xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page Open in urlscan Pro Puny
th-th1127044-แพทย-หญิง-สาวินี-บ.contact.page IDN
3.6.30.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Submission: On July 25 via manual (July 25th 2023, 8:40:52 am UTC) from AE — Scanned from GE

Summary HTTP 254 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 62 IPs in 10 countries across 49 domains to perform 254 HTTP transactions. The main IP is 3.6.30.125, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page.
TLS certificate: Issued by R3 on May 8th 2023. Valid for: 3 months.

This is the only time xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.6.30.125 3.6.30.125	16509 (AMAZON-02) (AMAZON-02)
2	18.66.107.220 18.66.107.220	16509 (AMAZON-02) (AMAZON-02)
16	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	18.173.154.117 18.173.154.117	16509 (AMAZON-02) (AMAZON-02)
1	23.53.42.179 23.53.42.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
4	50.16.166.217 50.16.166.217	14618 (AMAZON-AES) (AMAZON-AES)
5	18.196.193.247 18.196.193.247	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
14	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
2	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
4	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2.18.162.159 2.18.162.159	16625 (AKAMAI-AS) (AKAMAI-AS)
1	169.150.247.36 169.150.247.36	60068 (CDN77 ^_^) (CDN77 ^_^)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	18.66.123.194 18.66.123.194	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.7.2 178.250.7.2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
4	185.59.220.198 185.59.220.198	60068 (CDN77 ^_^) (CDN77 ^_^)
4	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2	54.72.84.52 54.72.84.52	16509 (AMAZON-02) (AMAZON-02)
2 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	3.222.55.84 3.222.55.84	14618 (AMAZON-AES) (AMAZON-AES)
5	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
35	216.58.212.161 216.58.212.161	15169 (GOOGLE) (GOOGLE)
7	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
25	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
4 11	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	143.204.98.4 143.204.98.4	16509 (AMAZON-02) (AMAZON-02)
1 1	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.52.120.246 23.52.120.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	100.26.7.25 100.26.7.25	14618 (AMAZON-AES) (AMAZON-AES)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 4	54.239.33.158 54.239.33.158	16509 (AMAZON-02) (AMAZON-02)
6 17	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
21	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	192.178.49.3 192.178.49.3	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
4 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
6	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	34.240.83.116 34.240.83.116	16509 (AMAZON-02) (AMAZON-02)
3 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.55.175 18.197.55.175	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.209.25.174 3.209.25.174	14618 (AMAZON-AES) (AMAZON-AES)
1	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	34.255.212.168 34.255.212.168	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	3.208.150.184 3.208.150.184	14618 (AMAZON-AES) (AMAZON-AES)
1 1	176.122.21.226 176.122.21.226	() ()
1	195.181.170.18 195.181.170.18	() ()
254	62

1 3.6.30.125 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-6-30-125.ap-south-1.compute.amazonaws.com

xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.107.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-220.fra56.r.cloudfront.net

d3byk4ol5wi3iq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-117.muc50.r.cloudfront.net

c.pubguru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.42.179 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-179.deploy.static.akamaitechnologies.com

tg1.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.166.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-166-217.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.196.193.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-193-247.eu-central-1.compute.amazonaws.com

a3.pubguru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.162.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-162-159.deploy.static.akamaitechnologies.com

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.36 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-36.datapacket.com

cdn.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.123.194 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-194.fra60.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-59-220-198.bunnyinfra.net

feed.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.84.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.55.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-55-84.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.132 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net

cdn.pubguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.211.47 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.26.7.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-7-25.compute-1.amazonaws.com

s2s.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.239.33.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.18.2 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.178.49.3 (United States)

ASN15169 (GOOGLE, US)
PTR: phx18s08-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.83.116 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-83-116.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.55.175 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-55-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.25.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-25-174.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.212.168 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-212-168.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.150.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-150-184.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.226 (None, ) 1 redirects

ASN- ()

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.170.18 (None, )

ASN- ()

