmh0bWw=.json
cdn.adpushup.com/42753/
555 B
867 B
XHR
General
Full URL
https://cdn.adpushup.com/42753/L2Evd3UtemhlLXl1YW4teW91LWppYW4tY3VvLXNoYW5nLTV5dWUtZ3VpLWR1aS15b3Uta3VuLW5hbi13YW5nLWppYW4tbWluLXd1LWZhLXl1LWd1LXNoaS1qaWFuLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Sat, 20 May 2023 11:11:23 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=106, ak_p; desc="467939_399431004_92313968_11042_1265_63_0";dur=1
content-length
555
expires
Sat, 20 May 2023 12:11:23 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
705 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 20 May 2023 11:11:23 GMT
via
1.1 varnish
x-amz-request-id
H4VMMJK5BJ28AACK
age
8102
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
wqrzUZj+PyXQbx7NPs6XGJfTXcmyC5kCorij+F2vG2VSm+8WFlX2ukfx9t9vXOfg0fyCCarOedI=
x-served-by
cache-sof1510027-SOF
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1684581083.015099,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
55
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3465
integrator.js
adservice.google.ge/adsid/ Frame 6771
107 B
531 B
Script
General
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6771
107 B
196 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6771
492 B
263 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=215892918174532&correlator=3526377923825176&eid=31072019%2C31072878%2C31074171%2C31074711%2C31074763&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1684581083012&lmt=1644386353&dlt=1684581082312&idt=680&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=lqre4ek71t2o&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1932599859.1684581083&ga_sid=1684581083&ga_hid=1834058178&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3df5a309d69a7d7481f99c2cb6f85dd22ccd6f42016bf89a0226ce78538d6199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
96b20f8e90d389581d4201d324a7b64d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1FF3
6 KB
3 KB
Document
General
Full URL
https://96b20f8e90d389581d4201d324a7b64d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:23 GMT
expires
Sun, 19 May 2024 11:11:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.ge/adsid/ Frame C938
107 B
165 B
Script
General
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C938
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C938
492 B
267 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4115958849001680&correlator=4105657787770772&eid=31074171&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1684581083061&lmt=1644386353&dlt=1684581082316&idt=722&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=t9lcibsuh1h0&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1334172506.1684581083&ga_sid=1684581083&ga_hid=933083728&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
94957da364e739aba584949d72be3ee09b752b416bd0fcdc5765fd48e692a81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1aa115841f28291ebd7590ab61c77aae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 911D
6 KB
3 KB
Document
General
Full URL
https://1aa115841f28291ebd7590ab61c77aae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:23 GMT
expires
Sun, 19 May 2024 11:11:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vbc
b.logly.co.jp/
0
188 B
Image
General
Full URL
https://b.logly.co.jp/vbc?ac=VfqTamw0UCrQsZVeWZCTlw&sp=4308934&ia=0&at=1684581081
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.119.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-119-46.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:23 GMT
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
js
www.googletagmanager.com/gtag/
234 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8d96a1d8caa34a5136c1fe99e78556d70623dbcdedcff0e1c38f9db23b092ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82582
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 May 2023 11:11:23 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame E779
379 B
600 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b5218ca2461969488b35f4b65ec24ab9fb02017c18de8cb8e336a14b256f19c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E779
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BC85
26 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
71de0be3264880e3cb26b02330551d49f2b261bef9892cbb39e85a8013910869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11201
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:23 GMT
expires
Sat, 20 May 2023 11:11:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame FD76
379 B
314 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b148a591bc830af03e8b2a5528d71c510cce7b8831071ed7b931a1d69e24d813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
x-xss-protection
0
integrator.js
adservice.google.ge/adsid/ Frame FD76
107 B
165 B
Script
General
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FD76
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
adx.holmesmind.com/adx-file/20230307/ Frame 78FC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168458...
  • https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
463 B
876 B
Document
General
Full URL
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-59.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ca78e8d1923a071bc5fa4b68044bc5644a11b856668a24814f1e9a56e9bf8d0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
1552
content-length
463
content-type
text/html
date
Sat, 20 May 2023 10:45:33 GMT
etag
"291c872afa27e30cecfbd80c44ce20b8"
last-modified
Tue, 07 Mar 2023 12:41:13 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-id
W5l6XuZipIAHVu2C_syNJda0GaxbSLsvtGpIF-VdO6rF5rYAs8n6WQ==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
L7mKK4pQTVO2vey7TX8zPKwpCVXg3Qid
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:23 GMT
location
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync.js
sync.logly.co.jp/sync/ Frame 9020
501 B
1 KB
Script
General
Full URL
https://sync.logly.co.jp/sync/sync.js
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.118.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-118-121.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e651de0e4fe3a67ecc4e9f8c0cf02985c2451e8cd4a237b823be52051d0ced55

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://sync.logly.co.jp/sync/sync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:23 GMT
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
access-control-allow-origin
*
content-type
text/javascript
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je35h0&_p=9639&cid=672143067.1684581084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684581083&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&dt=%E5%90%B3%E5%93%B2%E6%BA%90%E5%8F%B3%E8%82%A9%E6%8C%AB%E5%82%B75%E6%9C%88%E6%AD%B8%E9%9A%8A%E6%9C%89%E5%9B%B0%E9%9B%A3%E3%80%80%E7%8E%8B%E5%BB%BA%E6%B0%91%EF%BC%9A%E7%84%A1%E6%B3%95%E9%A0%90%E4%BC%B0%E6%99%82%E9%96%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6771
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a331d9311833e80e38a6effd35377104f285da3ed2be1b8ed6cf727f5763879c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11261
x-xss-protection
0
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 1BB6
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZGiq3MCo8YsAALzyuQcAAAAA
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZGiq3MCo8YsAALzyuQcAAAAA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68779

Redirect headers

X-SO-Cluster-ID
0
Date
Sat, 20 May 2023 11:11:24 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"91.239.206.150","key":"ZGiq3MCo8YsAALzyuQcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad416"}
X-SO-Key
ZGiq3MCo8YsAALzyuQcAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad416
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZGiq3MCo8YsAALzyuQcAAAAA
Cache-Control
private
X-SO-HostName
m-ad416.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-IP
91.239.206.150
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 1BB6
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=58de722828b344bea7...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=58de722828b344bea7086abb3aff19da
0
221 B
Image
General
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=58de722828b344bea7086abb3aff19da
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68757

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=58de722828b344bea7086abb3aff19da
date
Sat, 20 May 2023 11:11:31 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 1BB6
0
0
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 1BB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW2ZQ0-1Q-DG4O
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW2ZQ0-1Q-DG4O
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68770

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW2ZQ0-1Q-DG4O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 1BB6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ev59YhBE2oRwwFHDwrFevxfxnl0MGeaGSZwU1Q--~A
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ev59YhBE2oRwwFHDwrFevxfxnl0MGeaGSZwU1Q--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68771

Redirect headers

date
Sat, 20 May 2023 11:11:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ev59YhBE2oRwwFHDwrFevxfxnl0MGeaGSZwU1Q--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 1BB6
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=6ecafbf8dccc891c3e59ba05cc40594e
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=6ecafbf8dccc891c3e59ba05cc40594e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68770

Redirect headers

location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=6ecafbf8dccc891c3e59ba05cc40594e
date
Sat, 20 May 2023 11:11:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 1BB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjwSnVZp4Le_iGCA39lIWQ&google_cver=1
0
83 B
Image
General
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjwSnVZp4Le_iGCA39lIWQ&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Sat, 20 May 2023 11:11:25 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1684581085.927407,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-sof1510027-SOF

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjwSnVZp4Le_iGCA39lIWQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1BB6
42 B
245 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058:$UID
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 20 May 2023 11:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 1BB6
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
date
Sat, 20 May 2023 11:11:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68774
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 1BB6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7fc38604-7561-40d5-8fc3-88b242d19c34
0
251 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7fc38604-7561-40d5-8fc3-88b242d19c34
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Sat, 20 May 2023 11:11:24 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1684581084.025313,VS0,VE93
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-sof1510027-SOF

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=7fc38604-7561-40d5-8fc3-88b242d19c34
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 1BB6
0
0

rtset
bh.contextweb.com/bh/ Frame 1BB6
49 B
863 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
ka-GE
content-type
image/gif
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78764785dd-dr7hz
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1BB6
43 B
594 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1BB6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f7062fdb-10b3-4349-8439-504c96000fa8
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f7062fdb-10b3-4349-8439-504c96000fa8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69834

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f7062fdb-10b3-4349-8439-504c96000fa8
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1066937
content-length
0
expires
Sat, 20 May 2023 00:00:00 GMT
d287bd84-e581-47c4-a797-199ba0e2bd17
id5-sync.com/a/464/1132/0/8/gif/0/0/ Frame 1BB6
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-3656KS_OH6GQshtes8IRFQfQFEWLEXpn7TCX3Bcn-Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/6/2.gif?puid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7fc38604-7561-40d5-8fc3-88b242d19c34&ttl=%%TTL%%
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LHVW306E-12-9PM4&gdpr=0
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/19/3/5.gif?puid=afe268f8acf791be5188634701323e07&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=afe268f8acf791be5188634701323e07&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=afe268f8acf791be5188634701323e07&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7...
  • https://id5-sync.com/c/464/485/2/6.gif?puid=08824236776112981773841656358166746996&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/441/1/7.gif?puid=e_46c5d185-140f-403c-803c-9934d8a546ee&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fid5-sync.com%2Fa%2F464%2F1132%2F0%2F8%2Fgif%2F0%2F0%2F
  • https://id5-sync.com/a/464/1132/0/8/gif/0/0/d287bd84-e581-47c4-a797-199ba0e2bd17
43 B
2 KB
Image
General
Full URL
https://id5-sync.com/a/464/1132/0/8/gif/0/0/d287bd84-e581-47c4-a797-199ba0e2bd17
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
HTTP/1.1
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 20 May 2023 11:11:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Sat, 20 May 2023 11:11:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://id5-sync.com/a/464/1132/0/8/gif/0/0/d287bd84-e581-47c4-a797-199ba0e2bd17
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 1BB6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=2199b558-da5e-44b6-832f-101a308b5b95&ssp=taboola&bsw_param=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69776

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
date
Sat, 20 May 2023 11:11:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 1BB6
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=09f399e4-c6e0-4493-b1a9-5aac0861555e
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=09f399e4-c6e0-4493-b1a9-5aac0861555e&tbid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&query=taboola_hm%3D09f399e4-c6e0-...
0
135 B
Image
General
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=09f399e4-c6e0-4493-b1a9-5aac0861555e&tbid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&query=taboola_hm%3D09f399e4-c6e0-4493-b1a9-5aac0861555e&isDirect=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 20 May 2023 11:11:29 GMT
via
1.1 varnish
server
nginx
x-timer
S1684581090.836996,VS0,VE37
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-sof1510027-SOF

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=09f399e4-c6e0-4493-b1a9-5aac0861555e&tbid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&query=taboola_hm%3D09f399e4-c6e0-4493-b1a9-5aac0861555e&isDirect=0
date
Sat, 20 May 2023 11:11:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68753
sd
u.openx.net/w/1.0/ Frame 1BB6
43 B
122 B
Image
General
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 1BB6
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&dongle=tbla&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 20 May 2023 11:11:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 20 May 2023 11:11:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 1BB6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY
0
221 B
Image
General
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68761

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY
Date
Sat, 20 May 2023 11:11:27 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
match
ads.betweendigital.com/ Frame 1BB6
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&crf=1
68 B
598 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&crf=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=22&external_user_id=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
t.adx.opera.com/ Frame 1BB6
35 B
467 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:27 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 1BB6
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69808

Redirect headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:23 GMT
x-amz-request-id
Y9HM0FG4CEQVXQW5
age
1478
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
L1qJGtGoLr2a/9G/fjQBT+Qy6sxprAItOBmFc1iVgIqFJeLifbQzKhzoFLr/3xtR/NdHYx1LTx6wha/vQZeRsQ==
x-served-by
cache-sof1510027-SOF
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1684581084.683936,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
55
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
15689
fraud-detect.js
cdn.taboola.com/scripts/
121 B
476 B
Script
General
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:23 GMT
x-amz-request-id
P6T6PP6XFNH8SVTF
age
2643
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
Qmf1NzI8yZUZdy3o4PM32OD+iPFg9AS3wHasA/5wQAh4nA5dhO9GxDqQXRemtlNTNVLhMEvebAU=
x-served-by
cache-sof1510027-SOF
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1684581084.684016,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
55
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
18192
eidf.es5.js
cdn.taboola.com/scripts/
17 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Sat, 20 May 2023 11:11:23 GMT
x-amz-request-id
7QVH5HCARX8WBYH3
age
19167
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
XHEpN8NTCiFG8dCTiOn5f9Rdu5JwzWZMk+3GIoygxIcVkWruLwdnVCiLFbMy0/04g+EPkvpy29s=
x-served-by
cache-sof1510027-SOF
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1684581084.684198,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
55
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
3462355
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 36DF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ev59YhBE2oRwwFHDwrFevxfxnl0MGeaGSZwU1Q--~A
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ev59YhBE2oRwwFHDwrFevxfxnl0MGeaGSZwU1Q--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68764

Redirect headers

date
Sat, 20 May 2023 11:11:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ev59YhBE2oRwwFHDwrFevxfxnl0MGeaGSZwU1Q--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 36DF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-06osZhxE2uFiE_4cSt7vWI1I6osX8f6w~A&gdpr_in_effect=0
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-06osZhxE2uFiE_4cSt7vWI1I6osX8f6w~A&gdpr_in_effect=0
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68764

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-06osZhxE2uFiE_4cSt7vWI1I6osX8f6w~A&gdpr_in_effect=0
date
Sat, 20 May 2023 11:11:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 3B1C
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 May 2023 11:11:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
pips.taboola.com/
4 B
96 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6936-MXP
date
Sat, 20 May 2023 11:11:23 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6771
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 May 2023 11:11:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C938
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
65046c9819cc57684d99ae31cc35a7f96c81a311ea36f370e4a9c0205706d248
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11254
x-xss-protection
0
set
sync.im-apps.net/imid/ Frame 9020
43 B
694 B
Image
General
Full URL
https://sync.im-apps.net/imid/set?cid=6858&tid=lid&uid=MVXleWlkuuc4M2S3r5x3_pUsPls
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://sync.logly.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:25 GMT
Cache-Control
private, max-age=3000
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
aw.dw.impact-ad.jp/c/mapr/ Frame 9020
Redirect Chain
  • https://aw.dw.impact-ad.jp/c/map/?oid=26eb996a1a9c6758&cid=MVXleWlkuuc4M2S3r5x3_pUsPls&sp=dsd
  • https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=MVXleWlkuuc4M2S3r5x3_pUsPls&sp=dsd
43 B
215 B
Image
General
Full URL
https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=MVXleWlkuuc4M2S3r5x3_pUsPls&sp=dsd
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Server
35.186.254.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.254.186.35.bc.googleusercontent.com
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://sync.logly.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains;
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 20 May 2023 11:11:31 GMT
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains;
content-type
text/plain; charset=utf-8
location
/c/mapr/?oid=26eb996a1a9c6758&cid=MVXleWlkuuc4M2S3r5x3_pUsPls&sp=dsd
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pubmatic.gif
sync.logly.co.jp/rtb/ Frame 9020
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=162474&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162474%26pr%3Dhttps%253A%252F%252Fsync.logly.co.jp%252Frtb%252Fpubmatic.gif%253Fbu...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=162474&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162474%26pr%3Dhttps%253A%252F%252Fsync.logly.co.jp%252Frtb%252Fpubmatic.gif%253Fbu...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkY4NTFCMUUtMzA3Ni00RjM0LUIwNTMtMThCRTJGRENCQUE4&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=162474&pr=https%3A%2F%2Fsync.logly.co.jp%2Frtb%2Fpubmatic.gif%3Fbuyeruid%3DFF851B1E-3076-4F34-B053-18BE2FDCBAA8
  • https://sync.logly.co.jp/rtb/pubmatic.gif?buyeruid=FF851B1E-3076-4F34-B053-18BE2FDCBAA8
43 B
451 B
Image
General
Full URL
https://sync.logly.co.jp/rtb/pubmatic.gif?buyeruid=FF851B1E-3076-4F34-B053-18BE2FDCBAA8
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Server
52.68.118.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-118-121.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://sync.logly.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
access-control-allow-origin
*
content-type
image/gif
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept

Redirect headers

location
https://sync.logly.co.jp/rtb/pubmatic.gif?buyeruid=FF851B1E-3076-4F34-B053-18BE2FDCBAA8
date
Sat, 20 May 2023 11:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content_v3.js
vidstat.taboola.com/
16 KB
5 KB
Script
General
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:23 GMT
via
1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
VIE50-C2
age
724262
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-sof1510027-SOF
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1684581084.954093,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
YyL9Y-P-0uoPuNAbLSUf938w9jdvxVLEsaFVMHVP8nvgzc7ZbDPBQQ==
x-cache-hits
101427
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/
436 KB
83 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1683622864
date
Sat, 20 May 2023 11:11:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
ZCWF70SHAJ6XT07R
age
958145
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1683622879
x-amz-meta-mode
33188
content-length
84209
x-amz-id-2
3GhIyVdZ7jLlhT0EeM8M1XLnShrW54kAHe4y9DmLptF25KLLScwjhb0UoKW0IuQtsI1ZMeqlwBk=
x-served-by
cache-sof1510027-SOF
last-modified
Tue, 09 May 2023 09:01:20 GMT
server
AmazonS3-br
x-timer
S1684581084.005349,VS0,VE0
etag
"5b7fa2993f4635dad5e1ba884ca41236"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
743499
sync
am-match.taboola.com/ Frame 0876
674 B
759 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c489134cd8282e379ab7e6aa10e0292038bd696b17554fd03251b59d1a840bdd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 20 May 2023 11:11:24 GMT
machineid
3401
server
nginx
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&cmcv=&pix=31579697&cb=1684581083965&uv=3280&tms=1684581083965&su=3&abt=nonrv_vA!nrlc_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
content-length
0
server
nginx
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 20 May 2023 11:11:25 GMT
cache-control
no-store
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sat, 20 May 2023 11:11:27 GMT
via
1.1 3d4555926457517be3e728d2175d92a2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
VIE50-C2
age
2356910
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-sof1510027-SOF
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1684581088.552369,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
6RrWc2x4zaGe7BI0hmFGsUr1huLkLXjkJxFg2dogjaq2AdwguPqLpg==
x-cache-hits
199795
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C938
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 May 2023 11:11:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 47BF
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPih84DEI_JptQDGJ3kmukBMAE&v=APEucNWI8YJgZVAq62QvPCk9L6gQiH1J5J6VYhxpwzY5lbNiEuOM3CGb0s9u0hO-huO-ELNZQYjWB3ljuQfPvwTvCRSdisKfQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D186
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame D186
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Jun 2023 10:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame D186
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Jun 2023 10:38:12 GMT
l
www.google.com/ads/measurement/ Frame D186
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrd7mrEf1C1gCmd8URJ7Sve7sdX7AkoqXDVd2l68jAAVVk_99Rd7DECw0vZDCB2C1m42K5uedXXhH7v57c3tP-rT-y5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D186
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D186
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJVfutJYPujvh9OYQk11GO-g_gh4TpKbkt7pFdzf1SWOE0xA7wmpX1b1gyOEhtp61r4DQCs6OtbCPThSSvXecxkhjS5jr2MVlAm-RGGBMp9e6Dk2E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D186
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=839153802439898127&x=1&ct=119
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 0876
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5193034627608884685&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69819

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
date
Sat, 20 May 2023 11:11:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usync.js
eus.rubiconproject.com/ Frame 3B1C
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c33a270d2d88185096c9bfd79150c6289194683ed931f6830546332cdf0b5cb0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 May 2023 06:51:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70803
Connection
keep-alive
Content-Length
10084
Expires
Sun, 21 May 2023 06:51:27 GMT
usync.html
eus.rubiconproject.com/ Frame 88E0
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 May 2023 11:11:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 7C96
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
0
230 B
Document
General
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
date
Sat, 20 May 2023 11:11:24 GMT
server
nginx
x-fastly-to-nlb-rtt
69839