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153 pagead2.googlesyndication.com — Cisco Umbrella Rank: 134	382 KB
42	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354	352 KB
25	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 438	546 KB
25	google.com 4 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1746 www.google.com — Cisco Umbrella Rank: 3	62 KB
14	rubiconproject.com 8 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1164 eus.rubiconproject.com — Cisco Umbrella Rank: 623 token.rubiconproject.com — Cisco Umbrella Rank: 616 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1198 pixel.rubiconproject.com — Cisco Umbrella Rank: 388	18 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	132 KB
8	aniview.com track1.aniview.com — Cisco Umbrella Rank: 1793 player.aniview.com — Cisco Umbrella Rank: 1687 go1.aniview.com — Cisco Umbrella Rank: 5894 s2s.aniview.com — Cisco Umbrella Rank: 3202 sync.aniview.com — Cisco Umbrella Rank: 1870	131 KB
7	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1525 google-bidout-d.openx.net — Cisco Umbrella Rank: 1519 eu-u.openx.net — Cisco Umbrella Rank: 2635 us-u.openx.net — Cisco Umbrella Rank: 491 rtb.openx.net — Cisco Umbrella Rank: 861	2 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 317	487 KB
6	playstream.media tg1.playstream.media — Cisco Umbrella Rank: 55916 cdn.playstream.media — Cisco Umbrella Rank: 83312 feed.playstream.media — Cisco Umbrella Rank: 74639	3 MB
6	pubguru.net c.pubguru.net — Cisco Umbrella Rank: 50419 a3.pubguru.net — Cisco Umbrella Rank: 25794	208 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	4 KB
5	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106 s.amazon-adsystem.com — Cisco Umbrella Rank: 319	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	6 KB
5	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 13740 track1.avplayer.com — Cisco Umbrella Rank: 16339	390 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 323 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
4	criteo.com gum.criteo.com — Cisco Umbrella Rank: 437	7 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 845 id5-sync.com — Cisco Umbrella Rank: 439	27 KB
4	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1771	3 KB
4	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 567 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 590 t.pubmatic.com — Cisco Umbrella Rank: 2882 image6.pubmatic.com Failed	85 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 384	2 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1038 id.crwdcntrl.net — Cisco Umbrella Rank: 2976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 881	13 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	140 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 355	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 610	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1637	360 B
2	cloudfront.net d3byk4ol5wi3iq.cloudfront.net	15 KB
1	vidoomy.com vid.vidoomy.com vpaid.vidoomy.com Failed	18 KB
1	adlook.me 1 redirects ads.adlook.me	325 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 385	516 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 681	596 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2875	550 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2149	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 43292	607 B
1	pubguru.com cdn.pubguru.com — Cisco Umbrella Rank: 51264	21 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1115	452 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 605	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1618	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1648	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1651	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 378	878 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	87 KB
1	contact.page xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page	9 KB
0	adhigh.net Failed px.adhigh.net Failed
0	avct.cloud Failed ads.avct.cloud Failed
0	rlcdn.com Failed api.rlcdn.com Failed
0	33across.com Failed lexicon.33across.com Failed
0	Failed function sub() { [native code] }. Failed
254	49

	Domain	Requested by
35	tpc.googlesyndication.com	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com
25	cdn.ampproject.org	securepubads.g.doubleclick.net
21	pagead2.googlesyndication.com	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page securepubads.g.doubleclick.net 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	cm.g.doubleclick.net	6 redirects google-bidout-d.openx.net googleads.g.doubleclick.net 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
16	securepubads.g.doubleclick.net	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page securepubads.g.doubleclick.net 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
14	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
11	www.google.com	4 redirects xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com pagead2.googlesyndication.com
6	s0.2mdn.net	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page s0.2mdn.net
5	pixel.rubiconproject.com	2 redirects xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
5	token.rubiconproject.com	4 redirects xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	csi.gstatic.com	securepubads.g.doubleclick.net
5	fonts.googleapis.com	4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page securepubads.g.doubleclick.net
5	a3.pubguru.net	c.pubguru.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	aax-eu.amazon-adsystem.com	2 redirects google-bidout-d.openx.net xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
4	fonts.gstatic.com	fonts.googleapis.com
4	gum.criteo.com	ads.pubmatic.com static.criteo.net gum.criteo.com
4	feed.playstream.media	player.avplayer.com
4	ads.betweendigital.com	c.pubguru.net ads.betweendigital.com
4	track1.aniview.com	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page player.aniview.com
4	player.avplayer.com	tg1.playstream.media player.avplayer.com xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
3	ups.analytics.yahoo.com	3 redirects
3	www.gstatic.com	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
3	match.adsrvr.org	2 redirects ads.pubmatic.com
3	id5-sync.com	ads.pubmatic.com cdn.id5-sync.com
3	4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagservices.com	c.pubguru.net xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
2	x.bidswitch.net	2 redirects
2	us-u.openx.net	google-bidout-d.openx.net
2	c1.adform.net	2 redirects
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
2	ads.pubmatic.com	c.pubguru.net
2	d3byk4ol5wi3iq.cloudfront.net	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
1	vid.vidoomy.com	ads.betweendigital.com
1	ads.adlook.me	1 redirects
1	track1.avplayer.com	player.avplayer.com
1	px.ads.linkedin.com	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.amazon-adsystem.com	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
1	sync.aniview.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	rtb.openx.net	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	tr.blismedia.com	4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	eu-u.openx.net	google-bidout-d.openx.net
1	s2s.aniview.com	player.aniview.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.pubguru.com	c.pubguru.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	go1.aniview.com	player.aniview.com
1	lb.eu-1-id5-sync.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.playstream.media	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
1	player.aniview.com	player.avplayer.com
1	hbopenbid.pubmatic.com	c.pubguru.net
1	www.googletagmanager.com	c.pubguru.net
1	tg1.playstream.media	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
1	c.pubguru.net	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
1	xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
0	vpaid.vidoomy.com Failed	vid.vidoomy.com
0	px.adhigh.net Failed	ads.betweendigital.com
0	ads.avct.cloud Failed	ads.betweendigital.com
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	api.rlcdn.com Failed	ads.pubmatic.com
0	lexicon.33across.com Failed	ads.pubmatic.com
0	nnoilpdinmjmdfpkdkbbkajejflbkoma Failed	c.pubguru.net
254	82

This site contains links to these domains. Also see Links.

Domain
my.contact.page
playstream.media
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.contact.page R3	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.m2.ai Amazon RSA 2048 M01	`2023-02-22` - `2023-11-08`	9 months	crt.sh
wl.aniview.com R3	`2023-06-29` - `2023-09-27`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.aniview.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-04`	10 months	crt.sh
*.pubguru.net Amazon RSA 2048 M01	`2023-03-27` - `2024-04-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
cdn.playstream.media R3	`2023-06-25` - `2023-09-23`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
feed.playstream.media R3	`2023-06-15` - `2023-09-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Frame ID: 57A38CCD5D152951FF36264ED242A1FA
Requests: 87 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64a6a28412362fe49d068588
Frame ID: F1D5C45289F738AAE1FDD03481FBC33B
Requests: 2 HTTP requests in this frame

Frame: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 91B41EC1147C5171886F8F7428DBDC4B
Requests: 1 HTTP requests in this frame

Frame: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3EC1E8582DF554488191D78FB06EBE1D
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: ED4F5C5DD3A15575269CBA7CD1E8832D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4052FF860DB80F5C43386A94E429F968
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: D2E1501DB548979B4BEA6E1F0E436629
Requests: 14 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B8B30F145112A9935E1A234FE5DA45B4
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: FC749A4B7005AD4E3A9D6C6017DDFEB8
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: DD74474E18A633EEE11A5968564A30B8
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js
Frame ID: 4F63C3AEA05468256596CB6ED21C79E9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 7BB89B2927E1F550B3BA12072FC841DB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 56256FC40B00F7B95E9506E26D97AB07
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 63088A63431315A86111F31DE7FA4841
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 499ED23D6D040222361EDD808190398F
Requests: 18 HTTP requests in this frame