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Sat, 20 May 2023 11:11:24 GMT
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a280fad7-2795-4ec5-b242-08f0c9cf18e5
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
rum
dsum-sec.casalemedia.com/ Frame 47BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPih84DEI_JptQDGJ3kmukBMAE&v=APEucNWI8YJgZVAq62QvPCk9L6gQiH1J5J6VYhxpwzY5lbNiEuOM3CGb0s9u0hO-huO-ELNZQYjWB3ljuQfPvwTvCRSdisKfQQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 47BF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGiq3DjU40k.X6Q0gow1ygAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPih84DEI_JptQDGJ3kmukBMAE&v=APEucNWI8YJgZVAq62QvPCk9L6gQiH1J5J6VYhxpwzY5lbNiEuOM3CGb0s9u0hO-huO-ELNZQYjWB3ljuQfPvwTvCRSdisKfQQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFcGT_OBvCMYpM8gs0Oov4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 47BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJoXMYLcPwjw5-BBxPj5n_o&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJoXMYLcPwjw5-BBxPj5n_o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPih84DEI_JptQDGJ3kmukBMAE&v=APEucNWI8YJgZVAq62QvPCk9L6gQiH1J5J6VYhxpwzY5lbNiEuOM3CGb0s9u0hO-huO-ELNZQYjWB3ljuQfPvwTvCRSdisKfQQ
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:24 GMT
AN-X-Request-Uuid
bbf7e7c0-baac-4f73-9d22-4de9902768e6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJoXMYLcPwjw5-BBxPj5n_o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 47BF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwODE3NjAyNjEyMTM5NDQwNg%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwODE3NjAyNjEyMTM5NDQwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPih84DEI_JptQDGJ3kmukBMAE&v=APEucNWI8YJgZVAq62QvPCk9L6gQiH1J5J6VYhxpwzY5lbNiEuOM3CGb0s9u0hO-huO-ELNZQYjWB3ljuQfPvwTvCRSdisKfQQ
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 20 May 2023 11:11:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
99c9f37c-a076-43d7-8453-3fd8f961ee23
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIwODE3NjAyNjEyMTM5NDQwNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6681
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
3963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 10:05:21 GMT
expires
Sun, 19 May 2024 10:05:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5D55
1 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
/
Resource Hash
9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1103
content-type
text/html; charset=UTF-8
date
Sat, 20 May 2023 11:11:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A33
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
3963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 10:05:21 GMT
expires
Sun, 19 May 2024 10:05:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CAE9
1 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
/
Resource Hash
9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1103
content-type
text/html; charset=UTF-8
date
Sat, 20 May 2023 11:11:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D186
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5579032652447&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D186
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5579032652447&version=m202301230201&ct=119&x=1&cor=839153802439898100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D186
83 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZutCPTfbFie8KDKevTyGzuF1adi3eot6NzlghavoNmMn1JW8zJ8qM2YJ8SU3LOTrft28F4LWuRGd2DhHj1BwsVeYhjiItjK_aVl7wtFvOcU4yKEInivkuuOCe-gjdpvgr7EpizsIMdADT6XTJ1thy4w0BOKwTtNi07POFGjv9y93YqBo&cry=1&dbm_d=AKAmf-BYaAEL8A0J_78HAfhiu5o7kiu1LpNyp74on6SRPKXkv2E-o1IN1UrTlVX-1VZrLkWovpPxHSQJP7yGBPzlwuL0e77XAMSEDmxx50u8_xo669i_7ZLysmQn7kxl1UiM1ETCIemyE5rqW6s3_7UKlgPTqmeG4SVJulHIrfX-bTN_rcctSEKbhR7BO6nQHy4ZrjgzTxv4C9A4-UH7LxPjQMIGdxgo-Ga2GmllRjEptzXagsXLCe7l7T78959fyHpt6e6hzZzPQFPqEdUNO7VHu43Td1afL-foOnO3NlhB2YxcNWZ7tw_01-1om3l6EJxNIbBeZ30_JtjpSdYqouB5q7l_cs3yOFhQa0uzEvO24d35TonlF33KHsD6xTjdvPWq7BonXcR9BBFzS7EKvYIWRLxlwsdX4zcIE74BN7vvzEsCS66anBtp7K3uFiHuBF6kItbMJC1UUuGCBEFHNE6K-pffMa0zm-T1MN05Ev-T8zqEJ6tj-cSSNDEsHkJYxaA54p7fNxN9DbciuPrcLXMe_DGBB3g51QaachpyZ_VDJy0zbKYcL-c_tG454OMUkWZbvItcNsTOfSHjmntd5b9cPlMTaA8RWJ9N6WubOp7uTFL04VwjvfY7ZYDFT4-JXJMXWUOZ2k_ZqX2a3uRl0P3gtsHaxM81Zy3ZJJbM_8trEORKkD87HcVb0FLctw5cgaP_X0-5K36kkpNVQvM3DulFxs0IU7IXZ5wXMtuOrmEyz5vDVo1p9uR6RLcTdx-AETSvAd-UufGaiReCfvrUDhoO9aXkNkUtfU3FdQQfjqc9MrjhNCsJN9SRDZiecxFcgSux3PBo8-MQ4pS0otFOgRLiVgyoXhX19jWGelLI46Sx7yKlwxSiEGNo5ACK0lhRp8ueDuwc4dLgN5pAFrXeVhWz5kbyatpPRC14yXykrhldpmWK4nkj633hWUeDVgIFCVJrzAjSFiEBEYSTyb2NpSYOx6QuoCV9q6YrCQ51hZKhMvG_iIiLDi7hQ5ljpvN-HoxV-InQaZWkgp6gmM5UyNK3QUR26ReNS7LkMy7mlbEe3uAEQ8qwsdb0TUUU8Ix6KiWK2EgOQ8lxwEtdK91xksBICzZb448af1pCgu0ZbX1eWOAIDH-pxH0-Dfl0Ip4o5RQ9mAjbaHGdeY0xGKjH3r4bSV-0G2xCjcoaBDFaVGExXladEHyi0SEmxTrcteDWe7hVxDPxN-hKomPuGN3BHKYUri_VGCdltNm3Adb0Bcm9SdWxnyJICqmvZ63bGWcG0nDTzU_PhhiWpuFFMAzZwJKMjWybCL29WzW_yfes7_2PZbmDiZq2vgiGB0TT0V35w-O2Zd5ctB6WOuDjBxFHcV0bQNYwIqV1fzTLYmHQF1mVe8Lifv1IJATXWhovLgVO-P4Jgt6yPw0eyA3iWFoI56e08HK0LwgwArmrDL6M0a7r277yzWE2rLdeVoxWtn6Ce_mRZJIXuVWiOTefiy1QGD9GeRMtfcqBZvGUpejWHa0inmVUKvm7gnOaJMmKkV3e3xP0x_sEgcWa1nxj8y2safnCYxa2KJNr7mihshL1NVNbYReBreaMbCEFXgJk9a-2DABdiKcCFb-ernH3-BvwDWWOM-vTU5p9dIIzQrhbd_1SgopwtkVJll01mIyUf03rtM7uLwPAXzcUzHTxJA3hPygHDzdUTesNjy6cRiN-2PhULwNdIaLEjxMdxX-BnbXQ6xI8A09rSrDOK-uJfdoBACM9DmuNgTLitIUqy31H-unKWOjrvZd9w7mB0t1-ZlmiKDbEDOur7M3qdmyxsqJNpyJv-vkBQItdczURGFSCHKJB81ERGpkXBJtkb7kpCN6q2Lz9K7B_MUakPTtBwlyOUa9Yb0mVH0Tjgryzq2KfWTwsy78unkP4xQkhH6WuDS_qYeU1VVuUaSz2odK4Zj428dJFFCYjvo5QNiHYfHLhn_U1W0fyyzzCtl6AlDgfBe2FDI6Ptwc9r_BXCBuA_TVZhEITTHLk3_qTGHEH-M_foV0sQO9d2ds_M7mO6WT4qyxFN5D78xBJ9-uDHxM4XHjLe6-oOq8sym9hHm4xSe0dvvG08-TYi1QtnIWnx-o7yFu_nC_XvyOZSCVyKR3NEqRhMJqh_mwIG2_JpZNGodFHWgDa3i92u-rwAK0rrJd9SygwT1sACtI1cz1rwZe7buRnX_euOfI7NDsPnSUxGwIyRWG1BLushaNMuohM4XuVaA_8VUb6jrCmH-qh3jbUfrq1qqCZ9KMfO7f_NtV6KPWEKEz4S0M7ygDxoM4VJ_QKRcB_kDx5jqx0L-KQZUJRnECUbexYuyqfBVkgjkM9iRALjpDO8FhtEguWI01g-FPRoSO4o40GPRxHGGtX0eqXXSVOnY6b9lSEX4_QuXMu3beYA3cuoOrXiYGS6pVDF8fVI6bMlmZMo_HP6reCyMz28BLQTPr1joNfzEXOPGcYaceFQFzB4Kz7e_BzlEs1bBaMkjrz79yDQa5ec3GVcLnNzIDnHedAyVRyh5hFV2h7d1-4aSNn8r6cVn41dgdE41_eLRxSAcFnFVW9sLEAgJgK0pnL3LSxioZwNtipqQ0Idus3LJPoIeXF7IFdp8t6_mgcQuT7AQPkt0Pco700SQeWVizbe2DE04Gw1C1TE7d6A6SmeSPNb_CQJWUYQBdD-q-naiGobC_GQ0oz-tNwdhMpvyArw2IJ3UwrLhhogie0UVghovQOh0XRSgwVAHoB_dbMHQFuALisFWa8tofu9Cd9FbPNyc7HPU5xPx6tJqNJJw7qAQieqi14LN0tX-wLYuHVBqDctxvDd9lv5QP4qTcaN11zDqhQkJxdcChJ4LAN6cGO5frYzvyUeuRLv16K0VaAZ9reVhBRodVSAOSD2XOTetJbTWtukajGHJF2XkqL4VqEKu3Z-i9A7tR1byE4wy5hQdyf7ecP0Kc1F68sA9gwzKdFw2Q8-4DlkdiFTCAqFiqe_-BWTg7tBaQHXSliQl1Lfuy3XKK6DHqccV9jtupkqu2RDYlWdoo636bICioZuA65ipXI7ATr0gaKgaj4DqTlLWXRvnZKnqL4FMVb73gartMoxuHdaRpTJ6PCsfudYz9GjtRZPd9tbZc7m_cV2l4Ccm__FlHrIp4qT6ov1nXNmg08qwT7NIK7FffO_54f0yeIo7Y-M-vfJNOFk6MCkIOfdh1vmZKAgstAm0bniCrsi31CKzIRVsf_CLi7IKdI4KYGgTDg2GYYADmWr4tDROAEeLkHVg3_Nj_MHzxsowcMfmMgGeymvb2ZuKbbKThGNIpyJScCFjTdFkF8wBmpAILBrCCcXRtr4hCfJqJ9l_FY1qtIG9AroL5Z97vQL8VCIlRlJRPsSqXsynUDQ5Ee53T2morEXJ3GJzmLYRsWdEDrKdjfRLHW0B515cus21CDveEz5BSgRGeaPiazjE2PVDiDrlT3ArH_3Bj_gUO3oRlPNJwDVd4qs13EaxVprEXSXdNj6Qbz376RkQv-QZHz4pz1xEourSMeX9czxTrC0y9PV01TwRW6M7U9IExRVQYpGYwcUjUmzggxDerLInzYfAsjgVd_7YyasbnWigwb2-wjPpbTgQ7BttmdnQTLrarrKLQb1EcJLaYwLhxmduegfQdFvAg5W9qiaMsjHmbGc2480RawxavFeQWxyN77d4KGZljaIMp90lx5bzswt2g&cid=CAQSKQBygQiDlVEHlUYJWyehyaWJRMXbYBU4NZuYiwIhcuIQ7nm7VdqbZDznGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=839153802439898100&adk=1779837782&idt=257&cac=0&dtd=64
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4828793dbfe423b1f7fe0d4c8ddc94b2b991f5ecc76abf928a7a1e7520d15f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35756
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 3B1C
284 B
966 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ysm_bg3.js
ad.sitemaji.com/ Frame 78FC
31 KB
10 KB
Script
General
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 11 Apr 2023 09:02:38 GMT
server
nginx/1.12.1 (Ubuntu)
etag
W/"6435222e-7a34"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 May 2023 11:11:25 GMT
gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
pagead2.googlesyndication.com/bg/ Frame 6681
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
15992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 May 2024 06:44:52 GMT
gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
pagead2.googlesyndication.com/bg/ Frame 9A33
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
15992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 May 2024 06:44:52 GMT
usync.js
eus.rubiconproject.com/ Frame 88E0
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c33a270d2d88185096c9bfd79150c6289194683ed931f6830546332cdf0b5cb0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 May 2023 06:51:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70803
Connection
keep-alive
Content-Length
10084
Expires
Sun, 21 May 2023 06:51:27 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D186
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 May 2023 10:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame D186
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZutCPTfbFie8KDKevTyGzuF1adi3eot6NzlghavoNmMn1JW8zJ8qM2YJ8SU3LOTrft28F4LWuRGd2DhHj1BwsVeYhjiItjK_aVl7wtFvOcU4yKEInivkuuOCe-gjdpvgr7EpizsIMdADT6XTJ1thy4w0BOKwTtNi07POFGjv9y93YqBo&cry=1&dbm_d=AKAmf-BYaAEL8A0J_78HAfhiu5o7kiu1LpNyp74on6SRPKXkv2E-o1IN1UrTlVX-1VZrLkWovpPxHSQJP7yGBPzlwuL0e77XAMSEDmxx50u8_xo669i_7ZLysmQn7kxl1UiM1ETCIemyE5rqW6s3_7UKlgPTqmeG4SVJulHIrfX-bTN_rcctSEKbhR7BO6nQHy4ZrjgzTxv4C9A4-UH7LxPjQMIGdxgo-Ga2GmllRjEptzXagsXLCe7l7T78959fyHpt6e6hzZzPQFPqEdUNO7VHu43Td1afL-foOnO3NlhB2YxcNWZ7tw_01-1om3l6EJxNIbBeZ30_JtjpSdYqouB5q7l_cs3yOFhQa0uzEvO24d35TonlF33KHsD6xTjdvPWq7BonXcR9BBFzS7EKvYIWRLxlwsdX4zcIE74BN7vvzEsCS66anBtp7K3uFiHuBF6kItbMJC1UUuGCBEFHNE6K-pffMa0zm-T1MN05Ev-T8zqEJ6tj-cSSNDEsHkJYxaA54p7fNxN9DbciuPrcLXMe_DGBB3g51QaachpyZ_VDJy0zbKYcL-c_tG454OMUkWZbvItcNsTOfSHjmntd5b9cPlMTaA8RWJ9N6WubOp7uTFL04VwjvfY7ZYDFT4-JXJMXWUOZ2k_ZqX2a3uRl0P3gtsHaxM81Zy3ZJJbM_8trEORKkD87HcVb0FLctw5cgaP_X0-5K36kkpNVQvM3DulFxs0IU7IXZ5wXMtuOrmEyz5vDVo1p9uR6RLcTdx-AETSvAd-UufGaiReCfvrUDhoO9aXkNkUtfU3FdQQfjqc9MrjhNCsJN9SRDZiecxFcgSux3PBo8-MQ4pS0otFOgRLiVgyoXhX19jWGelLI46Sx7yKlwxSiEGNo5ACK0lhRp8ueDuwc4dLgN5pAFrXeVhWz5kbyatpPRC14yXykrhldpmWK4nkj633hWUeDVgIFCVJrzAjSFiEBEYSTyb2NpSYOx6QuoCV9q6YrCQ51hZKhMvG_iIiLDi7hQ5ljpvN-HoxV-InQaZWkgp6gmM5UyNK3QUR26ReNS7LkMy7mlbEe3uAEQ8qwsdb0TUUU8Ix6KiWK2EgOQ8lxwEtdK91xksBICzZb448af1pCgu0ZbX1eWOAIDH-pxH0-Dfl0Ip4o5RQ9mAjbaHGdeY0xGKjH3r4bSV-0G2xCjcoaBDFaVGExXladEHyi0SEmxTrcteDWe7hVxDPxN-hKomPuGN3BHKYUri_VGCdltNm3Adb0Bcm9SdWxnyJICqmvZ63bGWcG0nDTzU_PhhiWpuFFMAzZwJKMjWybCL29WzW_yfes7_2PZbmDiZq2vgiGB0TT0V35w-O2Zd5ctB6WOuDjBxFHcV0bQNYwIqV1fzTLYmHQF1mVe8Lifv1IJATXWhovLgVO-P4Jgt6yPw0eyA3iWFoI56e08HK0LwgwArmrDL6M0a7r277yzWE2rLdeVoxWtn6Ce_mRZJIXuVWiOTefiy1QGD9GeRMtfcqBZvGUpejWHa0inmVUKvm7gnOaJMmKkV3e3xP0x_sEgcWa1nxj8y2safnCYxa2KJNr7mihshL1NVNbYReBreaMbCEFXgJk9a-2DABdiKcCFb-ernH3-BvwDWWOM-vTU5p9dIIzQrhbd_1SgopwtkVJll01mIyUf03rtM7uLwPAXzcUzHTxJA3hPygHDzdUTesNjy6cRiN-2PhULwNdIaLEjxMdxX-BnbXQ6xI8A09rSrDOK-uJfdoBACM9DmuNgTLitIUqy31H-unKWOjrvZd9w7mB0t1-ZlmiKDbEDOur7M3qdmyxsqJNpyJv-vkBQItdczURGFSCHKJB81ERGpkXBJtkb7kpCN6q2Lz9K7B_MUakPTtBwlyOUa9Yb0mVH0Tjgryzq2KfWTwsy78unkP4xQkhH6WuDS_qYeU1VVuUaSz2odK4Zj428dJFFCYjvo5QNiHYfHLhn_U1W0fyyzzCtl6AlDgfBe2FDI6Ptwc9r_BXCBuA_TVZhEITTHLk3_qTGHEH-M_foV0sQO9d2ds_M7mO6WT4qyxFN5D78xBJ9-uDHxM4XHjLe6-oOq8sym9hHm4xSe0dvvG08-TYi1QtnIWnx-o7yFu_nC_XvyOZSCVyKR3NEqRhMJqh_mwIG2_JpZNGodFHWgDa3i92u-rwAK0rrJd9SygwT1sACtI1cz1rwZe7buRnX_euOfI7NDsPnSUxGwIyRWG1BLushaNMuohM4XuVaA_8VUb6jrCmH-qh3jbUfrq1qqCZ9KMfO7f_NtV6KPWEKEz4S0M7ygDxoM4VJ_QKRcB_kDx5jqx0L-KQZUJRnECUbexYuyqfBVkgjkM9iRALjpDO8FhtEguWI01g-FPRoSO4o40GPRxHGGtX0eqXXSVOnY6b9lSEX4_QuXMu3beYA3cuoOrXiYGS6pVDF8fVI6bMlmZMo_HP6reCyMz28BLQTPr1joNfzEXOPGcYaceFQFzB4Kz7e_BzlEs1bBaMkjrz79yDQa5ec3GVcLnNzIDnHedAyVRyh5hFV2h7d1-4aSNn8r6cVn41dgdE41_eLRxSAcFnFVW9sLEAgJgK0pnL3LSxioZwNtipqQ0Idus3LJPoIeXF7IFdp8t6_mgcQuT7AQPkt0Pco700SQeWVizbe2DE04Gw1C1TE7d6A6SmeSPNb_CQJWUYQBdD-q-naiGobC_GQ0oz-tNwdhMpvyArw2IJ3UwrLhhogie0UVghovQOh0XRSgwVAHoB_dbMHQFuALisFWa8tofu9Cd9FbPNyc7HPU5xPx6tJqNJJw7qAQieqi14LN0tX-wLYuHVBqDctxvDd9lv5QP4qTcaN11zDqhQkJxdcChJ4LAN6cGO5frYzvyUeuRLv16K0VaAZ9reVhBRodVSAOSD2XOTetJbTWtukajGHJF2XkqL4VqEKu3Z-i9A7tR1byE4wy5hQdyf7ecP0Kc1F68sA9gwzKdFw2Q8-4DlkdiFTCAqFiqe_-BWTg7tBaQHXSliQl1Lfuy3XKK6DHqccV9jtupkqu2RDYlWdoo636bICioZuA65ipXI7ATr0gaKgaj4DqTlLWXRvnZKnqL4FMVb73gartMoxuHdaRpTJ6PCsfudYz9GjtRZPd9tbZc7m_cV2l4Ccm__FlHrIp4qT6ov1nXNmg08qwT7NIK7FffO_54f0yeIo7Y-M-vfJNOFk6MCkIOfdh1vmZKAgstAm0bniCrsi31CKzIRVsf_CLi7IKdI4KYGgTDg2GYYADmWr4tDROAEeLkHVg3_Nj_MHzxsowcMfmMgGeymvb2ZuKbbKThGNIpyJScCFjTdFkF8wBmpAILBrCCcXRtr4hCfJqJ9l_FY1qtIG9AroL5Z97vQL8VCIlRlJRPsSqXsynUDQ5Ee53T2morEXJ3GJzmLYRsWdEDrKdjfRLHW0B515cus21CDveEz5BSgRGeaPiazjE2PVDiDrlT3ArH_3Bj_gUO3oRlPNJwDVd4qs13EaxVprEXSXdNj6Qbz376RkQv-QZHz4pz1xEourSMeX9czxTrC0y9PV01TwRW6M7U9IExRVQYpGYwcUjUmzggxDerLInzYfAsjgVd_7YyasbnWigwb2-wjPpbTgQ7BttmdnQTLrarrKLQb1EcJLaYwLhxmduegfQdFvAg5W9qiaMsjHmbGc2480RawxavFeQWxyN77d4KGZljaIMp90lx5bzswt2g&cid=CAQSKQBygQiDlVEHlUYJWyehyaWJRMXbYBU4NZuYiwIhcuIQ7nm7VdqbZDznGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=839153802439898100&adk=1779837782&idt=257&cac=0&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:39:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
1897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Jun 2023 10:39:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame D186
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZutCPTfbFie8KDKevTyGzuF1adi3eot6NzlghavoNmMn1JW8zJ8qM2YJ8SU3LOTrft28F4LWuRGd2DhHj1BwsVeYhjiItjK_aVl7wtFvOcU4yKEInivkuuOCe-gjdpvgr7EpizsIMdADT6XTJ1thy4w0BOKwTtNi07POFGjv9y93YqBo&cry=1&dbm_d=AKAmf-BYaAEL8A0J_78HAfhiu5o7kiu1LpNyp74on6SRPKXkv2E-o1IN1UrTlVX-1VZrLkWovpPxHSQJP7yGBPzlwuL0e77XAMSEDmxx50u8_xo669i_7ZLysmQn7kxl1UiM1ETCIemyE5rqW6s3_7UKlgPTqmeG4SVJulHIrfX-bTN_rcctSEKbhR7BO6nQHy4ZrjgzTxv4C9A4-UH7LxPjQMIGdxgo-Ga2GmllRjEptzXagsXLCe7l7T78959fyHpt6e6hzZzPQFPqEdUNO7VHu43Td1afL-foOnO3NlhB2YxcNWZ7tw_01-1om3l6EJxNIbBeZ30_JtjpSdYqouB5q7l_cs3yOFhQa0uzEvO24d35TonlF33KHsD6xTjdvPWq7BonXcR9BBFzS7EKvYIWRLxlwsdX4zcIE74BN7vvzEsCS66anBtp7K3uFiHuBF6kItbMJC1UUuGCBEFHNE6K-pffMa0zm-T1MN05Ev-T8zqEJ6tj-cSSNDEsHkJYxaA54p7fNxN9DbciuPrcLXMe_DGBB3g51QaachpyZ_VDJy0zbKYcL-c_tG454OMUkWZbvItcNsTOfSHjmntd5b9cPlMTaA8RWJ9N6WubOp7uTFL04VwjvfY7ZYDFT4-JXJMXWUOZ2k_ZqX2a3uRl0P3gtsHaxM81Zy3ZJJbM_8trEORKkD87HcVb0FLctw5cgaP_X0-5K36kkpNVQvM3DulFxs0IU7IXZ5wXMtuOrmEyz5vDVo1p9uR6RLcTdx-AETSvAd-UufGaiReCfvrUDhoO9aXkNkUtfU3FdQQfjqc9MrjhNCsJN9SRDZiecxFcgSux3PBo8-MQ4pS0otFOgRLiVgyoXhX19jWGelLI46Sx7yKlwxSiEGNo5ACK0lhRp8ueDuwc4dLgN5pAFrXeVhWz5kbyatpPRC14yXykrhldpmWK4nkj633hWUeDVgIFCVJrzAjSFiEBEYSTyb2NpSYOx6QuoCV9q6YrCQ51hZKhMvG_iIiLDi7hQ5ljpvN-HoxV-InQaZWkgp6gmM5UyNK3QUR26ReNS7LkMy7mlbEe3uAEQ8qwsdb0TUUU8Ix6KiWK2EgOQ8lxwEtdK91xksBICzZb448af1pCgu0ZbX1eWOAIDH-pxH0-Dfl0Ip4o5RQ9mAjbaHGdeY0xGKjH3r4bSV-0G2xCjcoaBDFaVGExXladEHyi0SEmxTrcteDWe7hVxDPxN-hKomPuGN3BHKYUri_VGCdltNm3Adb0Bcm9SdWxnyJICqmvZ63bGWcG0nDTzU_PhhiWpuFFMAzZwJKMjWybCL29WzW_yfes7_2PZbmDiZq2vgiGB0TT0V35w-O2Zd5ctB6WOuDjBxFHcV0bQNYwIqV1fzTLYmHQF1mVe8Lifv1IJATXWhovLgVO-P4Jgt6yPw0eyA3iWFoI56e08HK0LwgwArmrDL6M0a7r277yzWE2rLdeVoxWtn6Ce_mRZJIXuVWiOTefiy1QGD9GeRMtfcqBZvGUpejWHa0inmVUKvm7gnOaJMmKkV3e3xP0x_sEgcWa1nxj8y2safnCYxa2KJNr7mihshL1NVNbYReBreaMbCEFXgJk9a-2DABdiKcCFb-ernH3-BvwDWWOM-vTU5p9dIIzQrhbd_1SgopwtkVJll01mIyUf03rtM7uLwPAXzcUzHTxJA3hPygHDzdUTesNjy6cRiN-2PhULwNdIaLEjxMdxX-BnbXQ6xI8A09rSrDOK-uJfdoBACM9DmuNgTLitIUqy31H-unKWOjrvZd9w7mB0t1-ZlmiKDbEDOur7M3qdmyxsqJNpyJv-vkBQItdczURGFSCHKJB81ERGpkXBJtkb7kpCN6q2Lz9K7B_MUakPTtBwlyOUa9Yb0mVH0Tjgryzq2KfWTwsy78unkP4xQkhH6WuDS_qYeU1VVuUaSz2odK4Zj428dJFFCYjvo5QNiHYfHLhn_U1W0fyyzzCtl6AlDgfBe2FDI6Ptwc9r_BXCBuA_TVZhEITTHLk3_qTGHEH-M_foV0sQO9d2ds_M7mO6WT4qyxFN5D78xBJ9-uDHxM4XHjLe6-oOq8sym9hHm4xSe0dvvG08-TYi1QtnIWnx-o7yFu_nC_XvyOZSCVyKR3NEqRhMJqh_mwIG2_JpZNGodFHWgDa3i92u-rwAK0rrJd9SygwT1sACtI1cz1rwZe7buRnX_euOfI7NDsPnSUxGwIyRWG1BLushaNMuohM4XuVaA_8VUb6jrCmH-qh3jbUfrq1qqCZ9KMfO7f_NtV6KPWEKEz4S0M7ygDxoM4VJ_QKRcB_kDx5jqx0L-KQZUJRnECUbexYuyqfBVkgjkM9iRALjpDO8FhtEguWI01g-FPRoSO4o40GPRxHGGtX0eqXXSVOnY6b9lSEX4_QuXMu3beYA3cuoOrXiYGS6pVDF8fVI6bMlmZMo_HP6reCyMz28BLQTPr1joNfzEXOPGcYaceFQFzB4Kz7e_BzlEs1bBaMkjrz79yDQa5ec3GVcLnNzIDnHedAyVRyh5hFV2h7d1-4aSNn8r6cVn41dgdE41_eLRxSAcFnFVW9sLEAgJgK0pnL3LSxioZwNtipqQ0Idus3LJPoIeXF7IFdp8t6_mgcQuT7AQPkt0Pco700SQeWVizbe2DE04Gw1C1TE7d6A6SmeSPNb_CQJWUYQBdD-q-naiGobC_GQ0oz-tNwdhMpvyArw2IJ3UwrLhhogie0UVghovQOh0XRSgwVAHoB_dbMHQFuALisFWa8tofu9Cd9FbPNyc7HPU5xPx6tJqNJJw7qAQieqi14LN0tX-wLYuHVBqDctxvDd9lv5QP4qTcaN11zDqhQkJxdcChJ4LAN6cGO5frYzvyUeuRLv16K0VaAZ9reVhBRodVSAOSD2XOTetJbTWtukajGHJF2XkqL4VqEKu3Z-i9A7tR1byE4wy5hQdyf7ecP0Kc1F68sA9gwzKdFw2Q8-4DlkdiFTCAqFiqe_-BWTg7tBaQHXSliQl1Lfuy3XKK6DHqccV9jtupkqu2RDYlWdoo636bICioZuA65ipXI7ATr0gaKgaj4DqTlLWXRvnZKnqL4FMVb73gartMoxuHdaRpTJ6PCsfudYz9GjtRZPd9tbZc7m_cV2l4Ccm__FlHrIp4qT6ov1nXNmg08qwT7NIK7FffO_54f0yeIo7Y-M-vfJNOFk6MCkIOfdh1vmZKAgstAm0bniCrsi31CKzIRVsf_CLi7IKdI4KYGgTDg2GYYADmWr4tDROAEeLkHVg3_Nj_MHzxsowcMfmMgGeymvb2ZuKbbKThGNIpyJScCFjTdFkF8wBmpAILBrCCcXRtr4hCfJqJ9l_FY1qtIG9AroL5Z97vQL8VCIlRlJRPsSqXsynUDQ5Ee53T2morEXJ3GJzmLYRsWdEDrKdjfRLHW0B515cus21CDveEz5BSgRGeaPiazjE2PVDiDrlT3ArH_3Bj_gUO3oRlPNJwDVd4qs13EaxVprEXSXdNj6Qbz376RkQv-QZHz4pz1xEourSMeX9czxTrC0y9PV01TwRW6M7U9IExRVQYpGYwcUjUmzggxDerLInzYfAsjgVd_7YyasbnWigwb2-wjPpbTgQ7BttmdnQTLrarrKLQb1EcJLaYwLhxmduegfQdFvAg5W9qiaMsjHmbGc2480RawxavFeQWxyN77d4KGZljaIMp90lx5bzswt2g&cid=CAQSKQBygQiDlVEHlUYJWyehyaWJRMXbYBU4NZuYiwIhcuIQ7nm7VdqbZDznGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=839153802439898100&adk=1779837782&idt=257&cac=0&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:39:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
1897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Jun 2023 10:39:47 GMT
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 88E0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LHVW2ZQ0-1Q-DG4O
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW2ZQ0-1Q-DG4O&gdpr=0&us_privacy=1---
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW2ZQ0-1Q-DG4O&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68763

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW2ZQ0-1Q-DG4O&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
generate_204
tpc.googlesyndication.com/ Frame 9A33
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?o6_ADg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6681
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Qrhgpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D186
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:39:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E198
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:04:13 GMT
etag
48472445140208031
expires
Sun, 21 May 2023 11:04:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D186
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d776cab666181215882c7692bade7bd3cd738856172cab6d85e65b316f96d0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS93dS16aGUteXVhbi15b3Utamlhbi1jdW8tc2hhbmctNXl1ZS1ndWktZHVpLXlvdS1rdW4tbmFuLXdhbmctamlhbi1taW4td3UtZmEteXUtZ3Utc2hpLWppYW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTk1MTZjY2ZjLWQ1YzYtNDRhNS04ZTBlLTcyOTlmNTAxYTVmNCIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJlOTJiY2U4Yy1jOWQ5LTQzMmEtYTExYy05MzRiMzRmOWZlNjYiLCJ0aW1lT2ZBdWN0aW9uIjoxNjg0NTgxMDgxODI2LCJiaWRzIjpbeyJjcG0iOjAuMDI3NTY3LCJhZElkIjoiNzRmYjIwNTdiNDQwYzY2Iiwib3JpZ2luYWxDcG0iOjAuMDI3NTY3LCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDI3NTY3MDAwMDAwMDAwMDAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2MzIsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjg0NTgxMDgyNDk1fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFwcG5leHVzIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NGZiMjA1N2I0NDBjNjYiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDI3NTY3MDAwMDAwMDAwMDAyfSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJlOTJiY2U4Yy1jOWQ5LTQzMmEtYTExYy05MzRiMzRmOWZlNjYiLCJ0aW1lT2ZBdWN0aW9uIjoxNjg0NTgxMDgxODI2LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX1dfQ%3D%3D&c_b=6881.799999237061
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.ge/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
166 KB
57 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3160974273609567&correlator=494944729030235&eid=31072019%2C31074750%2C31074508%2C31068825&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=1&adks=1420297610%2C2857874404&sfv=1-0-40&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D74fb2057b440c66%26hb_ap_bidder%3Dappnexus%26fcEnabled%3D0&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse&sc=1&cookie=ID%3D0dde64cb6805d0a4-22e09e42dddd001e%3AT%3D1684581083%3ART%3D1684581083%3AS%3DALNI_Mb9X6z_M0JrDCdwvl9CaIU2bGmJ3w&gpic=UID%3D00000c189c9158a5%3AT%3D1684581083%3ART%3D1684581083%3AS%3DALNI_MbJ8l478G6Hvsqgh37sOGDiV-WBHA&arp=1&abxe=1&dt=1684581084868&lmt=1684581084&dlt=1684581079645&idt=2478&adxs=236%2C436&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&frm=20&vis=1&psz=728x-1%7C728x-1&msz=728x-1%7C728x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=672143067.1684581084&ga_sid=1684581085&ga_hid=9639&ga_fc=true&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ac6b4ad9644408e73ea33c760ebcc96cc0b95d838f0a4ad1294f722153381463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58025
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 59A0
6 KB
3 KB
Document
General
Full URL
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:24 GMT
expires
Sun, 19 May 2024 11:11:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 May 2023 11:11:27 GMT
pixel
cm.g.doubleclick.net/ Frame E198
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJ7vRRuhP5sLlsnM5ByZP-M&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmUyNTg2YmEtYjhkMS00ZGZhLWIxZWYtMWZjODc5MGE3NTU4&google_gid=CAESEJ7vRRuhP5sLlsnM5ByZP-M&google_cver=1&google_push=ATf1kGO3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmUyNTg2YmEtYjhkMS00ZGZhLWIxZWYtMWZjODc5MGE3NTU4&google_gid=CAESEJ7vRRuhP5sLlsnM5ByZP-M&google_cver=1&google_push=ATf1kGO3CBX71dPw9kST26Lr6jXjJ6cviewwc725_uMBYHxtjFQTBXt_0mAkDXqZWUufysIoYCbKsZDIV4O8oL49AlVUmEBXMvQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmUyNTg2YmEtYjhkMS00ZGZhLWIxZWYtMWZjODc5MGE3NTU4&google_gid=CAESEJ7vRRuhP5sLlsnM5ByZP-M&google_cver=1&google_push=ATf1kGO3CBX71dPw9kST26Lr6jXjJ6cviewwc725_uMBYHxtjFQTBXt_0mAkDXqZWUufysIoYCbKsZDIV4O8oL49AlVUmEBXMvQ
date
Sat, 20 May 2023 11:11:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E198
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF6DzgNps4VkMragQLH-EUg&google_cver=1&google_push=ATf1kGNrefBk5ndWd2H_sd311dtUP7gydtYSwnO5xMUfVwBZUB8R9e7YNy3eYLUElag3NWBJTUsE1lJj5Y14...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDjbKskz2ntMWBdbCjztp8hejvf005YNpA&google_push=ATf1kGNrefBk5ndWd2H_sd311dtUP7gydtYSwnO5xMUfVwBZUB8R9e7YNy3eYLUElag3NWBJTUsE1lJj5Y...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDjbKskz2ntMWBdbCjztp8hejvf005YNpA&google_push=ATf1kGNrefBk5ndWd2H_sd311dtUP7gydtYSwnO5xMUfVwBZUB8R9e7YNy3eYLUElag3NWBJTUsE1lJj5Y14z-mb_RAIa1Jwhfs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDjbKskz2ntMWBdbCjztp8hejvf005YNpA&google_push=ATf1kGNrefBk5ndWd2H_sd311dtUP7gydtYSwnO5xMUfVwBZUB8R9e7YNy3eYLUElag3NWBJTUsE1lJj5Y14z-mb_RAIa1Jwhfs
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ebda
match.360yield.com/match/ Frame E198
0
0

pixel
cm.g.doubleclick.net/ Frame E198
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEKSbA0yu-ytzHRcWB0FniOc&google_cver=1&google_push=ATf1kGOGHFpbrLi2bVkYyXkEEM8q2EIhlOFm5mLr9zvhHvpMO6Rzb8YcalzqeJjhxwgn-Qd2JiCfGvJLpgs0C2LY0Hc-WiA9ZA
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI3NTgyNjg4NDI2NDY3MjAwMFYxMA%3d%3d&mn_hm=MzI3NTgyNjg4NDI2NDY3MjAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGOGHFpbrLi2bVkYyXkEEM8q2EI...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI3NTgyNjg4NDI2NDY3MjAwMFYxMA%3d%3d&mn_hm=MzI3NTgyNjg4NDI2NDY3MjAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGOGHFpbrLi2bVkYyXkEEM8q2EIhlOFm5mLr9zvhHvpMO6Rzb8YcalzqeJjhxwgn-Qd2JiCfGvJLpgs0C2LY0Hc-WiA9ZA&gdpr=&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:28 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI3NTgyNjg4NDI2NDY3MjAwMFYxMA%3d%3d&mn_hm=MzI3NTgyNjg4NDI2NDY3MjAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGOGHFpbrLi2bVkYyXkEEM8q2EIhlOFm5mLr9zvhHvpMO6Rzb8YcalzqeJjhxwgn-Qd2JiCfGvJLpgs0C2LY0Hc-WiA9ZA&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sat, 20 May 2023 11:11:28 GMT
pixel
cm.g.doubleclick.net/ Frame E198
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBjgVoGBlqLtE3wXaU2K_Kc&google_cver=1&google_push=ATf1kGN0TH2_iHgDZRc3W29AaUq5wOqpRftgjGygne1WF9Mqs_bV39VR8gr9p_MorVw3g61nW3_1Sf...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGN0TH2_iHgDZRc3W29AaUq5wOqpRftgjGygne1WF9Mqs_bV39VR8gr9p_MorVw3g61nW3_1SfwsNLGnujl99Fe997Ee2Ks&google_hm=ODQyODUwNDI...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGN0TH2_iHgDZRc3W29AaUq5wOqpRftgjGygne1WF9Mqs_bV39VR8gr9p_MorVw3g61nW3_1SfwsNLGnujl99Fe997Ee2Ks&google_hm=ODQyODUwNDI0MzcyNTc2MjUxNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGN0TH2_iHgDZRc3W29AaUq5wOqpRftgjGygne1WF9Mqs_bV39VR8gr9p_MorVw3g61nW3_1SfwsNLGnujl99Fe997Ee2Ks&google_hm=ODQyODUwNDI0MzcyNTc2MjUxNg%3D%3D
date
Sat, 20 May 2023 11:11:24 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E198
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESELrqTbwdyuWhJtYtZQnT2uQ&google_cver=1&google_push=ATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdEYkASHU2D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_Qi...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-307dRJXVz5Xmva1BMYXQwaExT1NY6nEHWRJ4gEQKvw&google_push=ATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdE...
  • https://cm.g.doubleclick.net/pixel?google_hm=DwPIdHtpW-WpOju7F2Rb&google_push=ATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdEYkASHU2D&google_nid=inmobi_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=DwPIdHtpW-WpOju7F2Rb&google_push=ATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdEYkASHU2D&google_nid=inmobi_new_eb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 May 2023 11:11:27 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=DwPIdHtpW-WpOju7F2Rb&google_push=ATf1kGPclHMtGzCy8cDTtRBPpGQMzZUZc8GjtUkw3V2G9_QifHF2f47jchOIoh91bsRkQycWmREVsJDlvbD5A93nxCdEYkASHU2D&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
225
x-xss-protection
0
report
sync.teads.tv/um/ Frame E198
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBVwdWhmtsMqqCcg8TyB0-Y&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTg1ODgxMzgtN2JmNi00YTRjLWJlNTYtNGIxYjRkMjA2MTli&google_push=ATf1kGNJB2eqUNUfY7DDzpOK4GWJeJjCa8B6lKlJ7E5vrgIomyRG65DtuRFMclj9SIOcU...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 20 May 2023 11:11:29 GMT
pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E198
0
50 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JIR86Uz6uJsacD8yxHWWg3yb132rLSc0rUqnDd8UmG7JlAROAja5C5KR1AKbZHZrRfzck_Pv4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8EE8
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
100806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:11:19 GMT
expires
Sat, 18 May 2024 07:11:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
pagead2.googlesyndication.com/bg/ Frame 8EE8
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
15993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 May 2024 06:44:52 GMT
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 3B1C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LHVW306E-12-9PM4
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW306E-12-9PM4&gdpr=0&us_privacy=1---
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW306E-12-9PM4&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68770

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LHVW306E-12-9PM4&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3B1C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=&expires=30
42 B
723 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame 3B1C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHVW306E-12-9PM4&gdpr=0&us_privacy=1---
0
515 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHVW306E-12-9PM4&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E189A482BBD8406BBD235B780DEEC56E Ref B: VIEEDGE4308 Ref C: 2023-05-20T11:11:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8Hhk3cqA5DFGu9UwKgg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHVW306E-12-9PM4&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3B1C
0
0

tap.php
pixel.rubiconproject.com/ Frame 3B1C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/41xqNzZv5JQoOBorGpyGisn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Eh4uUoBE2oLMBNQMNCSotS6MGYI6jaJ.0ZPVaQ--~A
42 B
723 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Eh4uUoBE2oLMBNQMNCSotS6MGYI6jaJ.0ZPVaQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 20 May 2023 11:11:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Eh4uUoBE2oLMBNQMNCSotS6MGYI6jaJ.0ZPVaQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3B1C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4MmE1ZmU0YTQxYzk2MDEyMDdlYjFjYjczMzViYTc3ZWVmYzEzNQ&gdpr=0&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4MmE1ZmU0YTQxYzk2MDEyMDdlYjFjYjczMzViYTc3ZWVmYzEzNQ&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4MmE1ZmU0YTQxYzk2MDEyMDdlYjFjYjczMzViYTc3ZWVmYzEzNQ&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3B1C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhWVzMwNkUtMTItOVBNNA==&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESELsAz-28w4SUo2dKtFnJnKY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhWVzMwNkUtMTItOVBNNA==&google_push=&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhWVzMwNkUtMTItOVBNNA==&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhWVzMwNkUtMTItOVBNNA==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3B1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBwIDk6Xv6ZqsofMs_8zAhs&google_cver=1
42 B
723 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBwIDk6Xv6ZqsofMs_8zAhs&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBwIDk6Xv6ZqsofMs_8zAhs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3B1C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_uy3WFg9QcWbT76ns8GNoQ&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_uy3WFg9QcWbT76ns8GNoQ&gdpr=0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_uy3WFg9QcWbT76ns8GNoQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
49HG71M7A4VYT4K6BGF0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_uy3WFg9QcWbT76ns8GNoQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
container.html
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 075E
6 KB
3 KB
Document
General
Full URL
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:24 GMT
expires
Sun, 19 May 2024 11:11:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E0A3
6 KB
3 KB
Document
General
Full URL
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:24 GMT
expires
Sun, 19 May 2024 11:11:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6771
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305170101&jk=215892918174532&bg=!t7SltODNAAZ8_aWmXP07ADkAdvg8WnSrjNImXsDVbWMhEQ5Hf5hHMvLnt7I_8EDfQRXo3Tnc6zIoeSkkeK8LFm4Sbt8TkGzBip0CAAAAvlIAAAAHaAEHmQK_p5WQTVUlqJ11dCqx4XVvQl8gYrMX5q3HLRIQObo6qFYQehAICNaHqyfG_j1AyNn7s3TMI3aNZu38ZCGQgUfwUrr17EIRmkT8ifHA-GaYWbDOH_NGUC2UKBGuG8yy2nQFT38vKkgDhOGh4KVBI43EuMWmU2bu5Gw0umTAYX0fjOvh0mXu6wVmUJU_7eh0iTtNvwMyqmQV8DJxLZGrPhRskUjJY3dT1bNGzgAgCzv0k_4quZcQ24XEu8E10kwCaosA41-eT1BpJhK86tYpL9rNTq5CjKyoL1EpXNn20XcC-wRmlPdF5r-1dIAI_N0FzLN83pZqctafpyAix4Rxl8ChHZ7vlQaDWFU7C3UgsKwERdDtxMln0EiMszb3TKy4_FunejNLABPUAufzq3aBbXMXuW--RXoOqm60ZQEMBhpRecgtOr2cfmmtjM18wSIZr7sXLlYvzETLCun6e5QyfdFLoVsI2y7e1osi36W9OqyvtEtJM5Ukh9ArEabzzd8YxpqhD-US-VCHj6WugkV4iT-J7KYKZZtgcrHqP0koJtWA8ksGEbhhfxVxDiWGCNWRkvXKtIZJVOgquy5oXlvkKXL7Ki9LyGCmqF-d_vOdCkVM4rHOzxztmCrJUgSop4k5fck0M-v3xJhGPsRBGkJ57wSI7gReqW_zRWxYl3kOO_MZrqR9PtnQVVEc12Pri-9uQFVT_qAOtchYQR03ZP3owQn8tXkuOb5caKEQz2Azad5ld9oOIDh5fVxevUVYiVH0P7dM_9u1uMMBV7LrPphThpF6jo3H3SORfJqFWkuwjr62ovj6RkDC8ATZYlq73u2A1RrY8elIZa3EqMen5u2HW1wmUGE9CiUHWU4qq9rWZoEhkhfFapSVAuXhN5-8UXX76A6DlGip3P4jHsk_BMxr7BkCBIN7eujfHy-Fc8w16y0C0g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame DE23
135 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e4958cbc277e39f969f380fd8a688035268f1208f3ba0a1bf2bc7b59dd0e3b20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47290
x-xss-protection
0
server
cafe
etag
5281829118086960974
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C938
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=4115958849001680&bg=!z8ylzJjNAAZ8_aWmXP07ADkAdvg8WoyapMpbGX4v0xE2vF6uwvUluisrFlcJy1VpJAwMDKEUOD16_-du08f-zmDyVXP8B8TBMegCAAAArlIAAAACaAEHCgCoEkp2IeYspUmVF0dCGay9kZLGiOyDJJPr5PSbPqzRzsobSpsV0snUxBT8l4Ek_Ctay-nG8VIWuYjT1-dgHKkl-UHpDVNlJwglx4wH4ss2xi5ZIKLSSdRKl4zsO1X45QnygQ_RG--BW8uuK2z-WrwGZjhSrV-jJxOEYadOEfA0KToy6CCR9DOU8TFJWNPgtl5ahgo_Ep6UPOEGfjl2FKDqFzCkgSCWvkbBmQK-Avtalg1SqTN4tt21PXZ_8LYSFQCe0ve8AxBTb9tKcSH-KgFYAOvbOGdIzx5q0Naqhqw5iiIDls-i_yvtw2ivvOiF-fI2udq89Z94ZqTf74omQ1lr73wCZaRn7S-ofDo9Vizu1A5UssGy28ewmyqui7JIgenCJFEwwFMd5WewQXCUAj1NJDklXBQL8lLtAIii4zGJm2Bamv47DmAkfK2AW-O5VdNY1oPg7PIylEJXVXznskMTfxr2TS9CKYe71Qrk_HyMD6wNXiHHDTCI_mSGy1uX1QQeBL69uTl0KAMLPEX47Sf0avHWu7polpxiKkE530gf4HlQCgpeNBvm9qanH82uJG8ufJR4Cz3NvlFzyTPl5iB6PHlr4coYqHkEybbTkCl_bjhoNxunXGTF6iAK4PtbBiyWIpNq6UKJqYpjdtzsFmLG8Xb3P-seq-3bATvy_UFW5hx0faJXYJv_jWj1wgn08bI0ArwwzHq3JhZvxextpGxtaUubmIb4KZfY5L5ihzgwS7hDmcgJv_EkYYDxFjVcqdzfNCv_NOtvrVeHAhxu6KmlGwzfIJt0yNNUyzEb3LumtsAhPk1PGhE5sH0JmaIKRW-i3ERPCYQYZ8RDhUjspNeDjmX1eQd68C7gNyNaRBh6VWJvmZloKaquVxuRI2H_-_uel5_X8uWaHaCLy4-W7w9ST0YZb4UnsD84XMIz0CFKdZmN1LUdh2RGZ9SiQNnhy24UCeTMvtb36hJbHyEomzrqDv97_p7YvMKp4IUh9kRcTxz4pK-1vwnu-ssEvZScokWdl2Y99HWflLqvSmq1tWj9GxQiGqFQTBjNQSZqQ51atycFweaOY8h9FnObdWmO5t9mqIQPEpnux2OL3JBYP1FFJH0ViDFvrjn1saL_jKoqR8Ou6f3KXCtCQjFlHC8TNf1LmH0qM0xwVrQr
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
1 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684581085414&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1518&pt=-2079442447&tz=0&viewable=true&ddast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!nrlc_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
161a208b4f3f782a738c5944429c45740492da21bddaa04c5b264d0a7602266d

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 20 May 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1437
x-cache
MISS
x-served-by
cache-sof1510027-SOF
pragma
no-cache
server
nginx
x-timer
S1684581085.463869,VS0,VE62
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
300x250.html
s0.2mdn.net/sadbundle/13850589910671504582/ Frame 0BEA
10 KB
3 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/13850589910671504582/300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
9696b636e904e9c69e51a3be3abbf6ce3f7b1b5417431efa74b4988e60d53b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
81696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3528
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 12:29:49 GMT
expires
Sat, 18 May 2024 12:29:49 GMT
last-modified
Mon, 08 May 2023 07:33:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D186
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdT-X-WIESTNMVS6tCNRsoQXCJuZxGfseIp6OPXbx_crbtNMFbvSLE-P6nIWSzYlw6Ze1gYsOVAoaDsgXxHpEzS1dk-3Q5iobm7h3SMEPD7ARj2dqDQ91TZaG7qrxL8b7DFSuxrSEywjZAJn-Ph9Oy7L7eShl_5qh_9sSbS0Z7lv67O2VA6qP3td4q3fgqOuu1gG3fEoBzusBG28lGIoLASVBpu1BhpafZq9i41HCKPkY2sHaa6OF0PTkcvKTLLB4hBzyfAUMNgJez3wgIl8dgRp-bMiQn8OXn1APQrUsgRMGcEV35P6YLMpo6YeZzxhkrOVsLTUtakgjowm6J9dWMNatF1bZJOR9ilQV0_0FKkv7xrBD6-5aIim-sBQ0CABAyOmejlMd7-RMqZyo0AEbLHqHQGCO5ZxxUaAsG1XCGycfXl8AWde5CdyVv-NP10zO93b-hdYgqduRzR8LBv0gx-LK03f5z2ojBaBltpCE7a3tUuOTlPor7A7dl4VRLF8-tJXpEMjrYXbHLjaY3UkjQs7x2Anx3U8jfAgwS7XmGCT0LFYsAazjiBoyqCKSXyjM8d04sZSEd6OFwBxlgceTtX_I_WHWS7T9j3AZ28dkBWo4ep7sDc2bv2HsI4cZKr8muhaZs17QFLhJ4h8rLaYFG_yqfxZr7-WhYwzGsbD28a6OD5rt3pEN38N2A5BCGyBmfvrgKOG51ZYM0tYjb5KSEECRge0x-RpgGISX5kr25oPhUCq8nStnJ1dZOLnQiWv-HXTBjYEIPpwPsGLRWDbVwLS0piQeEIyJ-kekaXrSpTJjerGWfkTxX_J2AES7PtkvXJ0Dq6oPZEbsQh7tz38uprUU2IwOoPuZIByZE7PnvIaxSYm3xrfooPQ0GMiHA3cl1fB8umkIJrzla1mLsCLtcqfLRyej_mrXg0d86rgr46ueBLNcTXT_wLCPHWcFyH2vSpAcEtUVRRyPGrSK6GoUlOC0_CvFKqnLdVh3bK29sNt8fKHw8uLtUoiygeyR9Kd6A9ocheoFH23BrhpsUi9EyyiLOSNkBntwrunDAU2maSH3-Tu3qg-FIaofxmKa08spHrAIj_8diIB-K9zOUFz97ygIDeLDoek7Al4obIczF7Id7qWpxUhcPxLkCxAjau4lJMyKaLYx3BCSKgVYz5z9HgI_tCBQhNVI3&sai=AMfl-YQdCrAeKX5-AmEe8BRehtfiaPmJx1AiRNafZZsJCgvtLivtsuyF1izLa6NLWCGbGaL2zlKxCdmHZs0T5CtkcVpeDmtKHfmx6myEoM4aeFOWtD7bFE7r1opA43uYrLyW3SmRAuWN2EAmqLSSu_hJCe4jOS3uduyZj7NUQfWgbKg2X6JgqRXgz0o2KRsa5O2UZJxq0-Ao_eit&sig=Cg0ArKJSzPoNCGe3HSemEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=790&cbvp=1&cstd=786&cisv=r20230517.79893&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 20 May 2023 11:11:26 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 075E
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
1992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Jun 2023 10:38:13 GMT
css
fonts.googleapis.com/ Frame 075E
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 May 2023 09:34:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 May 2023 11:11:28 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 075E
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
sffe /
Resource Hash
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 May 2023 12:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 12:23:06 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 075E
371 KB
127 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
sffe /
Resource Hash
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 May 2023 12:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130330
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 12:23:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 075E
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Jun 2023 10:38:12 GMT
l
www.google.com/ads/measurement/ Frame 075E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSx_zU5e3uWK2xJEoO1pAd4wTzVZw_sbW8fmmOJorsxY0HauntzM4vzznqsu1wiUnMjKftPa23n1bBoCAdG1MzMjJXJGw
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame E9CF
640 B
262 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf37gIQlK-3zwMYme7o0wEwAQ&v=APEucNWQ9JEmPMOB5SDrTGjM1LfS_cWFjDNsKnn80FnWXdoLgGOchh3WIzQWo0x_luRiHKuW_dVHjwNkpuBEokIni5Y0ViGKzA
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame E0A3
22 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 17:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
64696
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 17:13:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame E0A3
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 17:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
64696
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3047
x-xss-protection
0
server
cafe
etag
5552017188384030315
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 17:13:09 GMT
view
ad.doubleclick.net/pcs/ Frame E0A3
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuHvaURo2DVT--YHVZjmOYwkV6bzk7Bt5P7hCg2XM2oy6LDXeEiKZO44d7OkYTklZfBTCDUANM6Z7HR2p0-nrFZra_rfDGhg9uQ8k_RpnTW2eRgKOuCIOO8RQLbxHaPQWplsvL51G_L9ZNk25xu6oPovXnG8vQ7oNqzLAWvGRaMC-yszyzThwKRa1VO29RM_U69tlnQkU26hU8Ki2hfXmmLANb4RqVUFGvjf-tgK_YELORz55sYNzJMjjIJQmhWm_l9P0c2eEI_LRVGx4B9kvw2j1JGQCQce0v0_iGLJXZJImyvXDM4qsKPfnhz1pJli4ZZ85UJtyX2NPLGw6j90aSjin5woUf9v0dxvyAJdUu2w65YL7d_4zP4WMLNh0dEzoLdfyJvT8Bl3QJGFAXe-8VTmB85QUI6lLmI-FkoozSmP-bZjZUD6v2YTgINwI-NlDZtirUs7PWdKKQ2C6PIxjbbVYCY3CqrMzK3bc5mybp9dEJl9MZGegztX9p5y7c_VickH-RFt0Lmy8Q03_6718vLvN2KXrh9x6pAgYVrbkQb7LZY1DPgmKaDD01CcLD6Z0z1FK55U0RmhyLTNOZcY-8VIYa7N9Q2lkgECxXJxWwM16T_qWTc_C6cEUT_lEMd2eGBijisMarwrlxW5odCHf2ca498wxX_YnoQvApvBoGi-i9WPC8x940ANwXMGTIrtO3RSy5gnByA0VPyQdYzhdSW1ohaTdRhe8NwHlsp8vOSQ1Hw3w-5w2V6lzF2WKc17yzmV1GEmygvt-L0jKGGjwK00bODwuCI6A-fvQn4BiHqkFv1EZlpP4R4WUazZG-TgxZ3pN1vOF7xZUi14vf1ct8VSbEajvuRmBTCvbmKSmBBIrm40Du0TBn-S-_m3xF5aUH8OtPKeD0oX2I_xHdHiw3vtSbmuWHWN3nSYZOf0XQHWDclUJ2OdTBfI1OBZ58vGOBYdrTFNNKlIM0K8MK3huEqWQEYqFtR4FFYd88pwc-yQsqSj41QXTta_cbCJoDsvhqTG5yKp86VVmNZAEcLp0wUThvUT_mMxEHuQjWKUDA_wAnHcRbQMfyIXg0i-8HAkqmf8e-1-1oEUHqMiQXdd8ON8ysnUtH9AYp18G7Ne7au56kGeBkVr2a5nJo8B9spM4Te4TfejkZgqvFNOboKQFPh_1X9qS7jYhoxibFfHgB1dMWHFbzR-FRodpeAPlmybEr9LpfKaBZUD0g8kbFYM2Jc_-_zDoAlLc8oh1dmm-9zIJihCNLXpjIqQ_D6nQ_QvP898Ory07rfOdpV3rW0CJXuqTVWhrSpIZO7yHTeKiahwr6WqZ1g&sai=AMfl-YQ-RG5LM-PBE1CuI9TLb1ggJBDj88x6VbtX3sKKdAhO7WdcV7hkoJB0_cqIKFZd4bj1dOCeI5VLdqJGYU1h6Y7qzFy28Zayzgg0X0WyKFJcY49Bsbz0qb-Ot33Z9pRvVrM9b3OYY3paa-svLTkXI1hFMC5fSLif2CKyN0An51r3mUOMdURTwa6paC19lKsi35hYpJZne_25bEuCXUme2ekjuVW5HDT5d6EsqwJo88-FnbXIQAQ77XOKBQcCTY6EIXupAlaYb-NBYplAgJSHz-NMWYDUkrDNNtGSw3NxWNQqfAsJcuGMvton3w3euSxBfm3gyl5FuYM9VSl_HtVymGDkpKYGRqkiX6-tgfE-zcQvHYAZfgg1Z3NQ_pQpCqi87-4FQVCxJC4bLIoslioHRqUO_9M&sig=Cg0ArKJSzIrofs18f5JnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92YS5nb3Y&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230517.02582&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 20 May 2023 11:11:25 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E0A3
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:39:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0A3
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIoSZrEW1-zr8kRfD6vfc3xjdhTGFxMiS4mz57oqXUI9si2kIFkJZz2l-QW-XjeStDnyJGLtHDmzGy2SwviVzeVPud9AaMet2IKculaYCshWGB1F4
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame E0A3
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3965
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Jun 2023 10:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame E0A3
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Jun 2023 10:38:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E0A3
170 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:26 GMT
1168223767702533335
s0.2mdn.net/simgad/ Frame E0A3
32 KB
32 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/1168223767702533335
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
b068650efadf5a6b0251aee8bf9b4f8507a1910e135fcc4104c1f7ad1112c5ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 05:29:51 GMT
x-content-type-options
nosniff
age
20494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32379
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 20:48:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 05:29:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EE8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIJYy3KpoZJS9G5mv3wOiiqO4BQAAAAA4AeAEAg&bg=!KSqlKn7NAAZ8_aWmXP07ADkAdvg8WgLERJ23UEz2bRPA6FTEpHdAkLV02krwRHDpBD3pnKZYxbtbMIUiyuHQ8SvPj-0u5YsjQ54CAAAAwFIAAAACaAEHmQML9hLtS8ehaLvXskKSuGl0hFgiBchb7IyJo-2zm5lNcPLJkAcRS7F3A5n9NvagOD8lBdENUM2_Euzb6dukMCRkykHMnxp27NoKnJlT7UPd2UgIz5razZ2GD43bNUHRGCIbnTONkAzRMs8Q0ngucqUT8ql3AUNX7zaJ5aiQ6I95h2GAb6A5PrRxVoFQDCVeraSw9gE2tsHBrsvqLHoIsw-CiQXpeztGkneCvH-UdzTPpOx2boXwKwk3CG13e5Bh2IeMBjekWvw-P5kJH7f4tJ221mMa0LA2QudqkVZYJxxtYsbYz8WdrzU_Rg40_hu_5kBjGOptBJasB57klCwgSedAgvkpl0iZeCuQP39AHb_QL7CvFohKOnw-rxb93odhEEIg2x7fxSutRqISHlkLklMTHBQjr-rFHs_fbSV3LXczBQA9nkq8-XICuDv_nsEzuNG4divKsBRnU-8Swp7YrpbQKZf1xGnmo2YCtF81h2rwo0T4BudBQjxFSEKv22q0ZE_8qu6Vpgc82YJccBrf9LrlD9Z2ft8-E_Z7H1tnCeCkk2FaXHg2O05yyfAEPratORwnjkkwduPVdV3SMtRkKrbuCijsescT9cBoA-5C_htHZEjGbua-iA9toyT_s4cQKnilXA8AOTIVT5zhnCgwrQzDJ_JvSuxHvjr3Ocj4TvgH-DTrVySJLrDDDkTapjx5kkjCZEJgfqnGwnbr38h-ggfu7ikJuZ2OEO5LpXRp-3Vj9n3pOhaQVq2vwP3Rojmy4aQrnQ3Cjt86mFaGXGQ-xQSRtPKol0Tc1uCOlwx2m4SeO_lDXNTz_K-wGY5p6J6YoxqQR9X_MAiWY2pWmF6WH9DQz65AXmBAFj_-bxrnZiigb2pfazK1FQm3SGWf3Aj7EJehJT7Q9hnHa2zrMRKxBzKtZVX0EAULtxkA36ikReb85wxG17Oq6NyGrBBNyxm6kMAcb8sLCE6xZLTyadd1AC7jMLVrsW9RwyP1CeSxdaqirimXzQaJOJHXaRTUl4HB5-V7GlNc8fsVvkByd-4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame DE23
355 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
87007460f5c697c268a3f71c3c5a319b4aed585b75cbfd764c34c78f6d3ce921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122662
x-xss-protection
0
server
cafe
etag
4065990409721185552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 May 2023 11:11:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame E883
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
70454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 15:37:11 GMT
etag
15057649708203361565
expires
Fri, 02 Jun 2023 15:37:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5694
1 KB
646 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:04:13 GMT
etag
48472445140208031
expires
Sun, 21 May 2023 11:04:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame E9CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1yFG86cMrTY3xVP1M3HGQ&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1yFG86cMrTY3xVP1M3HGQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf37gIQlK-3zwMYme7o0wEwAQ&v=APEucNWQ9JEmPMOB5SDrTGjM1LfS_cWFjDNsKnn80FnWXdoLgGOchh3WIzQWo0x_luRiHKuW_dVHjwNkpuBEokIni5Y0ViGKzA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1yFG86cMrTY3xVP1M3HGQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9CF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlkNWNhM2UtMDRlMy0yMTM2LWQ1MGMtNTNjZmEyNTA3MjMx
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlkNWNhM2UtMDRlMy0yMTM2LWQ1MGMtNTNjZmEyNTA3MjMx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf37gIQlK-3zwMYme7o0wEwAQ&v=APEucNWQ9JEmPMOB5SDrTGjM1LfS_cWFjDNsKnn80FnWXdoLgGOchh3WIzQWo0x_luRiHKuW_dVHjwNkpuBEokIni5Y0ViGKzA
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 May 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlkNWNhM2UtMDRlMy0yMTM2LWQ1MGMtNTNjZmEyNTA3MjMx
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame E9CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOyI1ZfWv0rhKxNS1Rjx3H0&google_cver=1
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOyI1ZfWv0rhKxNS1Rjx3H0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf37gIQlK-3zwMYme7o0wEwAQ&v=APEucNWQ9JEmPMOB5SDrTGjM1LfS_cWFjDNsKnn80FnWXdoLgGOchh3WIzQWo0x_luRiHKuW_dVHjwNkpuBEokIni5Y0ViGKzA
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 20 May 2023 11:11:29 GMT
pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOyI1ZfWv0rhKxNS1Rjx3H0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9CF
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YTg1ODgxMzgtN2JmNi00YTRjLWJlNTYtNGIxYjRkMjA2MTli
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YTg1ODgxMzgtN2JmNi00YTRjLWJlNTYtNGIxYjRkMjA2MTli
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf37gIQlK-3zwMYme7o0wEwAQ&v=APEucNWQ9JEmPMOB5SDrTGjM1LfS_cWFjDNsKnn80FnWXdoLgGOchh3WIzQWo0x_luRiHKuW_dVHjwNkpuBEokIni5Y0ViGKzA
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YTg1ODgxMzgtN2JmNi00YTRjLWJlNTYtNGIxYjRkMjA2MTli
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 20 May 2023 11:11:29 GMT
truncated
/ Frame E0A3
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bfd065cc42038eba4a51521380c7cdd5d89ed13b8f8ee3b22baa32f2d468326