Frame: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB40526A8475EF2375E35327B4A54943
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbDg9IDEILBqJAEGMG_uu8BMAE&v=APEucNVDocl0dy7nkWTWW3is6O7Da7NrGQhJKrKgjX8eNs7uHKTVNEq-TTUzbDy4FcOQR_5IA1jkxyDe7JXuM3eVyv8RCt89ORF-M44i5mmxGmVsgq-ZAJk
Frame ID: C6265FFBB24B119FE4192FC20767C5BF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8B366A0AAFE3A02EBB4EED94AB9AC2B4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 807CC125BB66A2E167E67830F463E48C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2445686203945292811/index.html?ev=01_250
Frame ID: 161F46513D81BA0C0956AAE91907B78B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B65BA398042272A9FDBB02F077F54E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C890B777EB604B74A1EF7B97747924B
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 89BF9AE2071DFD306F817FE560210C3B
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158460
Frame ID: 624394A6162A217666E8B7004495EA7C
Requests: 2 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Frame ID: 96EAAF8C69E8717350B2BABFD6690FC1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

แพทย์หญิง สาวินี บุญสุข - กรุงเทพมหานคร

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

254
Requests

85 %
HTTPS

0 %
IPv6

49
Domains

82
Subdomains

62
IPs

10
Countries

6100 kB
Transfer

11647 kB
Size

99
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://my.contact.page/
Title: my.contact.page

Search URL Search Domain Scan URL

URL: https://playstream.media/
Title: Ads by

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=#http://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=%E0%B9%81%E0%B8%9E%E0%B8%97%E0%B8%A2%E0%B9%8C%E0%B8%AB%E0%B8%8D%E0%B8%B4%E0%B8%87%20%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%B4%E0%B8%99%E0%B8%B5%20%E0%B8%9A%E0%B8%B8%E0%B8%8D%E0%B8%AA%E0%B8%B8%E0%B8%82&url=http://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=http://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://oajs.openx.net/esp?url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&rid=esp&cc=1

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 107

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7089798143079381276

Request Chain 108

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3557351e-6395-cfb4-3e63-11ecef73e0be HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3557351e-6395-cfb4-3e63-11ecef73e0be&dcc=t

Request Chain 109

https://match.adsrvr.org/track/cmf/openx?oxid=6d814963-7f3f-744e-fe6d-937b87402b5e&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=90eed1d6-3d42-4fa0-9949-e9ad527fe34f&ttd_puid=6d814963-7f3f-744e-fe6d-937b87402b5e&gdpr=0&gdpr_consent=

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHBvf1qcxmDeDRzhDIs4w0c&google_cver=1

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&gdpr=0&C=1

Request Chain 204

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZL.KjznARgoZgeVgpoV1RQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&google_hm=2

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELS2dSeTFXc22ru3IN4P1Wg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESELS2dSeTFXc22ru3IN4P1Wg%26google_cver%3D1

Request Chain 206

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1MTc4MDY0NzUxNjg1NDg3Ng%3D%3D

Request Chain 219

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMNRZxwY40vuhIS_rpb_zhc&google_cver=1&google_push=AaAOQGGfbzD37l407YonbF8NfbyrJ8uciEYbjS7CL6cUjjfihcHb2AsPFvTcxzVOW2Icy-DzEr3ItN6FCXKb8lvdlbpzye7Ryjs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGfbzD37l407YonbF8NfbyrJ8uciEYbjS7CL6cUjjfihcHb2AsPFvTcxzVOW2Icy-DzEr3ItN6FCXKb8lvdlbpzye7Ryjs&google_hm=ULfUsbIsR_qAw7Rb4ta55VI

Request Chain 221

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIo8TiGiUQBp7FYzZOVrBEs&google_cver=1&google_push=AaAOQGFBEVtApRYhvLjWfMUKvl4DeNyWLF0mTU0NVe_8BHxD9AOTCyiQ6srTJRO9ql3Xcyxrao3-dMedFZBBgJ-4LyjzN--jzv_p HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGFBEVtApRYhvLjWfMUKvl4DeNyWLF0mTU0NVe_8BHxD9AOTCyiQ6srTJRO9ql3Xcyxrao3-dMedFZBBgJ-4LyjzN--jzv_p

Request Chain 222

https://rtb.openx.net/sync/dds?google_gid=CAESEBlRz3GDkXnLKPtOqeghIwE&google_cver=1&google_push=AaAOQGHYou1i7ruxe8ANIkSOZZJps9ZGA6Q-4KUFruIcusg0yK1GZA2lVn8gKoTlYJRG_8fAAk2QjQHpqksWcOXAIzRrBPkwLyE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AaAOQGHYou1i7ruxe8ANIkSOZZJps9ZGA6Q-4KUFruIcusg0yK1GZA2lVn8gKoTlYJRG_8fAAk2QjQHpqksWcOXAIzRrBPkwLyE&google_hm=stfDX9a5zWAYGd_MVFkR5A==

Request Chain 223

https://ads.yieldmo.com/exptsync?google_gid=CAESEGpPzPJ2HQL3-qN5p_ZttlU&google_cver=1&google_push=AaAOQGELbhmL3Y3xDs2ML8yh9McAafBgoLomJfwFOZ_C5tS2Onx1G8THxtDFZPz3geCe_mFPW22hRL1ETRlMuXH6k9oW2TU5mbM- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGELbhmL3Y3xDs2ML8yh9McAafBgoLomJfwFOZ_C5tS2Onx1G8THxtDFZPz3geCe_mFPW22hRL1ETRlMuXH6k9oW2TU5mbM-&google_hm=M2F4SE9TU1hYblM5UnE2Q1FzbDE=

Request Chain 224

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPGkUxf6SDjRGmEaoYETBiI&google_cver=1&google_push=AaAOQGF2HWPT3Z7AnWhXHuHakyI7bRLa6f2DXKLz6ufW2ZWlTilZYhXYjfsbfoItjdvziz8gXCCyCXg5BRCWL0lInhRSIDtX9NAcjQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPGkUxf6SDjRGmEaoYETBiI&google_cver=1&google_push=AaAOQGF2HWPT3Z7AnWhXHuHakyI7bRLa6f2DXKLz6ufW2ZWlTilZYhXYjfsbfoItjdvziz8gXCCyCXg5BRCWL0lInhRSIDtX9NAcjQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RTHBvbEgxRTJ1SEw3TkREbXF1dDA2S3Y3Y2ZSeE9EZ35B&google_push=AaAOQGF2HWPT3Z7AnWhXHuHakyI7bRLa6f2DXKLz6ufW2ZWlTilZYhXYjfsbfoItjdvziz8gXCCyCXg5BRCWL0lInhRSIDtX9NAcjQ

Request Chain 225

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKSDq4c_8mUy1YjboLZ7MDc&google_cver=1&google_push=AaAOQGHB9ViSegGDLNOfKQk3RwJUcF4NNuDLDmySEO9RogApG55Fdo-1myaQnsuuXWhi3vA3YzUwgic3ugI7BtVuWWoHNdnkXrtRsQ HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKSDq4c_8mUy1YjboLZ7MDc&google_cver=1&google_push=AaAOQGHB9ViSegGDLNOfKQk3RwJUcF4NNuDLDmySEO9RogApG55Fdo-1myaQnsuuXWhi3vA3YzUwgic3ugI7BtVuWWoHNdnkXrtRsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f458b4e-613b-45a2-a7a7-7a6f87a4c846&%%GOOGLE_PUSH_PAIR%%

Request Chain 227

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&us_privacy=1---&khaos=LKI1RJ6V-21-9GC9 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LKI1RJ6V-21-9GC9&us_privacy=1---

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOfORvXqypBNSjbypHjObc8&google_cver=1

Request Chain 232

https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=90eed1d6-3d42-4fa0-9949-e9ad527fe34f&gdpr=0&gdpr_consent=&expires=30

Request Chain 233

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=N768kge_TPOelybWtirxug&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=N768kge_TPOelybWtirxug

Request Chain 234

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/sJLG20xXw11fbYtA_riN0Mn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-s0LW1cBE2oIOuiD.pvj4DkcX3KxJXO.9ns1rRw--~A

Request Chain 235

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKI1RJ6V-21-9GC9&us_privacy=1---

Request Chain 236

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtJMVJKNlYtMjEtOUdDOQ==&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG3ZNoSS__8w-S95CC0aEaM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJMVJKNlYtMjEtOUdDOQ==&google_push=