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C89F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
100806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:11:19 GMT
expires
Sat, 18 May 2024 07:11:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 5694
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBO8xHOolEWOW38jksfw6nM&google_cver=1&google_push=ATf1kGO2O0Tc7hu44lqCO51sO1W2sAedZQ0qlPc0CG5vyiUDuX7lk14UuSgOp6GbNze-LwYaIV0KonRq9c4_wpMD...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO2O0Tc7hu44lqCO51sO1W2sAedZQ0qlPc0CG5vyiUDuX7lk14UuSgOp6GbNze-LwYaIV0KonRq9c4_wpMDjq-oNR9oC7ce
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO2O0Tc7hu44lqCO51sO1W2sAedZQ0qlPc0CG5vyiUDuX7lk14UuSgOp6GbNze-LwYaIV0KonRq9c4_wpMDjq-oNR9oC7ce
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 20 May 2023 11:11:26 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x8 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO2O0Tc7hu44lqCO51sO1W2sAedZQ0qlPc0CG5vyiUDuX7lk14UuSgOp6GbNze-LwYaIV0KonRq9c4_wpMDjq-oNR9oC7ce
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 May 2023 11:11:25 GMT
pixel
cm.g.doubleclick.net/ Frame 5694
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPknlx_SzKqH6tQO_Q_lyf0&google_cver=1&google_push=ATf1kGM5CRA3cyMUY8KvanJdgB-iLB7uYKKrEBRAHHYE_fq1GH5nK61sR7LqwrV7P-5jVOmE57UILETuVfzj8a1jtJPf1KT...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGM5CRA3cyMUY8KvanJdgB-iLB7uYKKrEBRAHHYE_fq1GH5nK61sR7LqwrV7P-5jVOmE57UILETuVfzj8a1jtJPf1KTx6WM-&google_hm=eS0yeFlRRTJWRTJwRTEuMU...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGM5CRA3cyMUY8KvanJdgB-iLB7uYKKrEBRAHHYE_fq1GH5nK61sR7LqwrV7P-5jVOmE57UILETuVfzj8a1jtJPf1KTx6WM-&google_hm=eS0yeFlRRTJWRTJwRTEuMUg3ZUM0WHhMaGdWRGZ1Y2pJR35B
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 May 2023 11:11:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGM5CRA3cyMUY8KvanJdgB-iLB7uYKKrEBRAHHYE_fq1GH5nK61sR7LqwrV7P-5jVOmE57UILETuVfzj8a1jtJPf1KTx6WM-&google_hm=eS0yeFlRRTJWRTJwRTEuMUg3ZUM0WHhMaGdWRGZ1Y2pJR35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5694
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHCn787ufZcnXBqo2LEcK6U&google_cver=1&google_push=ATf1kGNToT5BN7fxgOdBnudZ_Cj6tqqMVR1TOuPKg_4fnJIvF0ozvH_GFSIZ8nz_DYR80ISpTgiNmw0_...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHCn787ufZcnXBqo2LEcK6U&google_cver=1&google_push=ATf1kGNToT5BN7fxgOdBnudZ_Cj6tqqMVR1TOuPKg_4fnJIvF0ozvH_GFSIZ8nz_DYR80ISpTgi...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjM3Nzg1NTkwMzYyMzYwNzYyMA&google_push=ATf1kGNToT5BN7fxgOdBnudZ_Cj6tqqMVR1TOuPKg_4fnJIvF0ozvH_GFSIZ8nz_DYR80ISpTgiNmw...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjM3Nzg1NTkwMzYyMzYwNzYyMA&google_push=ATf1kGNToT5BN7fxgOdBnudZ_Cj6tqqMVR1TOuPKg_4fnJIvF0ozvH_GFSIZ8nz_DYR80ISpTgiNmw0_Uy47_60eBR6Fms7WRywq
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjM3Nzg1NTkwMzYyMzYwNzYyMA&google_push=ATf1kGNToT5BN7fxgOdBnudZ_Cj6tqqMVR1TOuPKg_4fnJIvF0ozvH_GFSIZ8nz_DYR80ISpTgiNmw0_Uy47_60eBR6Fms7WRywq
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5694
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHJrvOfYO6oe8yJAvrhokiE&google_cver=1&google_push=ATf1kGOJZoyI-bx8Bmsqncja48u29BpPPQz4V6NMrFwu4cF8y7t6JC59_iV5CP5pivkNtJFCKEgTMRemI11igNH...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOJZoyI-bx8Bmsqncja48u29BpPPQz4V6NMrFwu4cF8y7t6JC59_iV5CP5pivkNtJFCKEgTMRemI11igN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOJZoyI-bx8Bmsqncja48u29BpPPQz4V6NMrFwu4cF8y7t6JC59_iV5CP5pivkNtJFCKEgTMRemI11igNH3i32g9jHd3Z4
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOJZoyI-bx8Bmsqncja48u29BpPPQz4V6NMrFwu4cF8y7t6JC59_iV5CP5pivkNtJFCKEgTMRemI11igNH3i32g9jHd3Z4
Date
Sat, 20 May 2023 11:11:27 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
google
sync-dmp.aura-dsp.com/match/ Frame 5694
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 5694
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGECC4OvjGDsEFKwEklsWpmnQx4HuuU_4sVkHIbyil02Kc7YqV-AJ5GEOt
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0BEA
186 KB
48 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13850589910671504582/300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13850589910671504582/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 11:11:25 GMT
300x250.js
s0.2mdn.net/sadbundle/13850589910671504582/ Frame 0BEA
55 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/13850589910671504582/300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13850589910671504582/300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
a04b6f99dfd08d94e05473f2d4a3e32aaac9e16f601a7370cee53800ac026647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13850589910671504582/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 08:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95543
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10290
x-xss-protection
0
last-modified
Mon, 08 May 2023 07:33:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 May 2024 08:39:02 GMT
gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
pagead2.googlesyndication.com/bg/ Frame C89F
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
15993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 May 2024 06:44:52 GMT
view
ad.doubleclick.net/pcs/ Frame E0A3
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuHvaURo2DVT--YHVZjmOYwkV6bzk7Bt5P7hCg2XM2oy6LDXeEiKZO44d7OkYTklZfBTCDUANM6Z7HR2p0-nrFZra_rfDGhg9uQ8k_RpnTW2eRgKOuCIOO8RQLbxHaPQWplsvL51G_L9ZNk25xu6oPovXnG8vQ7oNqzLAWvGRaMC-yszyzThwKRa1VO29RM_U69tlnQkU26hU8Ki2hfXmmLANb4RqVUFGvjf-tgK_YELORz55sYNzJMjjIJQmhWm_l9P0c2eEI_LRVGx4B9kvw2j1JGQCQce0v0_iGLJXZJImyvXDM4qsKPfnhz1pJli4ZZ85UJtyX2NPLGw6j90aSjin5woUf9v0dxvyAJdUu2w65YL7d_4zP4WMLNh0dEzoLdfyJvT8Bl3QJGFAXe-8VTmB85QUI6lLmI-FkoozSmP-bZjZUD6v2YTgINwI-NlDZtirUs7PWdKKQ2C6PIxjbbVYCY3CqrMzK3bc5mybp9dEJl9MZGegztX9p5y7c_VickH-RFt0Lmy8Q03_6718vLvN2KXrh9x6pAgYVrbkQb7LZY1DPgmKaDD01CcLD6Z0z1FK55U0RmhyLTNOZcY-8VIYa7N9Q2lkgECxXJxWwM16T_qWTc_C6cEUT_lEMd2eGBijisMarwrlxW5odCHf2ca498wxX_YnoQvApvBoGi-i9WPC8x940ANwXMGTIrtO3RSy5gnByA0VPyQdYzhdSW1ohaTdRhe8NwHlsp8vOSQ1Hw3w-5w2V6lzF2WKc17yzmV1GEmygvt-L0jKGGjwK00bODwuCI6A-fvQn4BiHqkFv1EZlpP4R4WUazZG-TgxZ3pN1vOF7xZUi14vf1ct8VSbEajvuRmBTCvbmKSmBBIrm40Du0TBn-S-_m3xF5aUH8OtPKeD0oX2I_xHdHiw3vtSbmuWHWN3nSYZOf0XQHWDclUJ2OdTBfI1OBZ58vGOBYdrTFNNKlIM0K8MK3huEqWQEYqFtR4FFYd88pwc-yQsqSj41QXTta_cbCJoDsvhqTG5yKp86VVmNZAEcLp0wUThvUT_mMxEHuQjWKUDA_wAnHcRbQMfyIXg0i-8HAkqmf8e-1-1oEUHqMiQXdd8ON8ysnUtH9AYp18G7Ne7au56kGeBkVr2a5nJo8B9spM4Te4TfejkZgqvFNOboKQFPh_1X9qS7jYhoxibFfHgB1dMWHFbzR-FRodpeAPlmybEr9LpfKaBZUD0g8kbFYM2Jc_-_zDoAlLc8oh1dmm-9zIJihCNLXpjIqQ_D6nQ_QvP898Ory07rfOdpV3rW0CJXuqTVWhrSpIZO7yHTeKiahwr6WqZ1g&sai=AMfl-YQ-RG5LM-PBE1CuI9TLb1ggJBDj88x6VbtX3sKKdAhO7WdcV7hkoJB0_cqIKFZd4bj1dOCeI5VLdqJGYU1h6Y7qzFy28Zayzgg0X0WyKFJcY49Bsbz0qb-Ot33Z9pRvVrM9b3OYY3paa-svLTkXI1hFMC5fSLif2CKyN0An51r3mUOMdURTwa6paC19lKsi35hYpJZne_25bEuCXUme2ekjuVW5HDT5d6EsqwJo88-FnbXIQAQ77XOKBQcCTY6EIXupAlaYb-NBYplAgJSHz-NMWYDUkrDNNtGSw3NxWNQqfAsJcuGMvton3w3euSxBfm3gyl5FuYM9VSl_HtVymGDkpKYGRqkiX6-tgfE-zcQvHYAZfgg1Z3NQ_pQpCqi87-4FQVCxJC4bLIoslioHRqUO_9M&sig=Cg0ArKJSzIrofs18f5JnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92YS5nb3Y&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=418&vt=11&dtpt=416&dett=2&cstd=0&cisv=r20230517.02582&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 20 May 2023 11:11:26 GMT
integrator.js
adservice.google.ge/adsid/ Frame DE23
107 B
122 B
Script
General
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DE23
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5CBA
603 B
66 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=2152568021&adf=552093736&pi=t.ma~as.9099904862&w=300&lmt=1684581086&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230307%2FnyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581085650&bpp=4&bdt=253&idt=359&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&correlator=7039889998614&frm=8&ife=1&pv=2&ga_vid=1448893137.1684581086&ga_sid=1684581086&ga_hid=1695692975&ga_fc=0&nhd=3&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1851353548&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788441%2C44789779&oid=2&pvsid=862713920363506&tmod=1924007829&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lhkrro460jfl&fsb=1&dtd=383
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame DE23
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
21adbd9855d01161edc3c526b05b54c5d2658a01777ff5abdc8746c8fc723ed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11323
x-xss-protection
0
300x250_atlas_.png
s0.2mdn.net/sadbundle/13850589910671504582/images/ Frame 0BEA
431 KB
431 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/13850589910671504582/images/300x250_atlas_.png?1683423176510
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684581083&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581082758&bpp=13&bdt=1551&idt=436&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&correlator=7894272218445&frm=23&ife=1&pv=2&ga_vid=392982189.1684581083&ga_sid=1684581083&ga_hid=503631598&ga_fc=0&ga_cid=amp-7irXEYm67G2Xodj-e5Y5Jw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2702325796&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071756%2C31074199%2C31074469%2C44785294%2C44788441%2C44792088&oid=2&pvsid=472193419962629&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ags8zcf7luk&fsb=1&dtd=454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
2f7543fd54b7cab9379b4a6ef40d5d59af2e868934b8f6de0d2b1adea98f692e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13850589910671504582/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 May 2023 13:23:43 GMT
x-content-type-options
nosniff
age
424063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
441663
x-xss-protection
0
last-modified
Mon, 08 May 2023 07:33:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 May 2024 13:23:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D186
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdT-X-WIESTNMVS6tCNRsoQXCJuZxGfseIp6OPXbx_crbtNMFbvSLE-P6nIWSzYlw6Ze1gYsOVAoaDsgXxHpEzS1dk-3Q5iobm7h3SMEPD7ARj2dqDQ91TZaG7qrxL8b7DFSuxrSEywjZAJn-Ph9Oy7L7eShl_5qh_9sSbS0Z7lv67O2VA6qP3td4q3fgqOuu1gG3fEoBzusBG28lGIoLASVBpu1BhpafZq9i41HCKPkY2sHaa6OF0PTkcvKTLLB4hBzyfAUMNgJez3wgIl8dgRp-bMiQn8OXn1APQrUsgRMGcEV35P6YLMpo6YeZzxhkrOVsLTUtakgjowm6J9dWMNatF1bZJOR9ilQV0_0FKkv7xrBD6-5aIim-sBQ0CABAyOmejlMd7-RMqZyo0AEbLHqHQGCO5ZxxUaAsG1XCGycfXl8AWde5CdyVv-NP10zO93b-hdYgqduRzR8LBv0gx-LK03f5z2ojBaBltpCE7a3tUuOTlPor7A7dl4VRLF8-tJXpEMjrYXbHLjaY3UkjQs7x2Anx3U8jfAgwS7XmGCT0LFYsAazjiBoyqCKSXyjM8d04sZSEd6OFwBxlgceTtX_I_WHWS7T9j3AZ28dkBWo4ep7sDc2bv2HsI4cZKr8muhaZs17QFLhJ4h8rLaYFG_yqfxZr7-WhYwzGsbD28a6OD5rt3pEN38N2A5BCGyBmfvrgKOG51ZYM0tYjb5KSEECRge0x-RpgGISX5kr25oPhUCq8nStnJ1dZOLnQiWv-HXTBjYEIPpwPsGLRWDbVwLS0piQeEIyJ-kekaXrSpTJjerGWfkTxX_J2AES7PtkvXJ0Dq6oPZEbsQh7tz38uprUU2IwOoPuZIByZE7PnvIaxSYm3xrfooPQ0GMiHA3cl1fB8umkIJrzla1mLsCLtcqfLRyej_mrXg0d86rgr46ueBLNcTXT_wLCPHWcFyH2vSpAcEtUVRRyPGrSK6GoUlOC0_CvFKqnLdVh3bK29sNt8fKHw8uLtUoiygeyR9Kd6A9ocheoFH23BrhpsUi9EyyiLOSNkBntwrunDAU2maSH3-Tu3qg-FIaofxmKa08spHrAIj_8diIB-K9zOUFz97ygIDeLDoek7Al4obIczF7Id7qWpxUhcPxLkCxAjau4lJMyKaLYx3BCSKgVYz5z9HgI_tCBQhNVI3&sai=AMfl-YQdCrAeKX5-AmEe8BRehtfiaPmJx1AiRNafZZsJCgvtLivtsuyF1izLa6NLWCGbGaL2zlKxCdmHZs0T5CtkcVpeDmtKHfmx6myEoM4aeFOWtD7bFE7r1opA43uYrLyW3SmRAuWN2EAmqLSSu_hJCe4jOS3uduyZj7NUQfWgbKg2X6JgqRXgz0o2KRsa5O2UZJxq0-Ao_eit&sig=Cg0ArKJSzPoNCGe3HSemEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1536&vt=11&dtpt=746&dett=3&cstd=786&cisv=r20230517.79893&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 20 May 2023 11:11:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C89F
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0ngP3KpoZLrsO9OqgAfi4p7YDAAAAAA4AeAEAg&bg=!mJulm8_NAAZ8_aWmXP07ADkAdvg8WuKsuwoSbMSVUty4l8XKSnGNjNfD3y5oLzfP-pJST-hgcOZV1XWsdSyvidPZw1wFNm1K38gCAAAAWFIAAAACaAEHmQLqZ053wL7nAeWqJW1DihjcbZVguV8IPp_wzv92u1qc4MR1pA3-ofXdTpW0Z171IkHFdtQG60wv1JGeUlADm1sCQ3zVMJ3Vo_wDjQNCCIcVuZZ0c4-YSLRaxRmrWp7nEW78LLxyAjQC7pp35R0W3WKAkpp6_mGfG5fYV7_1gyOExiJXM4D5HetVHkiYDZwJV9KpQL6ygj9uuSNMs-r9zEi6gW8sgXJ9s9cml9GccDVVXZZcSeYzrK6Zko6ZX8m3MNmonq7dxbQL-XRUHWHWTby95f5s3jyDN1I7K4c1_rhcjt-QKxlB-AKc2hIX_GmwpqP4yVFU8sZZn-DMh_R0YIhd6EIC373X9Ax1iN-0cMEO0pMitPFUL_NCGYx6EX3ImMDH0kTx41D2YBkdfaZm81vjFYeTv_6dESy82P9LAKO3C0BVSNMu9jr5Rvml9a7ZflClY1Znf0rXkpu3HvuC1yk0b3jJU8m6PmOiSoaO5-vWxaq1AWszJa_CmkwH26dIrVTDHo0z194dBIYGjABwdTvYjUdUtyIkJPFZr_3339rCxAKkUGgTbSABEjJcXQrHmEHoheOUdwclhOFd71x3jyFyF0fBLqaxSaIMNVJSJ0-0bAHws6WRqrOsuh4vr3aIxCw-rLCZkLFgmgZquFf-y6BM_l4FuYZijSrbpIffw0Cdr62T4yHra3Mu1XodahpZnFQvzZInNJ7iIR9ZNa-XnDKlZLx7Ut1IwJz-MglV5OGjOmvaitsU_bPW0AwRwz1J3DngFjvt7lkSfjCPINbbiM40NEjnSwMIDA50dPk7cZ3QmRxkTvIMJZ_gdDcotUF4Mt0uI93oD9LkiyZRcNo258RyNjb_nfeDSfp5_1IvCeMm65nBdPRBvm9omcbxce5GrLgcHMaVZs4lcErVKtdldpIM0syCq7M2YRw9Z_Vg_l5aGHsLyHyO5YdaLDmxVVYgB-O_iUCs53dugm29dAK8W4oBwyKNaDgn-GaeH5U
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DE23
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 May 2023 11:11:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B213
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
3965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 10:05:21 GMT
expires
Sun, 19 May 2024 10:05:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A478
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
d2f9d48bf5d1d34c1b8d7957ee6edf9916cd78f2929e9e052ba04610b6a54bea
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-drorsDgSQO5pIP5kiiObUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-drorsDgSQO5pIP5kiiObUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:26 GMT
expires
Sat, 20 May 2023 11:11:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame FD76
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3b2412c92ac56bdfe32a796d0cafa2f797d5bd0e80351b7e80d4aafbd09e0427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11311
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A478
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=862713920363506&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
pagead2.googlesyndication.com/bg/ Frame B213
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
15994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 May 2024 06:44:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FD76
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 May 2023 11:11:26 GMT
generate_204
tpc.googlesyndication.com/ Frame B213
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?k3noGg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C43
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
3965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 10:05:21 GMT
expires
Sun, 19 May 2024 10:05:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5AA3
1 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
/
Resource Hash
9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1103
content-type
text/html; charset=UTF-8
date
Sat, 20 May 2023 11:11:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E779
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ab4266600b823643b3d20790a09c7b6bc2924e1922bcc05dbdfbaa003fc31577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11196
x-xss-protection
0
gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
pagead2.googlesyndication.com/bg/ Frame 6C43
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
15995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 May 2024 06:44:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E779
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 May 2023 11:11:27 GMT
generate_204
tpc.googlesyndication.com/ Frame 6C43
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?SBDCNQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DE23
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=862713920363506&bg=!QEOlQxfNAAZ8_aWmXP07ADkAdvg8WppVYP4H9c3xbDiBu3yi16RzWBX9aAE5oKBNlNK-4sOYbwUuu0ARaFlWHUjvGnDLLO-Mz4MCAAAA21IAAAAGaAEHmQLhd3PXfsyeADAluNNaq0UIEZyFRPNYPsFd4iMMBibB1IH8Ho-pA_UDn9BKpVzeHpF3H5EuyhScHgmNiuWr8L9krLJRYgwyghgKa_53Ib0zEuuQEbOS2OGbToCDg7NDR27AtCXpQMgBTAbuDzMrtTzsv8-t9bDXibhYSW5rpNP2YMrBzJwy3uYk6HCIOpMxhaaz5Zi34FhzHzaKQU9aonrBEloP9IvQJe52YLE4528QLpJZismImT-bIAF4D6E9Ut7oFrd7sxruvBRVWmdvReqB9O37FK2SjWtaRmF3iu_gCw27aPjR8HuwuVgTLLU5ROl5KjUEDJKSJ85w1-ZvLZPvyxdNjeyAhj1mGtCJfSiN4gheYEZnb1_LU0rz0_AEHDYkDgnEJj1aRJlfqFgMKVE50aAPQNsWyyRY8wNNaftmxbnOAAcJDbpcHKLBqaCfs5rQUO7lOR3hIkdyD9j8NgJyPX2YZpazAOUC1kxqDUaFv7SvQE7U-GNVFg3knUDSds_DmW5eM8NAowG-SdGpR57zaUAoyOqa_ezbVd-jJ94DnEEN5muYJGxz8hmVu76souEuzUoppKamM8K8VlFL3CLgAYi80bjq9xWRYGRtf9UUHvJOJmQIf20aCLpOIsNGbNdb8-BpiioPCtvUqaE3dyu-hRQjI1YO69ldZ-oQiE1P2k5wY4S90aJG4cRQuUMGY0sTAci7y47qOm71slHpbXdGhZQlQQqVW-jxd1ivgj1zyOtzJc2yrGFzuqtJAJ1FHMWhOfQ8vlggn3Xl7motST7getP3bE-sxAUbHYCJNZn7DQadBAflXjyavcg_8qH51odk_nhOtjU7n9zg6cTpxAvzJRlyoxZy9MJFK-aSp1WbF9H_cXFqE8naryw_b3hxdjwmp7urHTOo5sY6YgGwwhT-C06-rkifbOXnVhyRh8KMeJsVveRvIENC5VqWGhAzS_OMczrlEnmyuvxeyW2Bg0OFJt8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F294
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
3966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 10:05:21 GMT
expires
Sun, 19 May 2024 10:05:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 95C7
1 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
/
Resource Hash
9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1103
content-type
text/html; charset=UTF-8
date
Sat, 20 May 2023 11:11:28 GMT
gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
pagead2.googlesyndication.com/bg/ Frame F294
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
15995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 May 2024 06:44:52 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 20 May 2023 11:11:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
296255
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
2 B
368 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
246453
expires
0
rid
match.adsrvr.org/track/
108 B
686 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
1af76e7274ffb7314859eb09744d6fa60e9d632993f525765e390d27bb5e49e5