Request Chain 237

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDk4OGRmM2IwMjQzZjdlZjVhYmQ0MzVlNzVmOTY2ZGJkMTVjMmY5MQ&us_privacy=1---

Request Chain 262

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween

Request Chain 263

https://ads.adlook.me/csync?pid=btw&uid=10c4e2f1-3cf1-52ce-91ac-09e2f513836e&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=f747e6c3b5364159a9c95a02675c40a3

Request Chain 264

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1lUmlHREY5RTJ1RVRFUU82QlJMbVRmcEE2VEZYOXdNQmM5bzJtRVUtfkE%3D&gdpr=0

254 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/ 28 KB
9 KB 797ms
264ms Document
text/html 3.6.30.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.6.30.125 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-6-30-125.ap-south-1.compute.amazonaws.com

Software

nginx / Phusion Passenger(R) 6.0.11

Resource Hash

26902e742cc334dd433ef9f8621cde439411fc5ec71e7cb45124f89335801b8c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 08:40:42 GMT
etag: W/"e7efe60e25c146b868fd97db96e85b11"
server: nginx
status: 200 OK
x-frame-options: ALLOWALL
x-my-header: iw_with_2_instants
x-powered-by: Phusion Passenger(R) 6.0.11
x-proxy-cache: HIT
x-request-id: 84a3c1cd-e712-45ee-89e7-5b2d70eb1ce3
x-runtime: 0.284041

GET
H2 200 all-308f0058f725e58cb42a0eea1de23b38.css
d3byk4ol5wi3iq.cloudfront.net/assets/cp-vcard/ 30 KB
6 KB 440ms
145ms Stylesheet
text/css 18.66.107.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3byk4ol5wi3iq.cloudfront.net/assets/cp-vcard/all-308f0058f725e58cb42a0eea1de23b38.css
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-107-220.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acbac941f34fee374d600cda65091a386457ae999ba28137ec71effcc66175e6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 15:39:44 GMT
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 406859
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5825
last-modified: Thu, 20 Jul 2023 15:33:06 GMT
server: AmazonS3
etag: "cb9d1e302c1f39700b68a94e6ee42794"
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
x-amz-cf-id: kAKpZnif8lyRyl7MDCty0oj763OE8ealkq50AcY6RIPWdJbH_WvJsg==
expires: Fri, 19 Jul 2024 21:33:05 GMT

GET
H2 200 application-144ee6814ecc61e06674a376d80bfd2e.js Show response
d3byk4ol5wi3iq.cloudfront.net/assets/cp-vcard/ 22 KB
9 KB 456ms
162ms Script
text/javascript 18.66.107.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3byk4ol5wi3iq.cloudfront.net/assets/cp-vcard/application-144ee6814ecc61e06674a376d80bfd2e.js
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-107-220.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b498d5fed30dd46b47aa0bee2179932f283d5954a70348c797abdfda6fa15df

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 19:26:38 GMT
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 19:20:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 25708445
etag: "b6868f9fafac5830308ddb936788efd4"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 8662
x-amz-cf-id: kD7BvIaFYFe4ogxab-woNDgcrbt0wLJ6jmwkb0XNPpTJHYP_9PRh6w==
expires: Sun, 01 Oct 2023 01:20:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 519ms
226ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

03635e66d68a69bfdfb5781ba67d6444eae727cf30b617c1e6860948d58c2479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28036
x-xss-protection: 0
server: cafe
etag: 160 / 19563 / 31076267 / config-hash: 14308175188880485398
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:40:43 GMT

GET
H2 200 pg.contactpage.sidebar.js Show response
c.pubguru.net/ 711 KB
206 KB 514ms
206ms Script
application/javascript 18.173.154.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pubguru.net/pg.contactpage.sidebar.js
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-117.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bae791f900d23d79289c581c7c1ad9ed37ce16d39e7c1028f92937b53f638e6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: 8ap0u0aH2ivHvdk8LCTNrxrbnrssQafU
content-encoding: gzip
via: 1.1 d11d7fba872e54649066e59f703ad3e6.cloudfront.net (CloudFront)
date: Tue, 25 Jul 2023 08:35:07 GMT
last-modified: Mon, 24 Jul 2023 17:23:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 337
x-amz-server-side-encryption: AES256
etag: W/"8603fc8a739a9e115c255f64a228d395"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-id: aAdAH7-cRk-fdTAUd7GGc6xys8XFhg0rrqawfYFdIYCYqn8vxH-Qgg==