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 19 Jun 2023 11:11:27 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame BC72
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 20 May 2023 11:11:28 GMT
ETag
"623de86a-cf34"
Expires
Sun, 21 May 2023 11:11:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E725
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 May 2023 11:11:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 264C
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-111.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
19383
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 20 May 2023 05:48:28 GMT
etag
W/"fd0102e5847015626666169917857ba8"
last-modified
Wed, 12 Apr 2023 16:16:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
x-amz-cf-id
QhQfnMlzQ6RHe0r4MG9UGAYyJ8muk65kh3qdaz63i9J31O0FcUankA==
x-amz-cf-pop
MUC50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5
9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256
8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 52D5
36 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a6df0e124cffd75e846fd150e18e0cad6c841301ae28d8b57d160a0da18ae41e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11911
content-type
text/html; charset=UTF-8
date
Sat, 20 May 2023 11:11:31 GMT
expires
Mon, 22 May 2023 11:11:31 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame C7CB
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
996
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ca423adb9cd1c1c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 20 May 2023 11:11:31 GMT
expires
Sat, 20 May 2023 15:11:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 8B15
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a9d6002ac9eea901ab77d388ba3c13ef637bf37f69f3c9218fe04ea937a038c5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Sat, 20 May 2023 11:11:27 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 3F6C
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1684581082264
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
5952c759130dba7a3d22c2740c2817388dee40c5f9b88b300ab8df1cb93be278
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1375
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame D73E
666 B
435 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
560de84bde703bd5194d58791b824cc66d9ecfa47addccbd82de7c2a38d603fb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
416
content-type
text/html
date
Sat, 20 May 2023 11:11:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
generate_204
tpc.googlesyndication.com/ Frame F294
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?TjCRfg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
onetag-sys.com/match/ Frame 3F6C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=1&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=1&uid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sat, 20 May 2023 11:11:28 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x31 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 May 2023 11:11:27 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3F6C
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 3F6C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7208176026121394406
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7208176026121394406
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sat, 20 May 2023 11:11:28 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4ccc12db-4ea8-4e0f-89ed-76ddf0ee3595
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7208176026121394406
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3F6C
42 B
723 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=AAcWygrwpwEbANwK-B4vLyz068jpsN1WEQ61qS1YBR4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3F6C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDjbe15V3vDCdQ01jKK4qhJZWb2hNWyvyA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDjbe15V3vDCdQ01jKK4qhJZWb2hNWyvyA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDjbe15V3vDCdQ01jKK4qhJZWb2hNWyvyA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 3F6C
0
44 B
Image
General
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 3F6C
0
0
Image
General
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ecm3
s.amazon-adsystem.com/ Frame 3F6C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eH6DToD106tEipBepHBuyLyR5KYFBvO7DM9qk_bQYIY
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eH6DToD106tEipBepHBuyLyR5KYFBvO7DM9qk_bQYIY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1E60Q9ZS72PNWSFW3MPD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eH6DToD106tEipBepHBuyLyR5KYFBvO7DM9qk_bQYIY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 3F6C
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:28 GMT
content-length
0
/
onetag-sys.com/match/ Frame 3F6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF6DzgNps4VkMragQLH-EUg&google_cver=1
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF6DzgNps4VkMragQLH-EUg&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF6DzgNps4VkMragQLH-EUg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 3F6C
0
38 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 3F6C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=29&uid=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 3F6C
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1684581082264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.152.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-152-195.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame E725
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c33a270d2d88185096c9bfd79150c6289194683ed931f6830546332cdf0b5cb0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:28 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 May 2023 06:51:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70799
Connection
keep-alive
Content-Length
10084
Expires
Sun, 21 May 2023 06:51:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FD76
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=746823519558503&bg=!HxylHEjNAAZ8_aWmXP07ADkAdvg8WsIBZwvA6HpYlVmpAFgu7DC0YzgHdv-ij-IrS5ICX4Fiun1tEEl2oCDXx4k3MHhUJq7wU88CAAAAdFIAAAACaAEHCgC-aWC-18Q2LUAv9ctsOqgHOie4LBvBIMPWW_OCSY-xnUg5BVjwduqgXEYQy4UphLO2nfU5cG-IZRnzy8gP7-X3H3OUqky7ut_oLbiZrYaRCm9fjm4kOQG3fhbi-KEZT5wYJIZWEdm7NACvAybKo81LLxZpKuw-dAhSSZqkeiFxTS8reqNt3zrYQKViV2Gi0cmd_KH5-LH-0qYrx2WBqIPkLKSP0kxhx2LUbBjICKM0tF4qxF8R_qFt6gYWaXgPaZkCqHHtL9pRf5ZDioaR-29kPnmrcdys74sdxbIyXP02qjNpgnlKubCyVouMQ0GA8AUWf2uB4DIiISVUDCUvEBmOamcK4iNuBy6jA49UEtKI01hcEcDqdzGmO9B5ecsbCRj-dB_blueB6TsxJW6qjkGuIFE7HfzHJU2ToE_l66x0yCu_PMxPs9bUBuNvGR9uucyrtqRhcg0jpGS2UElPmnY1aiiacVlziA6t_3htL45EPSVb_IEDsGD9OC0cw4drGOvtRdV9kI-YMvRODNJkg0yJTOVwhe61oKfBrnggf2r6vNAOlX2RD4Iiz4oYKblPfM-U5uGB9gFKCQFUWg6c1zjBn57B3qJw92nc9tFvfopZSV2BBCMPRf49_2xFJhcSk_cvqEEJkQmo0rz-frJaCTPyxUCSQMXsy_Sg93wEODC7qrWMBzt5BXA8HcP4DFnPwsYbn2nAWNfD6waVUU0o1OxoVNbhs5e_Odw48cd6rreJeWRxcPQeislsEteRImU7sVjJ4aw11Um_d_ZwXrhZYNMgpJSdbKVgvFv5nGjZYiRsktVWxMgnY_SB7sC0iwlsWDJ0UAENG9WIuUhn-TmRwjghEkqdObx8a-JOlZlViq3b8OskHg-N-uPYWP1Kb0B4Gt4sjqv_cX69L2-idRfTcD-EpKGjHG93g1O0i3GlEzW3Jdn2HC2Fo-H3xkHp9u4pC96lOiMIdZbmm7OFTi9I8M2HmjlXUgDfico-mLb9KFFx3jnRNfWl80Ko1prHMvkrAnW7zH5lyJ9VMvAubPE-cbH6HHw4i53qep1lByS6Vo3mQJqq_fw46bfAC3e7r6CwVnTvXiLjzgjYT0H8NBIdDJo96vvyxsL6dvAx0mrZpm6jpLKvNbfUe27rWzyJ6AQAvBTVgEDvvtlmnnAS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

xuid
eb2.3lift.com/ Frame 8B15
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7fc38604-7561-40d5-8fc3-88b242d19c34&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7fc38604-7561-40d5-8fc3-88b242d19c34&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 20 May 2023 11:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7fc38604-7561-40d5-8fc3-88b242d19c34&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 8B15
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4MjQ0MDQ5NjEyODY5NTU4Nzc4Nw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 8B15
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK44aCgIoe2glebDIqwM2Ew&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK44aCgIoe2glebDIqwM2Ew&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 20 May 2023 11:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK44aCgIoe2glebDIqwM2Ew&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8B15
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4MjQ0MDQ5NjEyODY5NTU4Nzc4Nw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4MjQ0MDQ5NjEyODY5NTU4Nzc4Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4MjQ0MDQ5NjEyODY5NTU4Nzc4Nw%3D%3D
date
Sat, 20 May 2023 11:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 8B15
0
141 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3382440496128695587787&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:27 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7DEAA54050B14D26A38F19C7CA76826D Ref B: VIEEDGE4308 Ref C: 2023-05-20T11:11:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8HhlbW0p0uuAPbTxawA==
xuid
eb2.3lift.com/ Frame 8B15
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3382440496128695587787&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=96341a79-5240-46ee-9aee-113efca37709&ssp=triplelift&expires=30&user_group=5&bsw_param=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
  • https://eb2.3lift.com/xuid?mid=2409&xuid=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 20 May 2023 11:11:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=2409&xuid=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 20 May 2023 11:11:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
c.gif
c.bing.com/ Frame 8B15
0
0

xuid
eb2.3lift.com/ Frame 8B15
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3382440496128695587787?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-8.r5Wy5E2oRDph3l1_A1gAGkU6B0i3wGBs4GukqJRg--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8.r5Wy5E2oRDph3l1_A1gAGkU6B0i3wGBs4GukqJRg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 20 May 2023 11:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 20 May 2023 11:11:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-8.r5Wy5E2oRDph3l1_A1gAGkU6B0i3wGBs4GukqJRg--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 8B15
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=HXYMEbQh5-OVBVfp6wcH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBMFSTKFMJIWQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HXYMEbQh5-OVBVfp6wcH
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HXYMEbQh5-OVBVfp6wcH
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 20 May 2023 11:11:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=HXYMEbQh5-OVBVfp6wcH
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 8B15
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7208176026121394406&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7208176026121394406&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 20 May 2023 11:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sat, 20 May 2023 11:11:28 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6bd0e286-e98f-421a-8fbe-194dcd5e35e8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7208176026121394406&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D73E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff616468-aadf-4e00-b282-69fbe17f5561
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff616468-aadf-4e00-b282-69fbe17f5561
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 20 May 2023 11:11:28 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x27 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff616468-aadf-4e00-b282-69fbe17f5561
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 May 2023 11:11:27 GMT
p-25CIknq_eSg16.gif
cms.quantserve.com/pixel/ Frame D73E
35 B
210 B
Image
General
Full URL
https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D73E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5193034627608884685
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5193034627608884685
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5193034627608884685
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame D73E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=25ba19f4-cd94-7f92-c0ec-097668b2bc51&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7fc38604-7561-40d5-8fc3-88b242d19c34&ttd_puid=25ba19f4-cd94-7f92-c0ec-097668b2bc51&gdpr=0&gdpr_consent=
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7fc38604-7561-40d5-8fc3-88b242d19c34&ttd_puid=25ba19f4-cd94-7f92-c0ec-097668b2bc51&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7fc38604-7561-40d5-8fc3-88b242d19c34&ttd_puid=25ba19f4-cd94-7f92-c0ec-097668b2bc51&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame D73E
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlkNWNhM2UtMDRlMy0yMTM2LWQ1MGMtNTNjZmEyNTA3MjMx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D73E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1yFG86cMrTY3xVP1M3HGQ&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1yFG86cMrTY3xVP1M3HGQ&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1yFG86cMrTY3xVP1M3HGQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 May 2023 11:11:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E0A3
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdHppxpASY4h72JGBA026OPGj9_Rh8ba0yBeRSMRyU5vNedpXIeiRVOEddz8Uio9rJ2EjI8pjYrLd1sSPZTlKm5Q6sxE03qSPTb6AySDuCCfdc4uZ8d73u-Gj7O5Yo12JE_dM&sai=AMfl-YSZ4II39b6y088EAfQSGZPJDdv9ucRBfBhaSitLHRZ-Sn8bEyH4Bs6uT0RZALedGNjjLuHMuurqxpv4hhSlKFgjE5FbIh4rRc81zxjLxXIJ8-N2BWV6-7M0qG4&sig=Cg0ArKJSzA6D5qAESJh8EAE&cid=CAQSOwBygQiDxtKvfRnA5ItudpxhiGrgqu8AT2NCSgbOo-XL0fWr8rqU9H_i_3Pzaf0TsakUFikuTjb8EOGkGAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684581085364&rpt=1798&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D186
0
23 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5579032652447&version=m202301230201&ct=119&x=1&cor=839153802439898100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D186
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwVQ54ymrpWuRSJmSP4_F3LYOhS745ZdImehKpocSy1xKrO2Ci3Uz9CI1zZr-RAgImhhZULM3-LZ75C3dtsnIaobxTEmLaoYtWzeL_zi-yZg_-p_TOVC5hKyxVbjGbbOC22L8&sai=AMfl-YR_eR8DjAkHZCMID3M5qM2DEgXcbPbKtJz4Uw6yXANYIMcUajCcj2s5n8z5phtUFmNoy-U3MuuBIq_P3R0n8J1MK_N1GN4pmeo&sig=Cg0ArKJSzEetf3_Ex7g0EAE&cid=CAQSKQBygQiDlVEHlUYJWyehyaWJRMXbYBU4NZuYiwIhcuIQ7nm7VdqbZDznGAE&id=lidar2&mcvt=1013&p=0,0,250,300&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=758607166&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684581084025&rpt=3182&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
1 KB
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684581088419&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1518&pt=-2079442447&tz=0&viewable=true&ddast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!nrlc_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
cabb27d889cb4b70a46e5f9817dc105d9938b381e7e2e90e96d801467ac60eca

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
content-encoding
gzip
server
nginx
machineid
1401
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je35h0&_p=9639&cid=672143067.1684581084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1684581083&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&dt=%E5%90%B3%E5%93%B2%E6%BA%90%E5%8F%B3%E8%82%A9%E6%8C%AB%E5%82%B75%E6%9C%88%E6%AD%B8%E9%9A%8A%E6%9C%89%E5%9B%B0%E9%9B%A3%E3%80%80%E7%8E%8B%E5%BB%BA%E6%B0%91%EF%BC%9A%E7%84%A1%E6%B3%95%E9%A0%90%E4%BC%B0%E6%99%82%E9%96%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E779
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=472193419962629&bg=!PzylPGjNAAZ8_aWmXP07ADkAdvg8WoMLLYXSaZ_6fDeiZyNuSR89hJAyOfSAMyOPJb9g3U3vEYOvLjkaLYs1p6qwcaTxlEAhuGQCAAAAaFIAAAAEaAEHmQK-dYAcO699kZhSdbuPr8gbEn8ddrU7xNNSFZQqCfjKqcYrWXGM3f6Upa9E2GKaE1QrlV9Ze9GqnvCXFlSj5rDMhtK_0swVQ8XNfh8ibRaZAKP-STS_1Bv0FHpK6WDddziIP8PPmaqM0du2hdKCiXOOzKr7l78QqB-t1Tqo-55gJutA4OHVBbJxei1Dc2erRPNJOJGlHXU0iBNwX61uDc9hLDT_AULPkl8GkW6MoMQbSAKOjiVQO6MhD-1hlU2EIkLA9ViHC5JVp-iDB0o-e3tXsSY3O_Th3Nq9BDR0zOb2r8L79gllVQaEkLLeSg74tKCc9E8oSKWHxXDukeDrGyd7KxZCVC7xXUI9hdk0y-eR3rDYxvzKrIN3QbTq7OoGdduc9h7FARC1ykDL_ALc_5MgU3f4DwfLOWrx-DS6F_RdUBTSfEMKASFokE0I5NzO1jHtZs4S0g0lAl0iTEhcbRm7FECK6RMK8YNSaXQTNk-iLw0OTzJQrYuB4sn5uMN-5F616D9tT1OeJCnaibYr-t6Wi4WE4sACIjSfKVkilvINNbWQeWtbjhgsMnQt4lUN6OYDo59qzLd2-4ST1v5Xx935ZBkYS1QSw_OlfvMZUL3dhqwNWsTeHrfFwM8E7oLD1EU8yymJuRgH47RBQyrGqZZe8ngK7Az9TNqhauZyV2BlbmV53xfzHbWV7wUSUAXAVdCV5qgZdmbQ_ipVJ-Pn_p0Jxx_Ry4dG3pSdHkPk_G0CLtOVR6Yn9SIvkC7gWrLE6xGUc5OdNOfPb1QjJ0PGEpvB9ywp4ajVageAEHVT0etNxBD2Z6Lu9Bp8xFtdvmrX3u_YrZUCRJW412PaAtRPskDN-v1hsmHGCbv7YRerfxsvAnV_hWOeLqq1gvTINPyPrdynzRPa6ZVsESDXqPKtCgfIJrA83k_z3ghbgTFBnbRo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

async_usersync
ib.adnxs.com/ Frame BC72
0
862 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:28 GMT
AN-X-Request-Uuid
d37fc396-59db-409d-9e34-fe057e9d5909
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 075E
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lhvw338j&c=2311788037147&slotId=1155894018573.5&qqid=CLnKqcnhg_8CFVMV4AodYrEHyw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.15.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
slc09s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 075E
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:22:44 GMT
x-content-type-options
nosniff
age
17326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 06:22:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 075E
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:10:15 GMT
x-content-type-options
nosniff
age
18075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 06:10:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 075E
0
24 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CnURE3KpoZLnsO9OqgAfi4p7YDP3Yv81w1YvZ7KIR8C4QASC6hMAzYI0CyAEFqQKSbPgLsyCyPqgDAcgDmwSqBJUCT9CCk26qaJ6jQHz_EArYmUWPUN451mti6Wg9quHEfPieJHbnW9z-JOFugyE0BKB8o915QKofj8mgWAxrr44VFB8EK5KVySoxZX2J4rztIMyYnRG2uty0jCAT9BtAiSMHgr28xaS29oCt9wiVh_up10YY1tVK-xjyukN987m_eL9UOuOY17oWXn2-GL8T7GRCkoLzHISvipXpvS5QAJ_McBSDbVmmkut00bIoMCKmlL7GDcQQm4K8MuTowRW7Rw3Xa9wCxRgYI5Mn5NNAXb23Zx_zshWxEns31QxFQABndasw0-MkC1et7rxr_iJ7B90Lz0s52bQM1edFrvNY5MmKmCn2Nuj3SP4QEf4IvnT-CNB4CImfHMAEjJ2p4a4E4AQDkAYBoAZ2gAeJqOzdA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAeALAYAMAbATqvaxE8gTwI3s4gPYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1684581089074&ai=CnURE3KpoZLnsO9OqgAfi4p7YDP3Yv81w1YvZ7KIR8C4QASC6hMAzYI0CyAEFqQKSbPgLsyCyPqgDAcgDmwSqBJUCT9CCk26qaJ6jQHz_EArYmUWPUN451mti6Wg9quHEfPieJHbnW9z-JOFugyE0BKB8o915QKofj8mgWAxrr44VFB8EK5KVySoxZX2J4rztIMyYnRG2uty0jCAT9BtAiSMHgr28xaS29oCt9wiVh_up10YY1tVK-xjyukN987m_eL9UOuOY17oWXn2-GL8T7GRCkoLzHISvipXpvS5QAJ_McBSDbVmmkut00bIoMCKmlL7GDcQQm4K8MuTowRW7Rw3Xa9wCxRgYI5Mn5NNAXb23Zx_zshWxEns31QxFQABndasw0-MkC1et7rxr_iJ7B90Lz0s52bQM1edFrvNY5MmKmCn2Nuj3SP4QEf4IvnT-CNB4CImfHMAEjJ2p4a4E4AQDkAYBoAZ2gAeJqOzdA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAeALAYAMAbATqvaxE8gTwI3s4gPYEwqIFALYFAHQFQH4FgGAFwHoFwU
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 075E
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lhvw3390&c=2311788037147&slotId=1155894018573.5&qqid=CLnKqcnhg_8CFVMV4AodYrEHyw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.39d&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.15.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
slc09s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 075E
30 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Cm44O5os3wydWdG2twW7a3gt8bP8yn2V-4hLfiqs3R2eE4nb6kH4p16z7GiqEvidsSW6GYbwPjU6BUvblq2wpslQBkcw&cry=1&dbm_d=AKAmf-B-W0UZ19iG0swoAuvIGripgp5O9D7cYOsG3ADefysXmo1rryhhkODeIQkgTEBklywM3iUo-R1VjDpvkCCUcXXdrhLiV1nJ_fXL6Ho_Jgy0HX5bDAoH0pj1YCFbc750_ujtVawuMhaZm4m_ZXzNIE-zMEC_92aZAqYobnBXu0GWJH1g_T08JnsQMhwstp5RQSBYHo6DSMO_vzDZJ5B6VHkFvcjgDHQIiRBQttXoxTJjVM28Au02ahu6jWIvVrIC7wSkTO0YlLWZoWfiqNKlkWw6CLfPneKiOkeRfqiDUfuwECCRVY6SgJnI2EhRRhvibl0Xft9wSYR5kw0okUQqiK-e4Pj_0nnXDIyXJxc1UTfQIzmbJVuJAfyS2YDtx1j549fXCpW6Ir8p_hjch6N-gnHZz8hvKxyAXtIWXNovRaO1hCfoeDA44POEl-7MY96zl1R8TNlFx7r_T2UxLEJpd02Gfmlk45Xcb-DXRgdOP9PiUfrQvXbyz_yipbJkFx58cJFhjYmLpnDn7lcxJVWr8hD7EhpypI4PHwqO3bkn1bJLb1QQsZcZ5EkN-jhhNWeAoYH_pb_mkeIQv5k8_hds5X4_43vGbHc892pIYKc6QbkjkvVzEv17aKuo_Rx4PyQH6IPQ0w6QujVKEG33154_8vm_TG-zne-Va2sIXEXRLNsb84kskts1sOR_AyBmjq7H5LR9dN8PGTwHSCJ_Sgdwots4FXrCV8mZMn8sazsMYdGHSmd-6aFJcdtlUErIQHu6scr8RYlAtkPA08FhaUgixw3wb2UImqVOkMIo5ECz3Fdfy35NUjYMsko-ol5rF4wJ7JkJM8eIrnvcYYcKAsFJGqLx0aXtqVqoLgS_RimkhniUmQ7q0Whq4WZPvE_lHWjBiQxsEFpy1M4r5lLz3_YeSpmBGTMtGf6-ff6lRVEh6ROA72KY73nwFRQnsL7UAvp-KAgP0L6WhehcE_cFkSW5hCjO0eIFzJDx6pG4bt6c_ZrLqT8zP9g-Edn9b5_awuWPrfEf5_NN4sn0MgsWS-Oj-6WtLrC8-jB6Lrf9tick7JB2AhuGENJ6RpYfkxRv4jbDF945BMiqDLezxeETj2INdeqRmvDUiLHqXHACJJR-YTvCcNJSl9NLbn0B0e7hiiZwZVXZm-SBkSmiqq9mbBCuPOozZTxJSHi64jZA2tEHe403PXAFDDaU2iUloW8AGAqUdYq6pPmC-wt_M0Y8DzeUv0UltmglPtjdccnBFy18fvgBAwF-o0Cs6KdWZzRMCgp_chff0H_WjFFjccXAzqgSIq9dKkspA_KnH0ncapl7mnv_e8qtwx7skcpSNGQ_ju4QiMNNARJmItWrPVKtqYXYxofP2PjcVZXpbHyHSpxFeq5Xeicqcy2EsFak9Tg0iTkkuXRbJUmiVucQYx71MjAzFMEy1nA0rhyTSa4UJC6fGtCE0lti60SFai_no694_PJwPJq6XHzWRYlxQnce2DmvRBR5Ug51WmamTXEeuD3kVVp2q7Hvd4ggCk6TKluJHZ4oLKszRYAQDxjO4wCoavSUhtnwVZFDUuUPApEsvqWgxIeJBUtEp0ka_WLvI25F38veIkIZi92Qw0Rv727g2Y1EM_5RU0Wb4bnn88baJBDeEdhDA5hwUzRBLNgPCqcLrbNDwDTFtdgyDy3bAzOFvWPh5074Yc_5F76OrYvGrYbdhuKno0EoYwNHh8R1e1mgqPu41XshV5jfixSiHqoKemDcWgD0EnFBntuJ2oaJTgUTiZGqzeKUfxQUHqXA-x65Mrc0FaLIK7DUHSUvVKpwq2qIKu_T0XhnSLdWIulnQOZU9GUKOMVY97e9_sCp4bZknaWAUxBunrmlCK7hZCA9ULU_fx4tmiiKeP8PXUIW1tjWappDgZPNRggvtv4BdP7Eqlwp5F1vZ7macKhKjrph-ICs8ch22TySG09n7sK2_4imWw6gseQi5_y6CrPs6S9YsmQWkInUMXbkNBnKrHNmUaDYSxQ9Coq1nFHk0aEVDx8VmaVkVpL2kR2I82Q0vP7PmqHEHpATdVl7yh7T7Ps2ot-enrmfGq09hLa9DP9gSfgj0_uzOTkwhjKNiB0CEfrDWsOM9OHZUl9LrcaN2dSIsg3PtkUL-yrNoSP6Gbnx3zwn0WQw7SI7jZJxX27KDxk8hdTRJ1hjtOzkzAR_9Ajmth0TOf9YZFIRmMrobBUhIWDIYAYKngW9tqvcGJh3YdnxXgqICQX-xBnkvReNIYVeCE3slrA7U6H1tyxaroSppFbxUSIEahJA0fkKDeCOjQqhn_rYQWPcB_oaXb7HOGKRpHfJlbgoaYxt8xRH7Qr23bfznj5pnZ7CLHoN_Y7MoXtZLerut_HdXBeLgwdhu0k9f3NGzYkyI39hfWx38vC113bRb4uOpSlR_Ihm9AGvJ2JAoFXfDSJNzoqEfLNjJfO0iQKcb-EOVdyFGRbRtPam4SPcP345bGT3RcROFJiHDYHPQ0p7aGKUZnCvvKbIPzVFTG53eidP3lc2rex0gEBNla5YV3lOFBfcxzN6u8hJg6MLFTrNopsVhCmEQUlfIblACqkGLrfcJ7LLdG-hmaX-UYVC3JyntNO0AF4qDw17rkIg5f7GMnFII8_0TwaIdQghWzUGpwtnxEJvsoVpQy7H_zZBDsr6MMP21lvUoDzwvAFAVHY6zf3f8WIchxa2j_ErhYPI514goGDIcxtxXbB-VeTJzETHq405fEkXizxHIN0AdQ7Oda9G2LeNrSbmKf46M9xyKFczl7Oc3-6ubdZl7OA21rjorsZMPjE6JyElWtBveuNUZzO2H8fGUsSz0kN4S8p7JnKLrO2xkvYSWxSmPRJGcChFC78XofpVi-ZmbJZgW73V3j_AJCs1J1sKzh1Y9GPAOIUmtlNajOb2fRyL3jCGy9mfkT6rAzxd2hXWNVPjuam4XffkFc0qig-FtyBujw4RH1_FvEw4Z2rRshHbnIotq9LCzQMzovh8ijJiFRxPG73seR3oifywgLIEnFpOT1eB_NCFIiNruJcN1CWOQDwW2aRYHbJZi6DJi8enJQ-IWixRvNDnOzf5BtCwgYL870NeLADi72n_-_AVX-dfQfhsdRHtSW9XQ187vb8Mj4zIaVL2MrY3T05JJo-bzcM6A4h5XDOwH4RcHPP21MKj0zpZYKHg7aOXbNiCbdaYWSvy74Yf68cXCkfciyLcj2ZCdY9nYcsRueUowIjdePvwvmFn3Q5dl3c4qIt5aIn3pC1RxgQoQAvTMulEkYB4afPGX2ALHl_Prd5cWwXpodWjClZxGLVUmzCjV-CMwPEAJjx8nTQdwNNnYtIIPDhG5Ql49y3zJ_A_zvXMBwdJmNvcPzDu8HrO72OcVSR9VVKTpbUbc-S51EJUtaOIJbd9V8qqjOSkyh9avQq1pHD-pSxwbaJr02eBjuN0Gn7_zfkcGyolNOrAkT1wa6kFIpMHrvg15ki3ziUAnUdeUCORtihdZwnOYFoCTjsa5eLngd-Wr1Qef8th7iNM5Ydu-pnxhmEPFQ6_y3nJXLPooXDhk8LJ4K8axCcMCsVHahuxKdrFrhI8eQTmltvVeBRRtAGEx7AsOTazzZWHb7IiZqlnP7PJi_TIkOZXmE9_FuzEehWCLoB3jp3jLCpN5sHAo17r_LJiTJQ3yWVxwMss0S5ZoHRn7yve6I9Ekfz73Kqug-6EcblTuGnvRtZr2-A4oaDrABYtWm4FXkMAksPG7rx6OvnA9fE2vySTsocBgRDE-JLjQRx1Wi1DZO9ycXE5eI5PP83T-7mOcX6RtrHJW4xT4wTU2eEJO_T8f8_xvgJExma-7w5aivJAx7rwD79rlaIrqobWwJ7nOHdVufq6WwfSOZ1Ew9awI9AZqtcdOUmTFUVZ_vUOHdk_ItaYJJ-d&cid=CAQSOwBygQiDxtKvfRnA5ItudpxhiGrgqu8AT2NCSgbOo-XL0fWr8rqU9H_i_3Pzaf0TsakUFikuTjb8EOGkGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f156.1e100.net
Software
cafe /
Resource Hash
624fc537b617ef8b2fb6264fa347bf39b15e6b92c36516de26f46f1587eafc63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16260
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 075E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXbBK3KpoZLnsO9OqgAfi4p7YDP3Yv81w1YvZ7KIR8C4QASC6hMAzYI0CyAEFqQKSbPgLsyCyPqgDAaoEkgJP0IKTbqponqNAfP8QCtiZRY9Q3jnWa2LpaD2q4cR8-J4kdudb3P4k4W6DITQEoHyj3XlAqh-PyaBYDGuvjhUUHwQrkpXJKjFlfYnivO0gzJidEba63LSMIBP0G0CJIweCvbzFpLb2gK33CJWH-6nXRhjW1Ur7GPK6Q33zub94v1Q645jXuhZefb4YvxPsZEKSgvMchK-Klem9LlAAn8xwFINtWaaS63TRsigwIqaUvsYNxBCbgrwy5OjBFbtHDddr3ALFGBgjkyfk00BdvbdnH6uzr6UaWannnsnI4DnuS0xfYDWE1O0AEysQpRAl193GYiEkeruVCcgT2Hb8ZSIDOHmXVdxk5p6sBlYlYTHiEQX4wASMnanhrgTgBAOIBfKFl4NLkgUGCAMQAxgDkgUGCBsQAxgDkgULCCIQAxgDSOuS-QGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB4mo7N0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ4sUPGJfThuoB0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwGwE6r2sRPIE8CN7OID2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse6BcF&sigh=pSTzcG2RlV8&uach_m=[UACH]&cid=CAQSOwBygQiDxtKvfRnA5ItudpxhiGrgqu8AT2NCSgbOo-XL0fWr8rqU9H_i_3Pzaf0TsakUFikuTjb8EOGkGAE&vt=10
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6376
1 KB
647 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:04:13 GMT
etag
48472445140208031
expires
Sun, 21 May 2023 11:04:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 075E
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57c2b34881b14e9d3170a854e304c3e3b8f28719cf03dd5545bb957def09ce56