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 29 KB
8 KB 615ms
242ms Script
text/javascript 23.53.42.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=64a6a318fc0f1863630e3d76&AV_PUBLISHERID=64a6a28412362fe49d068588
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b3df9f3efa263c7e1806468bd23a27fe056991f98555bca599e712b8dbe9843

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Tue, 25 Jul 2023 08:40:43 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 7246
Expires: Tue, 25 Jul 2023 08:45:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ 385 KB
122 KB 145ms
144ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 15:51:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60581
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 23 Jul 2024 15:51:02 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8.3/v/ 795 KB
206 KB 404ms
128ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=64a6a318fc0f1863630e3d76&AV_PUBLISHERID=64a6a28412362fe49d068588
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 47311004026fcba935d2650e2348b15cee26caa7a66075a90ec58729c68a917c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:43 GMT
content-encoding: gzip
last-modified: Fri, 21 Jul 2023 09:31:08 GMT
etag: "1689931868"
x-hw: 1690274443.dop209.ve1.t,1690274443.cds224.ve1.hn,1690274443.cds228.ve1.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 209926

GET
H2 200 track
track1.aniview.com/ 0
98 B 682ms
220ms Image
text/plain 50.16.166.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=64a6a28412362fe49d068588&cid=64a6a2c7623c439f0706fc05&cb=1690274443320&r=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&stagid=64a6a318fc0f1863630e3d76&stplid=64a6a1832f5662e69105a966&d35=&d65=&d66=8&d74=&e=playerLoaded&str=autostart
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.166.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-166-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
a3.pubguru.net/ 139 B
562 B 424ms
138ms XHR
application/json 18.196.193.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/?device=desktop&domain=contact.page

Requested by

Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.193.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-193-247.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

82a3aaaa2e99adc8c983e9b7fdfb7324e1dd658e7aef392df97ce993dc15a35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:43 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Origin
content-type: application/json
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-allow-credentials: true
x-duration: 2
content-length: 139

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
297 B 405ms
139ms XHR
text/plain 18.196.193.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=immediate

Requested by

Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.193.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-193-247.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jul 2023 08:40:43 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Origin
content-type: text/plain
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-allow-credentials: true
x-duration: 3
content-length: 2

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 513ms
221ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a1b1900a78afacf42faa188813cbdc845f19a7bd6f103c7e9b90a12f4a6a49bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28036
x-xss-protection: 0
server: cafe
etag: 158 / 19563 / 31076267 / config-hash: 14308175188880485398
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:40:43 GMT

GET
H2 200 23081961 Show response
fundingchoicesmessages.google.com/i/ 148 KB
49 KB 473ms
182ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/23081961?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

c02583b968a6f0d1bd76b7a1ab4a85d1dec23db5ba2cb70c778522185665d1c5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-q3T9eEXOMY8zYfadWD9crQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-q3T9eEXOMY8zYfadWD9crQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stream
a3.pubguru.net/ 0
0 136ms
135ms Ping
text/plain 18.196.193.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a3.pubguru.net/stream?beacon=test
Requested by: Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.193.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-193-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
87 KB 433ms
153ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=G-ZGVWB1VVD3

Requested by

Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

14693bbadbe107a74dbc7e04fc77d45492f832553478518973ea18cba588769c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 08:40:44 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158460/7140/ 238 KB
79 KB 421ms
140ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158460/7140/pwt.js
Requested by: Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed5c0cc8d05757beeda433f571b7e8b7b4c7fb6834313919876ea8931c52d7b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2023 21:17:57 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=50845
accept-ranges: bytes
content-length: 80513
expires: Tue, 25 Jul 2023 22:48:09 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
938 B 833ms
460ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
148 B 658ms
348ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
date: Tue, 25 Jul 2023 08:40:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