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 6376
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBO8xHOolEWOW38jksfw6nM&google_cver=1&google_push=ATf1kGNxvio65yk--sP_Mzi6vpuqaVLseRwUZaQQDr5iA1snnJRDIvIN_omPANPkpXSqtwxHzxOh3nhNK7EWa17e...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=_2FkaKrfTgCygmn74X9VYQ&google_push=ATf1kGNxvio65yk--sP_Mzi6vpuqaVLseRwUZaQQDr5iA1snnJRDIvIN_omPANPkpXSqtwxHzxOh3nhNK7EWa17e93lQ8k87...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=_2FkaKrfTgCygmn74X9VYQ&google_push=ATf1kGNxvio65yk--sP_Mzi6vpuqaVLseRwUZaQQDr5iA1snnJRDIvIN_omPANPkpXSqtwxHzxOh3nhNK7EWa17e93lQ8k875FVDAA
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 20 May 2023 11:11:29 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x29 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=_2FkaKrfTgCygmn74X9VYQ&google_push=ATf1kGNxvio65yk--sP_Mzi6vpuqaVLseRwUZaQQDr5iA1snnJRDIvIN_omPANPkpXSqtwxHzxOh3nhNK7EWa17e93lQ8k875FVDAA
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 May 2023 11:11:28 GMT
pixel
cm.g.doubleclick.net/ Frame 6376
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPknlx_SzKqH6tQO_Q_lyf0&google_cver=1&google_push=ATf1kGO6IMMiPSPwW-JRT7ElnU_DRZo2k9tqVaIHAYvJm2WcsLD90efmthKANxQbHlv-hOmJ8zGEN-HGsi8YacHeEHNJ8i9...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO6IMMiPSPwW-JRT7ElnU_DRZo2k9tqVaIHAYvJm2WcsLD90efmthKANxQbHlv-hOmJ8zGEN-HGsi8YacHeEHNJ8i9hA4LZ&google_hm=eS0yeFlRRTJWRTJwRTEuMU...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO6IMMiPSPwW-JRT7ElnU_DRZo2k9tqVaIHAYvJm2WcsLD90efmthKANxQbHlv-hOmJ8zGEN-HGsi8YacHeEHNJ8i9hA4LZ&google_hm=eS0yeFlRRTJWRTJwRTEuMUg3ZUM0WHhMaGdWRGZ1Y2pJR35B
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 May 2023 11:11:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO6IMMiPSPwW-JRT7ElnU_DRZo2k9tqVaIHAYvJm2WcsLD90efmthKANxQbHlv-hOmJ8zGEN-HGsi8YacHeEHNJ8i9hA4LZ&google_hm=eS0yeFlRRTJWRTJwRTEuMUg3ZUM0WHhMaGdWRGZ1Y2pJR35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6376
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHCn787ufZcnXBqo2LEcK6U&google_cver=1&google_push=ATf1kGPbX8UIYiwOInKs8LwX0BhYKsxHBrQL8-OGlN9B9uejtmzg7tjN2ImBBEZROkvDk4xeiNwZ1eMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE5MzAzNDYyNzYwODg4NDY4NQ&google_push=ATf1kGPbX8UIYiwOInKs8LwX0BhYKsxHBrQL8-OGlN9B9uejtmzg7tjN2ImBBEZROkvDk4xeiNwZ1e...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE5MzAzNDYyNzYwODg4NDY4NQ&google_push=ATf1kGPbX8UIYiwOInKs8LwX0BhYKsxHBrQL8-OGlN9B9uejtmzg7tjN2ImBBEZROkvDk4xeiNwZ1eMyIns7O19op_IAiLcUmnM7Sg
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE5MzAzNDYyNzYwODg4NDY4NQ&google_push=ATf1kGPbX8UIYiwOInKs8LwX0BhYKsxHBrQL8-OGlN9B9uejtmzg7tjN2ImBBEZROkvDk4xeiNwZ1eMyIns7O19op_IAiLcUmnM7Sg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6376
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHJrvOfYO6oe8yJAvrhokiE&google_cver=1&google_push=ATf1kGOkf2jJm4cImWGx-MkLlTK7XdbpFWNJvfCt28y8ftw3iIsNL3JXjbVuGsr0igXd6jatTNJSFLvbvHQxhsQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOkf2jJm4cImWGx-MkLlTK7XdbpFWNJvfCt28y8ftw3iIsNL3JXjbVuGsr0igXd6jatTNJSFLvbvHQxhs...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOkf2jJm4cImWGx-MkLlTK7XdbpFWNJvfCt28y8ftw3iIsNL3JXjbVuGsr0igXd6jatTNJSFLvbvHQxhsQIzFS12BxaI2Lj
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOkf2jJm4cImWGx-MkLlTK7XdbpFWNJvfCt28y8ftw3iIsNL3JXjbVuGsr0igXd6jatTNJSFLvbvHQxhsQIzFS12BxaI2Lj
Date
Sat, 20 May 2023 11:11:29 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
google
sync-dmp.aura-dsp.com/match/ Frame 6376
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 6376
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JhyenUpRPzppk8LeoFARczR9HDJaBFzfxPAlbngL_Voi1tn3rXppXzpEHm
Requested by
Host: a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
URL: https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame BC72
0
862 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:29 GMT
AN-X-Request-Uuid
b478e51d-2e57-4742-a63b-0acd0c66bd62
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 075E
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lhvw339l&c=2311788037147&slotId=1155894018573.5&qqid=CLnKqcnhg_8CFVMV4AodYrEHyw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.15.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
slc09s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:30 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 075E
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 07:11:58 GMT
file.mp4
r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 075E
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1969C57ACAFE5E4643CB48B23402DB608B4596DB.08EC8D8B1B986AE5105A63294C89BC3B9BCB210F/key/cms1/cms_redirect/yes/mh/v9/mip/91.239.206.150/mm/42/mn/sn-4g5lzney/ms/onc/mt/1684580684/mv/m/mvi/5/pl/24/file/file.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
HTTP/1.1
Server
74.125.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s19-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:31 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2440067
Last-Modified
Mon, 15 May 2023 09:38:37 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 20 May 2023 11:11:31 GMT

Redirect headers

date
Sat, 20 May 2023 11:11:31 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
location
https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1969C57ACAFE5E4643CB48B23402DB608B4596DB.08EC8D8B1B986AE5105A63294C89BC3B9BCB210F/key/cms1/cms_redirect/yes/mh/v9/mip/91.239.206.150/mm/42/mn/sn-4g5lzney/ms/onc/mt/1684580684/mv/m/mvi/5/pl/24/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 075E
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lhvw34gk&c=2311788037147&slotId=1155894018573.5&qqid=CLnKqcnhg_8CFVMV4AodYrEHyw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=830&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&met.4=arp_a_e.4gj~videopreviewvisible.4gx&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.15.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
slc09s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:30 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 393B
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
100771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:11:59 GMT
expires
Sat, 18 May 2024 07:11:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
pagead2.googlesyndication.com/bg/ Frame 393B
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 06:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
15999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 May 2024 06:44:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 393B
0
25 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BNhIo4qpoZPXKHKLK-wbf4qqwDgAAAAA4AeAEAg&bg=!VValVgLNAAZ8_aWmXP07ADkAdvg8WhOmf_vpAUmbXvnLrgOBo74mjCbmswNXOdWwGXfYlgcUWYNEGwz4H3kkd5AMVZjs4rResz4CAAAAalIAAAADaAEHCgBvraC4d0Ifa_FdeGNlQO4cbNO51kyvRIG0YqlCbRxl9loEn1SmiRXvNmYgkWwMcinMd_6AA25ly-XRM7Hh1FAKo0Hl5bdu8E4Z3no5AP6kVJaQ1ZpeygzC6z8mX5v7ZiWku8yvvGseLEGnOqLnqphYmQLnJLLJ2SGZzGoThDp96596dLnQd96FnHmEXPFNTEqzSDd6-WU7qQf2JBx2zI6WNj1OMT0YY2KzlauQZS_yCH2PqoevObXsTMZM0vlEGw1BQNcM8N6JjnhupeX3D7RcnmQuUBKoug9r66xMAThP4FYHR5KXyeDTBlatD01foRbmQiZXJ2453qs3WUBz1kKqBJ1QrIDJ1-JpfPi9Abwjtk_soLk0kIUnAU5KS4GZE8O57qppRURddQt0Xx26yEWO_b2Vh0EVjFMs6wdeWCsEJZlywuV-F5-hXoYeE7eM2GqBKDdmT4Tol3wC9BqCnwBeyk70ALDNXCQccFPJQxuvcbiTjVWuv5uEVzIiz2sz9uYnv6MM1V82b8ZsoLPkhJ2AuKBkYdCuCKMTGNTLBFaGQVehropRrctHMVROSbr0y7qJWvZJ7adSWgbHxPZgyfsAoXhSTIWmkCuglE-b3W9xGer428ygzia9ll_mnQMnLpN8rFw9AXjv0mYFWhFN6Gmi997MxyTB6sVocZ6gBBZD6ML932OJ-6lqmCglrw8GW4dHLUVvYVTmp7TbzSali9gEgiuHcODo-nFK7vgE1PUgqBDcMLsuy4t0QtFtmEj2k_kuwyDqszYocU6vUPRJradBqGzRMXS4ul_2Ij8p1-TyUXNN66qXz0eDZs7xcWBh0SRvrZVbbuW1WMe3Y6oQ3d1GRC4VgEriek6gN0z6aEqLT1bEWDCD4OgVpViWioW4X8t1F9ta1QzaekGEVXsavVepFmZTE3Wgd4qV-u5QwG0feoVqp4DdMxkYa7NywT2eUazY7jnvkP87NE-7diG-yFdrL1UHRPU-p1-ZI4Uyjpf7HI5cH_OEWyB5WtDCHqbcjgnJScKj9gsPk6z4T9WjHye2Yi-FNKvSYzqB0nFF6-bquci_9f4aS_P3EMnaARZhNv1Qh6waKwI_Nkskj3CB8dLupAYyYT7Dcuba3GqkG_uD6gemEArxrPiyTlc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
1 KB
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684581091402&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1518&pt=-2079442447&tz=0&viewable=true&ddast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!nrlc_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
914f0cdf54fddaf56a9ef61506418a941ae89ad4bffdb98af8d50acbd355f827

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:31 GMT
content-encoding
gzip
server
nginx
machineid
1469
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1247
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
4692f47f2fbf07c28918ae70ef519aae13d60663afb6f8158d9e5b6ca1a44c92

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1718
Content-Type
text/html
Date
Sat, 20 May 2023 11:11:31 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
13926
g2.gumgum.com/usync/ Frame 7634
4 KB
2 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.231.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-231-79.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
64fe1cd2df988e40114383f92afc3a2e7bba49fee4b145e73ca6cceffe8702b7

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 20 May 2023 11:11:32 GMT
etag
W/"01239ff3346255f2f2f11a6c961cc977e"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 4931
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
662725f1aae2b78dd369282bfbed3f8ad4bb50fd18970aec8f1007cf00a1c8d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1306
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2345
696 B
762 B
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
7dde46ac8d0880a2b4fc7f5342eb3c7efe1604e7b32ee9a290118e3479fe9627

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

content-length
696
content-type
text/html
date
Sat, 20 May 2023 11:11:30 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FD08
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e40ba3d02f9d3c3f0464ef66d1be9ee41c48478fd53387c9de63a7b1494fe5b1

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1580
Content-Type
text/html
Date
Sat, 20 May 2023 11:11:31 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 2CB5
0
0

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8CB8
0
0

sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 4EF9
0
0

user-sync
sync.adkernel.com/ Frame 799E
635 B
1 KB
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a7b958b16766e2d065831d51a18cd17dee4909daa683df12c683c5fd1d493342

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
635
Content-Type
text/html; charset=utf-8
Date
Sat, 20 May 2023 11:11:33 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame AFDC
0
0

sync
ads.servenobid.com/ Frame 264C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7208176026121394406
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7208176026121394406
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 20 May 2023 11:11:31 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c271f76b-0a92-4839-b9a2-2eac442e2e22
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=7208176026121394406
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 264C
0
0

sync
ads.servenobid.com/ Frame 264C
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=GrT_pLZHSRLHEfOAT56M3_Th
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GrT_pLZHSRLHEfOAT56M3_Th
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 20 May 2023 11:11:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=GrT_pLZHSRLHEfOAT56M3_Th
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
rmpssp
sync.1rx.io/usersync2/ Frame 264C
0
0

cm
p.rfihub.com/ Frame 264C
0
0

usa
sync.go.sonobi.com/ Frame 264C
0
0

pixel
ap.lijit.com/ Frame 264C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb-9bf2331641d5%26bidder%3Dappnexus%26cbx%3D...
  • https://prebid.a-mo.net/cchain/0/470?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=6a0725af-17bc-4465-80cb-9bf2331641d5&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&u...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb-9bf233...
  • https://prebid.a-mo.net/cchain/1/470?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=6a0725af-17bc-4465-80cb-9bf2331641d5&bidder=adform&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D...
  • https://prebid.a-mo.net/cchain/2/470?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=6a0725af-17bc-4465-80cb-9bf2331641d5&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb...
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb-9bf2331641d5%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.91 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 20 May 2023 11:11:34 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F470%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6a0725af-17bc-4465-80cb-9bf2331641d5%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Sat, 20 May 2023 11:11:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 264C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
date
Sat, 20 May 2023 11:11:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame 264C
0
0

sync
ads.servenobid.com/ Frame 264C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
date
Sat, 20 May 2023 11:11:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 264C
0
360 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.58.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-58-251.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
sync
ads.servenobid.com/ Frame 264C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=3275826914264604000V10
0
346 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=353&uid=3275826914264604000V10
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 20 May 2023 11:11:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=3275826914264604000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:33 GMT
sync
gum.criteo.com/ Frame 52D5
88 B
328 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0f32971c896f5bab26d9d8ca473110551e9e953402b4e613e412d546ea83adee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1477962
expires
60
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 7D8A
0
0

cm
p.rfihub.com/ Frame 1134
0
0

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EE18
0
0

cksync.php
contextual.media.net/ Frame 52D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dapx%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=apx&refUrl=&vid=45810916313275826914264604000V10&ovsid=7208176026121394406
61 B
468 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=apx&refUrl=&vid=45810916313275826914264604000V10&ovsid=7208176026121394406
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:31 GMT

Redirect headers

Date
Sat, 20 May 2023 11:11:31 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
230af88c-fef9-4381-8b89-cdbfa3dacb8b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=apx&refUrl=&vid=45810916313275826914264604000V10&ovsid=7208176026121394406
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 52D5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3275826914264604...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3275826914264604000V10&type=opx&refUrl=&vid=45810916313275826914264604000V10&ovsid=ed96706b-6694-4572-a3a3-7718da5d2e8d
235 B
235 B
Image
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3275826914264604000V10&type=opx&refUrl=&vid=45810916313275826914264604000V10&ovsid=ed96706b-6694-4572-a3a3-7718da5d2e8d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:31 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:31 GMT

Redirect headers

date
Sat, 20 May 2023 11:11:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3275826914264604000V10&type=opx&refUrl=&vid=45810916313275826914264604000V10&ovsid=ed96706b-6694-4572-a3a3-7718da5d2e8d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 52D5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dmma%26refUrl%3D%26vid%3D458109163132758269142646...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=mma&refUrl=&vid=45810916313275826914264604000V10&ovsid=ff616468-aadf-4e00-b282-69fbe17f5561
61 B
481 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=mma&refUrl=&vid=45810916313275826914264604000V10&ovsid=ff616468-aadf-4e00-b282-69fbe17f5561
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:31 GMT

Redirect headers

Date
Sat, 20 May 2023 11:11:31 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x10 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=mma&refUrl=&vid=45810916313275826914264604000V10&ovsid=ff616468-aadf-4e00-b282-69fbe17f5561
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 May 2023 11:11:30 GMT
rmp1r1
sync.1rx.io/usersync2/ Frame 52D5
0
0

cksync.php
contextual.media.net/ Frame 52D5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45810916313275826914264...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45810916313275826...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=dxu&refUrl=&vid=45810916313275826914264604000V10&ovsid=GnHNNGy41Q0kuM5
61 B
468 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=dxu&refUrl=&vid=45810916313275826914264604000V10&ovsid=GnHNNGy41Q0kuM5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:32 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3275826914264604000V10&type=dxu&refUrl=&vid=45810916313275826914264604000V10&ovsid=GnHNNGy41Q0kuM5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 52D5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f7062fdb-10b3-4349-8439-504c96000fa8
61 B
632 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f7062fdb-10b3-4349-8439-504c96000fa8
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:30 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f7062fdb-10b3-4349-8439-504c96000fa8
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1036986
content-length
0
expires
Sat, 20 May 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 52D5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-ww.oPL9E2pkV_pSgIbJN4XWBmBC0CGW_t9wsbw--~A&expires=5&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=&gdpr_consent=&gdpr_pd=
61 B
481 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:32 GMT

Redirect headers

location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 20 May 2023 11:11:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cksync.php
contextual.media.net/ Frame 52D5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=HXYMEbQh5-OVBVfp6wcH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKILBMU2RLCKFUDKLKPKZBFMZTQGZ3WG...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=HXYMEbQh5-OVBVfp6wcHhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=458109163132758269142646...
60 B
307 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=HXYMEbQh5-OVBVfp6wcHhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=45810916313275826914264604000V10&vsid=3275826914264604000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:32 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=HXYMEbQh5-OVBVfp6wcHhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=45810916313275826914264604000V10&vsid=3275826914264604000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 52D5
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3275826914264604000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=09f399e4-c6e0-4493-b1a9-5aac0861555e&cs=1
61 B
481 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=09f399e4-c6e0-4493-b1a9-5aac0861555e&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 20 May 2023 11:11:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 20 May 2023 11:11:31 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=09f399e4-c6e0-4493-b1a9-5aac0861555e&cs=1
Date
Sat, 20 May 2023 11:11:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame 52D5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7fc38604-7561-40d5-8fc3-88b242d19c34
61 B
637 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7fc38604-7561-40d5-8fc3-88b242d19c34
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:31 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Sat, 20 May 2023 11:11:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7fc38604-7561-40d5-8fc3-88b242d19c34
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
/
onetag-sys.com/match/ Frame 4931
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=1&uid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sat, 20 May 2023 11:11:31 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x5 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 May 2023 11:11:30 GMT
/
onetag-sys.com/match/ Frame 4931
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LHVW306E-12-9PM4&gdpr=0
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LHVW306E-12-9PM4&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LHVW306E-12-9PM4&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
/
onetag-sys.com/match/ Frame 4931
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7208176026121394406
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7208176026121394406
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sat, 20 May 2023 11:11:31 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5e185cc5-a895-498c-8d5c-78ba30ee0e24
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7208176026121394406
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4931
42 B
723 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=eH6DToD106tEipBepHBuyLyR5KYFBvO7DM9qk_bQYIY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 4931
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=108428236549357317
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=107&uid=108428236549357317
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=108428236549357317
date
Sat, 20 May 2023 11:11:31 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 4931
0
0
Image
General
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ecm3
s.amazon-adsystem.com/ Frame 4931
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=--3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=--3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QTW42NXS8AFXB7R8KNA9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=--3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pubmatic
um.simpli.fi/ Frame 4931
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMesy4evnQ_XBFQdWUswQcA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
0
0

/
onetag-sys.com/match/ Frame 4931
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
date
Sat, 20 May 2023 11:11:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
p-zLwwakwy-hZw3.gif
cms.quantserve.com/pixel/ Frame 4931
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
35 B
210 B
Image
General
Full URL
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 20 May 2023 11:11:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

location
//cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
date
Sat, 20 May 2023 11:11:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 4931
0
365 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=318&uid=eH6DToD106tEipBepHBuyLyR5KYFBvO7DM9qk_bQYIY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
csi
csi.gstatic.com/ Frame 075E
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lhvw34h1&c=2311788037147&slotId=1155894018573.5&qqid=CLnKqcnhg_8CFVMV4AodYrEHyw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=830&mt=video%2Fmp4&vs=640x360&ple=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.15.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
slc09s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 2345
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=108428236549357317&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
711890.gif
id.rlcdn.com/ Frame 2345
0
0
Image
General
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

v1
match.sharethrough.com/universal/ Frame 2345
0
360 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.58.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-58-251.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:31 GMT
p
a.audrte.com/ Frame 2345
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTJpOUV2M0FXazVSLWlJS1Q3Q2JGVDFRQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDkyaTlFdjNBV2s1Ui1pSUtU...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=5193034627608884685&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=92i9Ev3AWk5R-iIKT7CbFT1QA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=108428236549357317&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.22.241.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-241-33.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 May 2023 11:11:34 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 20 May 2023 11:11:33 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2345
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=
43 B
400 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 20 May 2023 11:11:31 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=7fc38604-7561-40d5-8fc3-88b242d19c34&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
299
log
c21lg-d.media.net/ Frame 52D5
35 B
296 B
Image
General
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=awwxVTBOdY7DtywoxgeOzulPvGKGqxGY&cs=15&vsid=3275826914264604000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 20 May 2023 11:11:32 GMT
file.mp4
r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 075E
2 MB
2 MB
Media
General
Full URL
https://r5---sn-4g5lzney.c.2mdn.net/videoplayback/id/126fd9afc7719db6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716117090/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1969C57ACAFE5E4643CB48B23402DB608B4596DB.08EC8D8B1B986AE5105A63294C89BC3B9BCB210F/key/cms1/cms_redirect/yes/mh/v9/mip/91.239.206.150/mm/42/mn/sn-4g5lzney/ms/onc/mt/1684580684/mv/m/mvi/5/pl/24/file/file.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s19-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
01365e94112a5e7fecb82c5c378f9091fc426df1c6d033732f0ad90559db7686
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

expires
Sat, 20 May 2023 11:11:31 GMT
date
Sat, 20 May 2023 11:11:31 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2440066/2440067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2440067
last-modified
Mon, 15 May 2023 09:38:37 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
client-protocol
quic
dcm
s.amazon-adsystem.com/ Frame 1247
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T8YW0S4P6P28A7XVN1FJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1247
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7fc38604-7561-40d5-8fc3-88b242d19c34&expiration=1687173091&gdpr=0&gdpr_consent=
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7fc38604-7561-40d5-8fc3-88b242d19c34&expiration=1687173091&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7fc38604-7561-40d5-8fc3-88b242d19c34&expiration=1687173091&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 1247
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPfPkhhEOMwinPjsYZhU78w&google_cver=1
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPfPkhhEOMwinPjsYZhU78w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPfPkhhEOMwinPjsYZhU78w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1247
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7208176026121394406
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7208176026121394406
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 20 May 2023 11:11:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1eaef7fd-7e4a-4c60-a529-9e3f3b53eb22
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7208176026121394406
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1247
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.158.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-158-45.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame 1247
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=82197827-6e83-0d1a-0083d161
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=82197827-6e83-0d1a-0083d161
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Sat, 20 May 2023 11:11:33 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=82197827-6e83-0d1a-0083d161
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 1247
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=108428236549357317&gdpr=0&gdpr_consent=
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=108428236549357317&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=108428236549357317&gdpr=0&gdpr_consent=
date
Sat, 20 May 2023 11:11:31 GMT
content-length
0
rum
dsum.casalemedia.com/ Frame 1247
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3a27f7dfc1b31f88&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAM6i4u97ZsxAMWJHFQAAAAAAA&expiration=1684667494&is_secure=true
0
0

htw-pixel.gif
cdn.indexww.com/ht/ Frame 1247
43 B
353 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGiq3DjU40k.X6Q0gow1ywAA%262192
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:34 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
58898
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ca423c00973bbd3-FRA
content-length
43
expires
Sun, 21 May 2023 11:11:34 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame FD08
0
0

cs
ad.turn.com/r/ Frame FD08
0
0

crum
dsum-sec.casalemedia.com/ Frame FD08
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ff616468-aadf-4e00-b282-69fbe17f5561
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ff616468-aadf-4e00-b282-69fbe17f5561
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 20 May 2023 11:11:32 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ff616468-aadf-4e00-b282-69fbe17f5561
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 May 2023 11:11:31 GMT
rum
dsum-sec.casalemedia.com/ Frame FD08
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZGiq5AALa-2qkwAn
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGiq5AALa-2qkwAn&_test=ZGiq5AALa-2qkwAn
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGiq5AALa-2qkwAn&_test=ZGiq5AALa-2qkwAn
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-sof1510022-SOF
pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684581093.673915,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGiq5AALa-2qkwAn&_test=ZGiq5AALa-2qkwAn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FD08
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.158.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-158-45.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame FD08
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7208176026121394406
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7208176026121394406
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 20 May 2023 11:11:32 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.150; 91.239.206.150; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
954e976d-43d6-43a4-ada4-e9ad60b61633
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7208176026121394406
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FD08
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=108428236549357317&gdpr=0&gdpr_consent=
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=108428236549357317&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=108428236549357317&gdpr=0&gdpr_consent=
date
Sat, 20 May 2023 11:11:31 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame FD08
0
0

sync
ads.servenobid.com/ Frame FD08
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
dc_oe=ChMI9cP4y-GD_wIVIuXeCh1fsQrmEAAYACDwtNhbOhoI1tGzhAQQjJ2p4a4EGMCN7OIDINWL2eyiEUITCLnKqcnhg_8CFVMV4AodYrEHyw;dc_rmcid=CAQSOwBygQiDxtKvfRnA5ItudpxhiGrgqu8AT2NCSgbOo-XL0fWr8rqU9H_i_3Pzaf0TsakUFik...
ade.googlesyndication.com/ddm/activity/ Frame 075E
42 B
401 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9cP4y-GD_wIVIuXeCh1fsQrmEAAYACDwtNhbOhoI1tGzhAQQjJ2p4a4EGMCN7OIDINWL2eyiEUITCLnKqcnhg_8CFVMV4AodYrEHyw;dc_rmcid=CAQSOwBygQiDxtKvfRnA5ItudpxhiGrgqu8AT2NCSgbOo-XL0fWr8rqU9H_i_3Pzaf0TsakUFikuTjb8EOGkGAE;eps=CIBhEAEYHTICigI6AoBASL39wTo;met=1;acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D19008%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D474730676%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1684581092264;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 075E
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnURE3KpoZLnsO9OqgAfi4p7YDP3Yv81w1YvZ7KIR8C4QASC6hMAzYI0CyAEFqQKSbPgLsyCyPqgDAcgDmwSqBJUCT9CCk26qaJ6jQHz_EArYmUWPUN451mti6Wg9quHEfPieJHbnW9z-JOFugyE0BKB8o915QKofj8mgWAxrr44VFB8EK5KVySoxZX2J4rztIMyYnRG2uty0jCAT9BtAiSMHgr28xaS29oCt9wiVh_up10YY1tVK-xjyukN987m_eL9UOuOY17oWXn2-GL8T7GRCkoLzHISvipXpvS5QAJ_McBSDbVmmkut00bIoMCKmlL7GDcQQm4K8MuTowRW7Rw3Xa9wCxRgYI5Mn5NNAXb23Zx_zshWxEns31QxFQABndasw0-MkC1et7rxr_iJ7B90Lz0s52bQM1edFrvNY5MmKmCn2Nuj3SP4QEf4IvnT-CNB4CImfHMAEjJ2p4a4E4AQDkAYBoAZ2gAeJqOzdA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAeALAYAMAbATqvaxE8gTwI3s4gPYEwqIFALYFAHQFQH4FgGAFwHoFwU&sigh=HytuzaQWYbc&label=part2viewed&ad_mt=5&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D19008%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D474730676%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1684581092264
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 075E
0
28 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkb9H66BMS9kKr2o2OU89KzSE1lZbPYUlSW9XYE2qjWQZwxjEXJBzQREm49ba2V89kTSfvxoHdWnZAB9G8w6BHL9TWMDdTUpYDFk12M2hJXDIRxy6INSWLOD81xuyuSESFlsQD7yTZC92nwXCgoT0MrNDiuprDPT8hC5StWakOdqt9CcV9fO3R41j3BGfnGdElKAZZl280oLcaCBNmcyCylZMAQhT5aqOj0VyPVuks99bOOUS0Q1cd6Ly9hkWH0Y8xNm4AnbQehWs9WmR3gEL-XElw72dw4rQPvzCq36wpmNuP_BVrwLOx8L1sMH3DHA6Qe9HSWT7dwbR0_11TclzCCzyyRCXD50L7ovLxAwDjJftmjdzxF_sBOMjGxG1RbtFzVoHDWVULmIL3uEi5_nytfA8hwmiugI1yIPGG3Grv3JLArKBK8tWS1ervoHybtRKxPMgazid2Jdjafk5DaBC7ZzwO5uoOE63rMpBKIyHF1sKNGULkMSvAm7cCM7JWrIzRsEKjPDYB17WX26OGWJbS47Vjkop6Mnsi3cs7lQwfedrttmG7QhzlHD4BZh13d0aDVsULo4DsVKYXXDv0T6ljlEyTmPptI5uvKkflCXxGW4hOeKUUL1OI6exO30ZGbUuOmuL3dr1wEKY1w0CvTFuDINjmVHrFyL9_7l2cJTNdGftH7pCaca7Z-RnIMkJ0tcqeSkvnMCYrakAT1Oy-qUuTkSRag1nWGIFlNUF7x6YWP0HUyxadJpBah9YdW1VME5HMfg7h9KpA7FgDf-OuJl9Dx0TyFd777ep6or32htHf4uoev-XnTUAH4_9gE8SK9eQYd6n7pB1_VB9IqLH6P73gNGOHWbgR72qvg07bM5tWXxZ3_KLuVOYtLsPmXPoPO_0SkXhj8gjuoGBQ44APcXpp2K-bfTPtCV4-2JjHptaonq0k34Qa1Z6o5qDHPjE_r0CJVDt9BrjZtj-jzYNDqAi3dwYqfotAvXW6ldRmRCaJDD3uuqItuCWH_DbSuJ-2MuD9x5REDmV0clzgGaFqNV4NaR9-g4GvshUby8gbK9Avai-Bx3I_4PasXhsx537LcFTCE3HPpY0gcegUCvVcnkLjhIM68KI6UYniD-7ki9DkKoSapNMZWzOMbxn5-55KJGowukeosicFR8jTgwbFHaePOFwtcytRIjfsh8W9iyWY3Ry6Tko9knTw0xz1ise9m16UZ_Q22vQdjBPdLQ4zO8tD3Epqtyimd9gH3y7y6yeiGkDn3kQC5EEnNS3CDJ24cdyzwwVLTayl7L5Fylc9YEkrEe4kOgmBDR-0GQ&sai=AMfl-YTtdY8pODaGOtGabHSRWyjvgZAXe81eF93wooivjui89JJdOeR86veb4VT4h-ZK-sXgOnVIoA5StIliWMphGwMZ2ocmVaTY3k69RdG-VNHlgvZ8Qp9Xs59X0_vL0WV6Cq7aLn8XtRYR9saKybeJYo-NlgnwegeoBwqcrV2-tvUNmWTojJWx2FzmTluRgwLtX5yhsjGWTGD_nvUArdLfnLhctAIz5wBDBSigcoDu6wVAIkxqOhQXuB8d7TuLmrzVx8R5&sig=Cg0ArKJSzMss93kDXwaDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 20 May 2023 11:11:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sync
partners.tremorhub.com/ Frame 075E
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_3m84DENbRs4QEGJfThuoBIAEwAQ&v=APEucNWXoxsVsaL4KjiO0IxA1YnIGzSWahD6OhdyM-eWMkr8xumTuu1EthoDVYD0nZaptizaxkeRddOuAvBk29OrxTt_BDIpLreVcoXIQM5-WVwO7W6...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEN_BIby4UfLI0pGmsUQK-vM&google_cver=1
43 B
175 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEN_BIby4UfLI0pGmsUQK-vM&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H2
Server
3.221.215.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-215-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 20 May 2023 11:11:33 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEN_BIby4UfLI0pGmsUQK-vM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 075E
0
25 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 075E
42 B
69 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoxTzY5k4xCa5dXxP2ZcozNf9dyIZZpGXMMbO8P4nhdOFQ41r84hbgWNcO5V_o-wEGAzu8DVNP_5I850CwXEM64RNNuWrsar0iAyWDgoFM8Ykoypp3FI5AyA&sai=AMfl-YQMoBBi8ONDTMJ_8M-_Eh1PTO3pF8e0JwydJAOwlFi_yN4CYmVzxmbLj8sNimS4OTKdCnOvBEH3sExTd4zEe5NGE5ayQ5-T87bKQ6TCHRFFo2GAKsDspPcEsJY&sig=Cg0ArKJSzIfLBcDU59pYEAE&cid=CAQSOwBygQiDxtKvfRnA5ItudpxhiGrgqu8AT2NCSgbOo-XL0fWr8rqU9H_i_3Pzaf0TsakUFikuTjb8EOGkGAE&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D19008%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D474730676%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1684581092264&avm=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 075E
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnURE3KpoZLnsO9OqgAfi4p7YDP3Yv81w1YvZ7KIR8C4QASC6hMAzYI0CyAEFqQKSbPgLsyCyPqgDAcgDmwSqBJUCT9CCk26qaJ6jQHz_EArYmUWPUN451mti6Wg9quHEfPieJHbnW9z-JOFugyE0BKB8o915QKofj8mgWAxrr44VFB8EK5KVySoxZX2J4rztIMyYnRG2uty0jCAT9BtAiSMHgr28xaS29oCt9wiVh_up10YY1tVK-xjyukN987m_eL9UOuOY17oWXn2-GL8T7GRCkoLzHISvipXpvS5QAJ_McBSDbVmmkut00bIoMCKmlL7GDcQQm4K8MuTowRW7Rw3Xa9wCxRgYI5Mn5NNAXb23Zx_zshWxEns31QxFQABndasw0-MkC1et7rxr_iJ7B90Lz0s52bQM1edFrvNY5MmKmCn2Nuj3SP4QEf4IvnT-CNB4CImfHMAEjJ2p4a4E4AQDkAYBoAZ2gAeJqOzdA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAeALAYAMAbATqvaxE8gTwI3s4gPYEwqIFALYFAHQFQH4FgGAFwHoFwU&sigh=HytuzaQWYbc&label=vast_creativeview&ad_mt=5&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D19008%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D474730676%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1684581092264
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 075E
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lhvw35at&c=2311788037147&slotId=1155894018573.5&qqid=CLnKqcnhg_8CFVMV4AodYrEHyw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=830&mt=video%2Fmp4&vs=640x360&dm=19000&umsem=0&event_name=first_play&asset_bytes=194680&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.5pq~videopreviewstarted.5pr
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.15.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
slc09s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 11:11:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7208176026121394406
0
0

sync
x.bidswitch.net/ Frame 7634
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_46c5d185-140f-403c-803c-9934d8a546ee&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d577b2dc-f8b4-471b-bf1f-3a0916859009&ssp=gumgum2
0
0

usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f118b6a9-2026-55d6-5087-02b88043e06b$ip$91.239.206.150
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-f118b6a9-2026-55d6-5087-02b88043e06b$ip$91.239.206.150
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 20 May 2023 11:11:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-f118b6a9-2026-55d6-5087-02b88043e06b$ip$91.239.206.150
Date
Sat, 20 May 2023 11:11:32 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_46c5d185-140f-403c-803c-9934d8a546ee&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=HXYMEbQh5-OVBVfp6wcH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SCYLFGUKYSRNA2S2T2WIJLGM4BWO5RUQ...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=HXYMEbQh5-OVBVfp6wcH&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=HXYMEbQh5-OVBVfp6wcH&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 20 May 2023 11:11:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 20 May 2023 11:11:33 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=HXYMEbQh5-OVBVfp6wcH&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=QWNblvK6VZsO&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=QWNblvK6VZsO&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 20 May 2023 11:11:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
ka-GE
location
https://usersync.gumgum.com/usersync?b=pln&i=QWNblvK6VZsO&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78764785dd-dr7hz
expires
-1
usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Bq7-qtVvWvEkZamET5lV1nxYDSg9_hYHXFwExBTR0faZ8ryinjX4OvooDFcaRyoY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
0
0

usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=d287bd84-e581-47c4-a797-199ba0e2bd17
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=d287bd84-e581-47c4-a797-199ba0e2bd17
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 20 May 2023 11:11:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 20 May 2023 11:11:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=d287bd84-e581-47c4-a797-199ba0e2bd17
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-LPIfLRhE2pdqo0HSHbvpGaGZhqsuLXb0Wnt0~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-LPIfLRhE2pdqo0HSHbvpGaGZhqsuLXb0Wnt0~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 20 May 2023 11:11:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 20 May 2023 11:11:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-LPIfLRhE2pdqo0HSHbvpGaGZhqsuLXb0Wnt0~A
content-length
0
usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=9547bbd2-30a5-40c0-b06f-9dce72c87a2a
0
0

usermatchredir
ssum-sec.casalemedia.com/ Frame 7634
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DE3420ABE853148AE9778249FA0DC859C%26att%3D1%26pid%3D82%26cb%3Dhttps%...
0
0

142
match.deepintent.com/usersync/ Frame 7634
0
0

server_match
ad.360yield.com/ Frame 7634
0
0

usersync
usersync.gumgum.com/ Frame 7634
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=108428236549357317
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=108428236549357317
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 20 May 2023 11:11:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=108428236549357317
date
Sat, 20 May 2023 11:11:32 GMT
content-length
0
sync
ads.servenobid.com/ Frame 7634
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_46c5d185-140f-403c-803c-9934d8a546ee
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user-sync
sync.adkernel.com/ Frame 6E15
0
0

e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame B7F6
0
0

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 055B
0
0

usersync
usersync.gumgum.com/ Frame 61D0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=7fc38604-7561-40d5-8fc3-88b242d19c34
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=7fc38604-7561-40d5-8fc3-88b242d19c34
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 20 May 2023 11:11:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sat, 20 May 2023 11:11:32 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=7fc38604-7561-40d5-8fc3-88b242d19c34
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame F55E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 20 May 2023 11:11:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 20 May 2023 11:11:32 GMT
Expires
Sat, 20 May 2023 11:11:31 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x28 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=ff616468-aadf-4e00-b282-69fbe17f5561&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 313E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZGiq5AALaJk-lgA9
  • https://usersync.gumgum.com/usersync?b=atm&i=ZGiq5AALaJk-lgA9&gdpr=0&gdpr_consent=&_test=ZGiq5AALaJk-lgA9
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZGiq5AALaJk-lgA9&gdpr=0&gdpr_consent=&_test=ZGiq5AALaJk-lgA9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 20 May 2023 11:11:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 20 May 2023 11:11:32 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZGiq5AALaJk-lgA9&gdpr=0&gdpr_consent=&_test=ZGiq5AALaJk-lgA9
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-sof1510022-SOF
x-timer
S1684581093.656892,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4DC9
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80NmM1ZDE4NS0xNDBmLTQwM2MtODAzYy05OTM0ZDhhNTQ2ZWU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 11:11:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 3112
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZGiq3MCo8YsAALzyuQcAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZGiq3MCo8YsAALzyuQcAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 20 May 2023 11:11:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 20 May 2023 11:11:32 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZGiq3MCo8YsAALzyuQcAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad416.dc4p.scaleout.jp
X-SO-IP
91.239.206.150
X-SO-Key
ZGiq3MCo8YsAALzyuQcAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"91.239.206.150","key":"ZGiq3MCo8YsAALzyuQcAAAAA","privacy_sensitive":false,"uid":"ZGiq3MCo8YsAALzyuQcAAAAA","upstream_id":"m-ad416"}
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-UID
ZGiq3MCo8YsAALzyuQcAAAAA
X-SO-Upstream-ID
m-ad416
gumgum
cs.admanmedia.com/sync/ Frame C119
0
0

usermatchredir
ssum-sec.casalemedia.com/ Frame F3F3
43 B
632 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 20 May 2023 11:11:32 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm-notify
creativecdn.com/ Frame C71D
0
0

multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 76E2
0
0

user-sync
sync.adkernel.com/ Frame 799E
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1YN-
  • https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=7208176026121394406&us_privacy=1YN-
0
0

/
onetag-sys.com/usync/ Frame BEB4
3 KB
1 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
ac49bfb8ff20c40d41494eee72b6660d342e903179ef5aefe131e04f7addcaee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1137
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame BEB4
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BEB4
42 B
723 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=--3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame BEB4
0
44 B
Image
General
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:34 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame BEB4
0
0
Image
General
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ImgSync
image8.pubmatic.com/AdServer/ Frame BEB4
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:34 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame BEB4
0
38 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame BEB4
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.152.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-152-195.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:11:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
user-sync
sync.adkernel.com/ Frame BEB4
0
0

VideoBidRequestHandlerServlet
am-wf.taboola.com/
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 075E
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/286170918e27e21270112e97afc92d91.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202111/ba877cbd8734dbca67656192d6869ddf.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/9f35c3b104d658a8a5a8419e2a722f10.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5ad15567d45411d5a4c20e7083159619.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ee6ab2ca802eef031448821870beffc4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202205/d274ae92da504786aa3076598efe823e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202202/c08ceb7d1df0581b91a52c02b2662032.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/fbd4a0f3e0fb11da895d3a63d5a618de.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/dafbcc48b20dd55d99d006babb3c01ec.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/87dc9530c0777dc5b7dd5c9c45572eea.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/51d79b2a891cdeac828fd7ed215d5bf3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202205/3394fa6d010bc1c665a9ac760976478d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3be016f3bcd694e1b9a125f5a35de0c4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/4b373f70b87ab65f7ff653b5d5bf0c28.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3f37cc02386db7cd29fcf0c47d60cc54.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202204/13de079290efc47f9c5ca3ee4e680e06.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/33cdb6e5792635bc114a8c1fe3087156.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/823e66a0c79d9d8349201f2120f4f853.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/fbbe76aca7804953359ba2f29f5505b3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e3b97bb8cd6cc7684a189ca27e481995.jpg?w=150&h=100&q=100
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=f61626ad-6413-4065-9a3a-c19e0c958fac%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwu-zhe-yuan-you-jian-cuo-shang-5yue-gui-dui-you-kun-nan-wang-jian-min-wu-fa-yu-gu-shi-jian.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=97d3ae34-6bcc-4975-b804-7300a2f95c74%3B07f758b5-4a87-4025-af6c-3d9e8cab23b9&l_pb_bid_id=729f746a9028a33%3B73c6e6c275a8787&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.8230556236506406
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-7irXEYm67G2Xodj-e5Y5Jw&aip=1&sid=1684581082&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=42&3pid=7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058&us_privacy=&gdpr=0&gdpr_consent=
Domain
match.360yield.com
URL
https://match.360yield.com/match/ebda?google_gid=CAESENfD7DgWwF_orGa6mR1U4DI&google_cver=1&google_push=ATf1kGOkYUwkxcTXN7EyRKAzn-8EGOWpFROWlTJmYsD3IGNI6xDcze2YvscM5oLV3VXDw1OlYeOr7OghaUFDqdhV4Slhm1UNhbg
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEAywNkt4JaGtuMVDHIpCG9Y&google_cver=1&google_push=ATf1kGNAr4fPecD8gmsa_78N8qJxOYOjzV2Fa_9mrMbMea-rmeTqbqDFdQLcdnsHtDrffS78T0gC5dkherai6KPtN7LxGb_2bO75
Domain
c.bing.com
URL
https://c.bing.com/c.gif?xid=3382440496128695587787&Red3=TLMS_pd
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEAywNkt4JaGtuMVDHIpCG9Y&google_cver=1&google_push=ATf1kGPtmyZV1qvaE8x51HJX7Seda6Uwq-cd2Z7qmE3Z7Dlcfb_WXVt6DaoVwLCJ8VipQkJ1ySX2jeicP2jF2dhyZEcmlB0nQe7NDfM
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Domain
cs-server-s2s.yellowblue.io
URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Drkt%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D%7Buserid%7D
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dpba%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3DPM_UID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3275826914264604000V10%26type%3Dr1%26refUrl%3D%26vid%3D45810916313275826914264604000V10%26ovsid%3D%5BRX_UUID%5D
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAM6i4u97ZsxAMWJHFQAAAAAAA&expiration=1684667494&is_secure=true
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=7208176026121394406
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=59&user_id=d577b2dc-f8b4-471b-bf1f-3a0916859009&ssp=gumgum2
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Bq7-qtVvWvEkZamET5lV1nxYDSg9_hYHXFwExBTR0faZ8ryinjX4OvooDFcaRyoY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Bq7-qtVvWvEkZamET5lV1nxYDSg9_hYHXFwExBTR0faZ8ryinjX4OvooDFcaRyoY%29
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=vnt&i=9547bbd2-30a5-40c0-b06f-9dce72c87a2a
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DE3420ABE853148AE9778249FA0DC859C%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fusersync.gumgum.com%252Fusersync%253Fb%253Dsnc%2526i%253D%255BUSER_ID%255D%26uid%3D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
sync.adkernel.com
URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_46c5d185-140f-403c-803c-9934d8a546ee&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=e_46c5d185-140f-403c-803c-9934d8a546ee&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Domain
sync.adkernel.com
URL
https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=7208176026121394406&us_privacy=1YN-
Domain
sync.adkernel.com
URL
https://sync.adkernel.com/user-sync?zone=175005&r=--3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w
Domain
am-wf.taboola.com
URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684581094408&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1518&pt=-2079442447&tz=0&viewable=true&ddast=V87HkCLAYsOpz7GFk1SBNYdDj3MbJqkC4AAABgYID-AEktlrOZaTlZi2yDjVs0XEzWyslg5pZ5DBvHaOWcOAbLISCpxXI2My0na5FtsHGLhovJWjkZzNwyj2HjGK2cE8dgOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ0aDodPte9Xvf73SU-z1zj9yv8utdbenS5la-H3a38u95Sp8Pu1rj-bs3RYfe5VcvXy61zPd0i19Ot_LveWtfdLXfY3bqH3eeWOh12t9ppd-teb5nDrXy9da635uh0S50Ou11oepvtAAAAAODB____PwQAAACACAAAAAASAAAAACgEVPi3IHABAAAAAMP___-_BoAnDgd0cZqdnqc_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA4DGktxhjlNs1oZxIwWsRRgAAAAC23p0tj0zSCSoWVf7___utAFwBAAhAxNn26s-iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohE-HHNEIzUexqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw9ILWcTm8NkWplMu4VruNiMRoaJa7nZLGyGkWex2R6_ic6KkvqB_D4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwN_LNbBuXxy0ZrFxr0cazcgs3NpdbtjKtRpPJzDfaLNei18d0sU02g9VwiwQD9PYieVqkE9Vgs1suDAvbzOSwLSwb28xjmDmWG9_COVkuJjOLWKI5WaQT2WXfWs4mNofJtDKZdgvXcLEZjQwT13KzWdgMI89is--NfDPbxuVxSwYr11q08azcwo3N5ZatTKvRZDLzjTbLtej1MV1sk81gNdw3ZsPRargYDAf7xmw4Wg0Xg-Fg36EzfFefs1FZVkk-Mpe42zhMbE6DwmWweKfq1TfamR1Ev2nRKZOplQWd0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_h1r7f06HIrXw-7W_l3vaVOh92tcf3dmqPD7nOrlq-XW-d6ukWup1v5d721rrtb7rC7dQ-7zy11OuxutdPu1r3eModb-XrrXG_N0emWOh12u9D0NlvEEsHpIp2IXsbTRf1HDrmYSzbLuWQwmytWg1UCAAAAAAAAALAEk0w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJUIXi_v___8cBAACQkUMPAACAfh9QFgAAAAAAAL-CGGxmu_0DUCHWarW63Vir1QI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!nrlc_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoxTzY5k4xCa5dXxP2ZcozNf9dyIZZpGXMMbO8P4nhdOFQ41r84hbgWNcO5V_o-wEGAzu8DVNP_5I850CwXEM64RNNuWrsar0iAyWDgoFM8Ykoypp3FI5AyA&sai=AMfl-YQMoBBi8ONDTMJ_8M-_Eh1PTO3pF8e0JwydJAOwlFi_yN4CYmVzxmbLj8sNimS4OTKdCnOvBEH3sExTd4zEe5NGE5ayQ5-T87bKQ6TCHRFFo2GAKsDspPcEsJY&sig=Cg0ArKJSzIfLBcDU59pYEAE&cid=CAQSOwBygQiDxtKvfRnA5ItudpxhiGrgqu8AT2NCSgbOo-XL0fWr8rqU9H_i_3Pzaf0TsakUFikuTjb8EOGkGAE&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2025,0,0,0,0%26mtos%3D2025,2025,2025,2025,2025%26amtos%3D0,0,0,0,0%26mcvt%3D2025%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2186%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D62%26pst%3D201%26dur%3D19008%26vmtime%3D2193%26dtos%3D2025%26dtoss%3D1%26dvs%3D2025%26dfvs%3D2025%26dvpt%3D2186%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D474730676%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2025&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1684581092264

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 boolean| credentialless object| _taboola object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| TRC object| _tblConsole undefined| msg object| _comscore object| adRecover function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| setImmediate function| clearImmediate object| COMSCORE object| ns_p number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN object| ucf object| request string| paramsString number| ampAdGoogleIfiCounter function| _lgy_lift_callback_4308934 object| _qevents string| nam object| placementData object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| ggeac object| google_tag_data object| google_js_reporting_queue object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| gaGlobal number| ampAdPageCorrelator object| IMUIDPushed object| IMUIDRequest object| cmTag function| quantserve function| __qc object| ezt object| _qoptions object| lift_widget undefined| google_measure_js_timing object| IMUID object| _cm_wfCounters string| lastWfUrl object| listeningFors number| 3pla object| google_reactive_ads_global_state boolean| noPreviewPage object| dataLayer function| gtag object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_tag_manager function| onYouTubeIframeAPIReady function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| regeneratorRuntime function| webpackHotUpdate function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist string| vpaidId function| OvaMediaPlayer object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

143 Cookies

Domain/Path Name / Value
.taboola.com/palmate-bg3co/ Name: taboola_session_id
Value: v2_596bfad4ed47a58134d0b5933af0d313_7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058_1684581080_1684581081_CNawjgYQ2YJdGLK87caDMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB
.3lift.com/sync Name: sync
Value: CgoIoQEQwfXtxoMxCgoI4gEQwfXtxoMxCgoI5gEQwfXtxoMxCgoIhwIQwfXtxoMxCgkICRDB9e3GgzEKCQg6EMH17caDMQoJCAsQwfXtxoMxCgoIjAIQwfXtxoMxCgkIXxDB9e3GgzEKCQgfEMH17caDMQ==
.scorecardresearch.com/ Name: UID
Value: 1AD843eeed99801e8d5f6ca1684581080
www.bg3.co/ Name: __AP_SESSION__
Value: 2a58fda6-6022-4b8a-9181-3d596c017615
.taboola.com/ Name: t_gid
Value: 7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: f61626ad-6413-4065-9a3a-c19e0c958fac
.logly.co.jp/ Name: uid
Value: MVXleWlkuuc4M2S3r5x3_pUsPls
.aralego.com/ Name: sspid
Value: 6c09fd61-c9ee-32df-8f2a-ee952b930fbc
.www.bg3.co/ Name: _im_vid
Value: 01H0WDPS2C8W0J99JZD83854FA
.openx.net/ Name: i
Value: f61626ad-6413-4065-9a3a-c19e0c958fac|1684581082
.omnitagjs.com/ Name: ayl_visitor
Value: 7b05921ae7d8bdde33c55db552741a80
www.bg3.co/ Name: _ublock
Value: 1
.teads.tv/ Name: tt_viewer
Value: a8588138-7bf6-4a4c-be56-4b1b4d20619b
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw2tWiowY4AUABSAEQ2tWiowYYAA..
.adnxs.com/ Name: uuid2
Value: 7208176026121394406
.quantserve.com/ Name: mc
Value: 6468aada-89564-2471f-7d159
.bg3.co/ Name: __qca
Value: P0-887792277-1684581082027
.adsrvr.org/ Name: TDID
Value: 7fc38604-7561-40d5-8fc3-88b242d19c34
.yahoo.com/ Name: A3
Value: d=AQABBNqqaGQCEPwYYkTa4usF5R8IuwWJ7eEFEgEBAQH8aWRyZEfWPzIB_eMAAA&S=AQAAAvi5C1_s0cwJ0bpqYgEo-6A
.bg3.co/ Name: _ga
Value: GA1.1.672143067.1684581084
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1684581083.1.0.1684581083.0.0.0
.logly.co.jp/ Name: f
Value: lURERgMAAACxEdPd_P___4FMAwBhAyiiAQBhA4NMAwBjA4JMAwBiA4VMAwBlA-GGAwBlAw
.logly.co.jp/ Name: dmps
Value: %7B%221%22%3A%7B%22synced_at%22%3A1684581083%7D%2C%222%22%3A%7B%22synced_at%22%3A1684581083%7D%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUnUxKeT9SlAHUHMWIFtlD3I1b32Ifkf-v80-Uas-VUjb33O2Ok5ilTOdBp3bWo
.bg3.co/ Name: __gads
Value: ID=0dde64cb6805d0a4-22e09e42dddd001e:T=1684581083:RT=1684581083:S=ALNI_Mb9X6z_M0JrDCdwvl9CaIU2bGmJ3w
.bg3.co/ Name: __gpi
Value: UID=00000c189c9158a5:T=1684581083:RT=1684581083:S=ALNI_MbJ8l478G6Hvsqgh37sOGDiV-WBHA
.bidswitch.net/ Name: tuuid
Value: 96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e
.bidswitch.net/ Name: c
Value: 1684581084
.bidswitch.net/ Name: tuuid_lu
Value: 1684581084
.socdm.com/ Name: SOC
Value: ZGiq3MCo8YsAALzyuQcAAAAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTuu!M<6!]tbPl1M>e)ZlrFUfJ+tGXxoDM^?]<>REcK@p867TBfs<UB)_Uc?0?CQae[o3If)y3KL9D3I?+DdaW#0
.casalemedia.com/ Name: CMPS
Value: 2192
.casalemedia.com/ Name: CMPRO
Value: 2192
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: ZGiq3DjU40k.X6Q0gow1ywAA
.smartadserver.com/ Name: pid
Value: 108428236549357317
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FF851B1E-3076-4F34-B053-18BE2FDCBAA8
.im-apps.net/ Name: imid_secure
Value: jTWL5rlLQjK7CGZ9IO7Cng
.im-apps.net/ Name: imid_created_secure
Value: 1684581085
.contextweb.com/ Name: V
Value: QWNblvK6VZsO
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a5d69b7dba3ea805
.linkedin.com/ Name: bcookie
Value: "v=2&27536131-3263-4fd8-8ff1-07c7494ea5fe"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2974:u=1:x=1:i=1684581085:t=1684667485:v=2:sig=AQHOTA85aQGG4ty2BGk7PQ3mnm3DVfm5"
.criteo.com/ Name: uid
Value: f7062fdb-10b3-4349-8439-504c96000fa8
.adform.net/ Name: C
Value: 1
.rubiconproject.com/ Name: khaos
Value: LHVW306E-12-9PM4
.adform.net/ Name: uid
Value: 5193034627608884685
.mathtag.com/ Name: uuid
Value: ff616468-aadf-4e00-b282-69fbe17f5561
.3lift.com/ Name: tluid
Value: 3382440496128695587787
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 39515743-4704-528c-a7dc-61fdc3b4cb23
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZGiq3gANaZhIBR1p8XazxSeMpTTXnE1NBmJd8A==
.id5-sync.com/ Name: id5
Value: 8372b233-9610-75ff-9fd7-fdce38d5538d#1684581086917#2
.id5-sync.com/ Name: callback
Value:
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f118b6a9-2026-55d6-5087-02b88043e06b.LM3a9IbTZudZlB45zTDrQ2gP2YzoamHxdyCA6lJDdmI
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A8Ri2qSAmVdZQhwK4gEPga1vvzpY.RMvga8gepQ0mTg7vlqbOZlkODG%2Fyxr4jVfIi1rmxqDM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A8Ri2qSAmVdZQhwK4gEPga1vvzpY.RMvga8gepQ0mTg7vlqbOZlkODG%2Fyxr4jVfIi1rmxqDM
.adx.opera.com/ Name: UID
Value: OPUa83fca3421f14c4aa400754e8f4913aa
.amazon-adsystem.com/ Name: ad-id
Value: A6MnVQayEEffm2nmQCkk50Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.openx.net/ Name: pd
Value: v2|1684581087|gekin0vNiygu
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%227fc38604-7561-40d5-8fc3-88b242d19c34%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-20T11%3A11%3A27%22%7D
.openx.net/ Name: univ_id
Value: 537072971|7fc38604-7561-40d5-8fc3-88b242d19c34|1684581088305562
.media.net/ Name: data-g
Value: CAESEKSbA0yu-ytzHRcWB0FniOc~~3
.logly.co.jp/ Name: rtbs
Value: %7B%22pubmatic%22%3A%7B%22synced_at%22%3A1684581088%7D%7D
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: afe268f8acf791be5188634701323e07
.creative-serving.com/ Name: tuuid
Value: 96341a79-5240-46ee-9aee-113efca37709
.creative-serving.com/ Name: c
Value: 1684581088
.creative-serving.com/ Name: tuuid_lu
Value: 1684581089
.inmobi.com/ Name: idsp_c
Value: be2586ba-b8d1-4dfa-b1ef-1fc8790a7558
.metadsp.co.uk/ Name: ruuid
Value: 2199b558-da5e-44b6-832f-101a308b5b95
.metadsp.co.uk/ Name: c
Value: 1684581089
.metadsp.co.uk/ Name: ruuid_lu
Value: 1684581089
.mathtag.com/ Name: mt_mop
Value: 4:1684581090
.mfadsrvr.com/ Name: tuuid
Value: 09f399e4-c6e0-4493-b1a9-5aac0861555e
.mfadsrvr.com/ Name: c
Value: 1684581089
.mfadsrvr.com/ Name: tuuid_lu
Value: 1684581089
.zemanta.com/ Name: zuid
Value: HXYMEbQh5-OVBVfp6wcH
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.demdex.net/ Name: demdex
Value: 08824236776112981773841656358166746996
.bluekai.com/ Name: bku
Value: ikG99mv3SsusiBxs
.dpm.demdex.net/ Name: dpm
Value: 08824236776112981773841656358166746996
.gumgum.com/ Name: vst
Value: e_46c5d185-140f-403c-803c-9934d8a546ee
.adscale.de/ Name: uu
Value: 58de722828b344bea7086abb3aff19da
.adscale.de/ Name: cct
Value: 1684581091465
.media.net/ Name: visitor-id
Value: 3275826914264604000V10
.onetag-sys.com/ Name: OTP
Value: --3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 6a0725af-17bc-4465-80cb-9bf2331641d5
.prebid.a-mo.net/ Name: sd_amuid2
Value: 6a0725af-17bc-4465-80cb-9bf2331641d5
.id5-sync.com/ Name: 3pi
Value: 3#1684581087319#445438549#ff616468-aadf-4e00-b282-69fbe17f5561|19#1684581088747#-212080119#afe268f8acf791be5188634701323e07|485#1684581090695#1306796442|264#1684581087647#-424952963#7fc38604-7561-40d5-8fc3-88b242d19c34|441#1684581091353#-26802610#e_46c5d185-140f-403c-803c-9934d8a546ee|1132#1684581091672#1835010839|285#1684581087941#-674252282#LHVW306E-12-9PM4
.impact-ad.jp/ Name: tuuid
Value: 4f66ab15-11c1-45f9-8e18-056763ba3968
.mfadsrvr.com/ Name: ssh
Value: !medianet,1684581091!taboola,1684581089
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cx~2bqz:194o~2bqz"
.pubmatic.com/ Name: pi
Value: 159706:3
.servenobid.com/ Name: pid_318
Value: eH6DToD106tEipBepHBuyLyR5KYFBvO7DM9qk_bQYIY
.servenobid.com/ Name: pid_337
Value: y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
.servenobid.com/ Name: pid_312
Value: 7208176026121394406
.servenobid.com/ Name: pid_317
Value: 108428236549357317
.servenobid.com/ Name: pid_339
Value: y-7sRxPPNE2uGrNB1Ol0jAWzkp3HOX93lX_ySnP.k-~A
.media.net/ Name: data-o
Value: ed96706b-6694-4572-a3a3-7718da5d2e8d~~8
.media.net/ Name: data-mm
Value: ff616468-aadf-4e00-b282-69fbe17f5561~~8
.rubiconproject.com/ Name: audit
Value: 1|fgiBqxgHH8D/g17as7za03Nh1+wsc6ZgCBm2XTKmclPtQKxMlrvSDofS3jQvHINnSh67/RRMcqHqFTrNE4+z9k1id1yxWjzFQL6tE+uyZ7k4R0ZTzlIE6sR35sLwbc3o0t4i1Iq21d0=
.media.net/ Name: data-mf
Value: 09f399e4-c6e0-4493-b1a9-5aac0861555e~~1
.media.net/ Name: data-c
Value: f7062fdb-10b3-4349-8439-504c96000fa8~~1
.media.net/ Name: data-c-ts
Value: 1684581091
.media.net/ Name: data-ttd
Value: 7fc38604-7561-40d5-8fc3-88b242d19c34~~1
.media.net/ Name: data-a
Value: 7208176026121394406~~8
match.sharethrough.com/ Name: AWSALBCORS
Value: YQLavPxlJKjr6oajtYeDuwgTwzrbExiFzb+QbfDiwqAUnlFpxHsQaiTLakwJTdWa8aefdmUVNxEN9m/hI5qGxEG5Te0Mfnn4w0Kmy4tXgJqtQX8TW7sqQzjXPCWQ
.smartadserver.com/ Name: csync
Value: 75:7fc38604-7561-40d5-8fc3-88b242d19c34|107:7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058
.servenobid.com/ Name: pid_333
Value: ZGiq3DjU40k-X6Q0gow1ywAACJAAAAIB
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMesy4evnQ_XBFQdWUswQcA&KRTB&22987-CAESEMesy4evnQ_XBFQdWUswQcA&KRTB&23025-CAESEMesy4evnQ_XBFQdWUswQcA&KRTB&23386-CAESEMesy4evnQ_XBFQdWUswQcA
.pubmatic.com/ Name: PugT
Value: 1684581092
.media.net/ Name: data-bs
Value: 96f4eb3b-2bee-4b97-b6d0-d28d23bcf17e~~1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1685750400%3A21_13_220
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^1^0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.w55c.net/ Name: wfivefivec
Value: GnHNNGy41Q0kuM5
.servenobid.com/ Name: pid_309
Value: e_46c5d185-140f-403c-803c-9934d8a546ee
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCK7p_ryfy-w7EAUSFQoGY2FzYWxlEgsI9uCW_Z_L7DsQBRgBIAEoAjILCKL7kq22y-w7EAU4AVoGZ3VtZ3VtYAI.
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kou|5Ql.0.7d7f6cec-20e5-4c3e-8cfe-6e45422f7439-tuctb623058|7bq.0.1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGiq5AALa-2qkwAn
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-xu
Value: GnHNNGy41Q0kuM5~~8
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.audrte.com/ Name: arcki2
Value: 92i9Ev3AWk5R-iIKT7CbFT1QA!20220908!1684581092800!ip#91.239.206.150
.audrte.com/ Name: arcki2_ddp2
Value: 92i9Ev3AWk5R-iIKT7CbFT1QA!20220908!1684581093186
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.servenobid.com/ Name: pid_353
Value: 3275826914264604000V10
.brand-display.com/ Name: _knxq_
Value: 82197827-6e83-0d1a-0083d161.1684581093.0.1684581093.1684581093

33 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202202/c08ceb7d1df0581b91a52c02b2662032.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/286170918e27e21270112e97afc92d91.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ee6ab2ca802eef031448821870beffc4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202111/ba877cbd8734dbca67656192d6869ddf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/9f35c3b104d658a8a5a8419e2a722f10.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202205/d274ae92da504786aa3076598efe823e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5ad15567d45411d5a4c20e7083159619.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/87dc9530c0777dc5b7dd5c9c45572eea.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/dafbcc48b20dd55d99d006babb3c01ec.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/51d79b2a891cdeac828fd7ed215d5bf3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/fbd4a0f3e0fb11da895d3a63d5a618de.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/fbbe76aca7804953359ba2f29f5505b3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/4b373f70b87ab65f7ff653b5d5bf0c28.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202204/13de079290efc47f9c5ca3ee4e680e06.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3be016f3bcd694e1b9a125f5a35de0c4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/823e66a0c79d9d8349201f2120f4f853.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202205/3394fa6d010bc1c665a9ac760976478d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/33cdb6e5792635bc114a8c1fe3087156.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e3b97bb8cd6cc7684a189ca27e481995.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3f37cc02386db7cd29fcf0c47d60cc54.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/42753/L2Evd3UtemhlLXl1YW4teW91LWppYW4tY3VvLXNoYW5nLTV5dWUtZ3VpLWR1aS15b3Uta3VuLW5hbi13YW5nLWppYW4tbWluLXd1LWZhLXl1LWd1LXNoaS1qaWFuLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.google.com/recaptcha/api2/aframe
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://www.google.com/recaptcha/api2/aframe
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=2152568021&adf=552093736&pi=t.ma~as.9099904862&w=300&lmt=1684581086&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230307%2FnyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684581085650&bpp=4&bdt=253&idt=359&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&correlator=7039889998614&frm=8&ife=1&pv=2&ga_vid=1448893137.1684581086&ga_sid=1684581086&ga_hid=1695692975&ga_fc=0&nhd=3&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1851353548&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788441%2C44789779&oid=2&pvsid=862713920363506&tmod=1924007829&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lhkrro460jfl&fsb=1&dtd=383
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.google.com/recaptcha/api2/aframe
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://www.google.com/recaptcha/api2/aframe
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Message:
Mixed Content: The page at 'https://onetag-sys.com/usync/?pubId=5adb88524e24e50' was loaded over HTTPS, but requested an insecure element 'http://sync.adkernel.com/user-sync?zone=175005&r=--3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.adkernel.com/user-sync?zone=175005&r=--3a6fpnTaxh2r5pvE2N-YQBPk2TACIhYv8YnTIfd2w
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1aa115841f28291ebd7590ab61c77aae.safeframe.googlesyndication.com
96b20f8e90d389581d4201d324a7b64d.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a5a9e05c3d503dc896acb6ce715109e5.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.sitemaji.com
ad.turn.com
ade.googlesyndication.com
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.ge
adx.holmesmind.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
audiencedata.im-apps.net
aw.dw.impact-ad.jp
b.logly.co.jp
b1sync.zemanta.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
c.bing.com
c1.adform.net
c21lg-d.media.net
campaign.adpushup.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.iqzone.com
cs.media.net
csi.gstatic.com
d-3510923640969853414.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.im-apps.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
ih.adscale.de
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
l.logly.co.jp
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mweb.ck.inmobi.com
nt.compass-fit.jp
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
px.ads.linkedin.com
r5---sn-4g5lzney.c.2mdn.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
stats.g.doubleclick.net
sync-dmp.aura-dsp.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.im-apps.net
sync.inmobi.com
sync.logly.co.jp
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
am-wf.taboola.com
c.bing.com
ce.lijit.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.iqzone.com
dsum.casalemedia.com
fastlane.rubiconproject.com
match.360yield.com
match.deepintent.com
match.prod.bidr.io
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
secure-assets.rubiconproject.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
stats.g.doubleclick.net
sync-dmp.aura-dsp.com
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
um.simpli.fi
usersync.gumgum.com
x.bidswitch.net
104.111.217.14
104.111.217.42
104.18.10.47
104.18.11.47
104.18.24.185
108.138.36.116
124.146.215.52
13.107.42.14
13.248.245.213
141.226.228.48
141.226.230.50
142.250.181.226
142.250.184.194
142.250.184.202
142.250.184.226
142.250.185.163
142.250.185.198
142.250.185.206
142.250.185.226
142.250.185.230
142.250.186.104
142.250.186.110
142.250.186.129
142.250.186.130
142.250.186.132
142.250.186.138
142.250.186.163
142.250.186.34
142.250.186.98
147.75.84.158
151.101.129.44
151.101.130.49
151.101.193.229
151.101.193.44
152.199.21.175
162.19.138.117
162.210.196.208
172.217.15.227
172.217.16.129
172.217.16.194
172.217.18.97
172.67.71.254
178.250.1.11
178.250.7.10
178.250.7.11
178.250.7.2
18.200.158.45
18.66.192.59
185.106.33.48
185.255.84.150
185.29.132.241
185.64.189.110
185.64.190.79
185.64.190.80
185.80.39.216
185.86.138.122
185.86.139.104
188.114.97.3
188.42.196.115
192.96.203.13
198.148.27.139
198.47.127.20
2.16.187.154
2.18.232.7
2.18.235.93
2.21.20.216
2.21.20.220
20.127.253.7
20.85.134.6
216.52.2.91
23.35.228.23
23.35.236.188
23.36.163.114
23.37.42.132
23.97.225.52
3.114.156.25
3.122.133.176
3.126.204.27
3.213.75.244
3.221.215.100
3.233.156.15
3.70.58.251
3.71.149.231
34.107.148.139
34.111.151.213
34.120.96.193
34.241.150.186
34.243.85.78
35.156.245.203
35.157.221.247
35.158.249.108
35.186.215.140
35.186.254.217
35.208.249.213
35.210.239.72
35.244.159.8
35.244.174.68
35.71.131.137
37.157.5.84
37.157.6.254
37.252.171.85
50.31.142.223
51.38.120.206
52.193.119.46
52.210.15.1
52.213.50.95
52.22.241.33
52.31.89.240
52.46.143.56
52.57.203.214
52.59.143.68
52.68.118.121
54.73.231.79
54.93.152.195
64.233.166.156
69.16.175.42
69.173.144.138
69.173.144.139
69.173.144.165
74.125.163.138
77.245.57.72
8.43.72.98
82.145.213.8
84.17.37.44
91.228.74.251
99.84.88.111
99.84.88.25
99.84.88.85
00397d7c58b513c5dcf3d64bd75e21e943e50694ccb8fab4d8cedd73720856bf
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
012674dc83fa4032d4098f533f67ad4ea4ad3cb2427a2d1f7d0caf9d3b5e1fc9
01365e94112a5e7fecb82c5c378f9091fc426df1c6d033732f0ad90559db7686
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
05115587db562efc0f5f5e733fafac1412dfbf5c15541f06d66432cc557a3d2e
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06118facd8482fe4d331275942eb2752a187d7bcefc50542fc6e27cb79a2f6d2
09a68992ad29d201e9df1c7257e25528219c03bc00a5dde8a5b3cb05a022dfd4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0ca78e8d1923a071bc5fa4b68044bc5644a11b856668a24814f1e9a56e9bf8d0
0f32971c896f5bab26d9d8ca473110551e9e953402b4e613e412d546ea83adee
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
161a208b4f3f782a738c5944429c45740492da21bddaa04c5b264d0a7602266d
16b2b05c6abc8dd6b0a211db446b5a17aef25c53e415b5da1b875564836e62d0
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1af76e7274ffb7314859eb09744d6fa60e9d632993f525765e390d27bb5e49e5
1b50e72591217e54a96293a284b44fbdea71268f02145c6e6553552f939887b0
1bc7eaf43db99796ffd670eda154adfe69aa0e02d669a8275ee2a70f9eb81c75
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c9ece454c486d93962d0c5defd04da41bbf7d347e047f466cb7425937f42fd6
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e0965136e734301a52949c28baca0805656c2f10c760df1bff1f1c77adca2f2
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fe6c698f3509d1442675bf789a469b6ddc844abcf1c71af2dfe461448713742
21adbd9855d01161edc3c526b05b54c5d2658a01777ff5abdc8746c8fc723ed1
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
24fe78f1280f51c6051b193b5649f2501922d573c810cc60e330e26e8438b6a1
259481fa6cfdf7020f1881da103ea0c9b7b0cdaa973b540a38562610b431fc89
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3
29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0
2f7543fd54b7cab9379b4a6ef40d5d59af2e868934b8f6de0d2b1adea98f692e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
35dbe214d2a3fbbc7e95172f3a00192977d0099651af55aa330c76d332ab0add
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36c56abb3a3e0a2ef3bbbbba296ba7e3dff812bd5c8050ab74685bb789a8d484
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b2412c92ac56bdfe32a796d0cafa2f797d5bd0e80351b7e80d4aafbd09e0427
3bfd065cc42038eba4a51521380c7cdd5d89ed13b8f8ee3b22baa32f2d468326
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df5a309d69a7d7481f99c2cb6f85dd22ccd6f42016bf89a0226ce78538d6199
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f9e57497ff37a008ecac1a2524251cc0c75b2f354d7333aae80fa8cfa5f96f9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4189eed67d24cf577ee7521b01980c1c76874f2ca7830c761b383215656230b3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d776cab666181215882c7692bade7bd3cd738856172cab6d85e65b316f96d0
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4692f47f2fbf07c28918ae70ef519aae13d60663afb6f8158d9e5b6ca1a44c92
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4828793dbfe423b1f7fe0d4c8ddc94b2b991f5ecc76abf928a7a1e7520d15f7b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da2872473cf32bbc42de664d1b0aece2263bff56a204f67dcfc9333518a7db8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51141fdaf300b23f8eb037a6ec85982fa7e33eb86c558b1d462f4988a5c950a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560de84bde703bd5194d58791b824cc66d9ecfa47addccbd82de7c2a38d603fb
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57c2b34881b14e9d3170a854e304c3e3b8f28719cf03dd5545bb957def09ce56
5952c759130dba7a3d22c2740c2817388dee40c5f9b88b300ab8df1cb93be278
59916c15c2eb4efa1418f3d26993fe3fec89b719f4907e8d37958537a9a276d4
5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151
5e55ca76e105c30a8de2bd2b139abc4fdfa427006463089b50cc1b10b239129b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624fc537b617ef8b2fb6264fa347bf39b15e6b92c36516de26f46f1587eafc63
64fe1cd2df988e40114383f92afc3a2e7bba49fee4b145e73ca6cceffe8702b7
65046c9819cc57684d99ae31cc35a7f96c81a311ea36f370e4a9c0205706d248
662725f1aae2b78dd369282bfbed3f8ad4bb50fd18970aec8f1007cf00a1c8d5
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
71de0be3264880e3cb26b02330551d49f2b261bef9892cbb39e85a8013910869
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7dde46ac8d0880a2b4fc7f5342eb3c7efe1604e7b32ee9a290118e3479fe9627
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861fb4453abee6bec70ec05d06e73b1d65f81bdad7297d5acaee0f0a730df9c0
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87007460f5c697c268a3f71c3c5a319b4aed585b75cbfd764c34c78f6d3ce921
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1
8d96a1d8caa34a5136c1fe99e78556d70623dbcdedcff0e1c38f9db23b092ba1
9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01
914f0cdf54fddaf56a9ef61506418a941ae89ad4bffdb98af8d50acbd355f827
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94957da364e739aba584949d72be3ee09b752b416bd0fcdc5765fd48e692a81c
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
966a2a4189d9f8c8f34fdde94f941f1618ff8445b3eba3e0fd6bbe3a2408dcd5
9696b636e904e9c69e51a3be3abbf6ce3f7b1b5417431efa74b4988e60d53b47
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad0e6be048a6d763379283d4aa0ea3f9706ea47dbe60063d8a5aff0293e377c
9b429d417d7447514919be6691465c69af439790a930527623019690e5886d1c
9b4ddda16364d41b44d0e83b2b9f60d1e810d96f9e9078c1a5fae8e16e497b88
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9cb1ec1a1efc437616bfe72c8c5401c84b43d973822b9eea8fabcb654fa2f764
9da32205478006344444fa754fdc218f8e5a8b3643fecfa546202d8e1cb2d771
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9ea369b57f0c666e908689cd3d672a6636958094d2d1bf6620cb2de468ffdcd2
9f8436738716d8dc738dbdb896a1634ce8bc9403d2a70e13d32b64d1766ee50d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04b6f99dfd08d94e05473f2d4a3e32aaac9e16f601a7370cee53800ac026647
a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a331d9311833e80e38a6effd35377104f285da3ed2be1b8ed6cf727f5763879c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a68421f97f1c5e283f909fbeb604fc4cc4c72c0c78a372586a85ac564d872f32
a6df0e124cffd75e846fd150e18e0cad6c841301ae28d8b57d160a0da18ae41e
a7b958b16766e2d065831d51a18cd17dee4909daa683df12c683c5fd1d493342
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a95d8cccc868d5be4737b00adcb0e2433f243e0de65042049220174a0074738f
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9cac781c49705b59a61d830e69d6ef3960aae8bb5e5e8dde06a4806a31b2abf
a9d6002ac9eea901ab77d388ba3c13ef637bf37f69f3c9218fe04ea937a038c5
ab4266600b823643b3d20790a09c7b6bc2924e1922bcc05dbdfbaa003fc31577
ac49bfb8ff20c40d41494eee72b6660d342e903179ef5aefe131e04f7addcaee
ac6b4ad9644408e73ea33c760ebcc96cc0b95d838f0a4ad1294f722153381463
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b068650efadf5a6b0251aee8bf9b4f8507a1910e135fcc4104c1f7ad1112c5ec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b148a591bc830af03e8b2a5528d71c510cce7b8831071ed7b931a1d69e24d813
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b5218ca2461969488b35f4b65ec24ab9fb02017c18de8cb8e336a14b256f19c6
b62df2003fd844cec94c8bcfa0ab38549da9ccbf4ea5a96d4b88d25be381def4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc5d5c8cc50cf0377951ada6a7602f54ea87fc0014898d6f80d1be2b7273ef2b
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
be0ca15f5073bed54f80c57ecf0c6331876bbc9237f60637fe14f480c5a4db15
c1173e6be2990b14770cb9d33f323a9b0642597cdd8ba7ef22d3be8c8a00b6c8
c11a0a8024a93ad645ce69ca93cfa8bd0054ae75f5ca36a24e1e448257d5dab8
c1d46522ddbd1ae1514ee724543008a1c8021e2a2bf16c3df46f4d4b3a1281f8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c33a270d2d88185096c9bfd79150c6289194683ed931f6830546332cdf0b5cb0
c489134cd8282e379ab7e6aa10e0292038bd696b17554fd03251b59d1a840bdd
c81985e3508924a51945839a417b1268ee98099245d2bd089fda2ca8a1e4dfb3
cabb27d889cb4b70a46e5f9817dc105d9938b381e7e2e90e96d801467ac60eca
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cff9f4093941390dbe9101c632e486c43a306a85864315ba12ba6ecd030294f5
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d126806fb8446a0c0a359295c6706b4e82c2de595c5dab9505b82b2e76f2e33e
d2f9d48bf5d1d34c1b8d7957ee6edf9916cd78f2929e9e052ba04610b6a54bea
d38f3198d5f06ef2bb9eba83b819ceccd0f7c68287455406902c6f14db9a984c
d7e79e05f378e7ee1eaf703981ac7f5ac32c4c410b2084c2e270a26d88b52ff1
dbbc8f98e685c868ce6a5a35d5f42aa6cc8b30647e81fce34ae1792b1019054a
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e161db137b9daa02046cd296efa27dc01e310ab95d752c238e19b5189c8549a3
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ba3d02f9d3c3f0464ef66d1be9ee41c48478fd53387c9de63a7b1494fe5b1
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4958cbc277e39f969f380fd8a688035268f1208f3ba0a1bf2bc7b59dd0e3b20
e651de0e4fe3a67ecc4e9f8c0cf02985c2451e8cd4a237b823be52051d0ced55
e82579c7719e508e943bb982cbe82945941dbdc5e67b2f3364e37a55b276296d
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
edcfddd81e044f1f01beb69b5224a8a3f9913a456a06c4025b97458c40c3b677
ee7b0cfe33115d9b538b71f3978f09cdcf6c181bd6de315b535671bfa3f40797
ef0ce8db3461ab019cb679566fa84fa277c98db88efc9e2d6d9fb7109cd6e6fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3af4e8491d6df0346d39b0d4d9d101ab92e19ec8854bb7416066bcdfd206c49
f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f87ae44c44b78265bdc71514ec40bb77c440abf5c96f0350a4dcff813dee9f39
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc653c4813fc32811b9dad4bc9f4a717c15a7426c878709a45799d74f8c6683b
fd1e988c31d1963cd1d2813571485232a6687e960466a86ca4cd3d8eef72ab8f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e