HEAD content-script.js
nnoilpdinmjmdfpkdkbbkajejflbkoma/js/ 0
0

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 tc Show response
a3.pubguru.net/ 61 B
362 B 154ms
153ms XHR
application/json 18.196.193.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/tc

Requested by

Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.193.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-193-247.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7106fc7a8a57bd3515049560e573cb31911735db6d9fef39321b159ffe24d50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Origin
content-type: application/json
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-allow-credentials: true
x-duration: 16
content-length: 61

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/8.3/v/libs/ 410 KB
114 KB 133ms
133ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 1630c613fc24121cd55136cd133f5e2ecefc55f6147f1d28eb5659ac139eefb2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: gzip
last-modified: Fri, 21 Jul 2023 09:31:09 GMT
etag: "1689931869"
x-hw: 1690274444.dop209.ve1.t,1690274444.cds224.ve1.hn,1690274444.cds247.ve1.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 116575

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame F1D5 472 KB
127 KB 422ms
134ms Script
text/javascript 2.18.162.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64a6a28412362fe49d068588
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.162.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-162-159.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: cd6f6af6341bdb8c0e2b2642e68c80643ee58a2e9bae25fff793660ac6c1c409

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdt5JsOB-95Dr6onrqRA59ZybR6HRhirojcMRWMLcuCETbp_OO-HpDlRLrTSGNSi9_eA2A_pImNtZuwJTQ8i0ZsVzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 129189
last-modified: Mon, 17 Jul 2023 12:05:22 GMT
server: UploadServer
etag: "1a0c4301861f84c10a6e52552283db3c"
vary: Accept-Encoding
x-goog-generation: 1689595522655033
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=5w653A==, md5=GgxDAYYfhMEKblJVIoPbPA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 129189
accept-ranges: bytes
expires: Tue, 25 Jul 2023 08:50:44 GMT

GET
H2 200 31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 34 KB
35 KB 378ms
112ms Font
application/octet-stream 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: gzip
last-modified: Fri, 21 Jul 2023 09:31:08 GMT
etag: "1689931868"
x-hw: 1690274444.dop210.ve1.t,1690274444.cds220.ve1.hn,1690274444.cds214.ve1.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 35197

GET
H2 200 e38937dbf8202c144802.woff
player.avplayer.com/script/8.3/v/assets/ 36 KB
36 KB 481ms
216ms Font
application/octet-stream 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/assets/e38937dbf8202c144802.woff
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 6a156519b783c083e2c25ed5c49c00dd956d6be26a347ef09a77221abbed33e9

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: gzip
last-modified: Fri, 21 Jul 2023 09:31:09 GMT
etag: "1689931869"
x-hw: 1690274444.dop210.ve1.t,1690274444.cds220.ve1.hn,1690274444.cds248.ve1.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36526

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
2 KB 442ms
138ms Image
image/png 169.150.247.36
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-36.datapacket.com
Software: BunnyCDN-DE1-1079 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 25 Jul 2023 08:40:44 GMT
cdn-edgestorageid: 864
cdn-cachedat: 02/05/2023 21:16:32
cdn-pullzone: 1027527
content-length: 1265
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 144fc491c2a47e22c86169705d676400
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AGSKWxVxLRkK5SWO928atOmJykM7mZj3RNdkdHst7faka0ZyN_DWsES2usEHQU3pyWj0uFMAoovWoikKZWdWgtcZM4o= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 194ms
193ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVxLRkK5SWO928atOmJykM7mZj3RNdkdHst7faka0ZyN_DWsES2usEHQU3pyWj0uFMAoovWoikKZWdWgtcZM4o=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkwMjc0NDQ0LDM4MDAwMDAwMF0sIjQwMzJGNEU1LTVCNDUtNDM3Qy1BNEQ2LURBRDRBOTI3NDVBNCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8veG4tLXRoLXRoMTEyNzA0NC0tLS0tcGMyYzZkdWl0Ync0ZnZleWY0Y3dhN3EwYmY1YTE3YS5jb250YWN0LnBhZ2UvIixudWxsLFtbOCwiZlNCSFBPeEVONEUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fSBHPOxEN4E.es5.O/d=1/rs=AJlcJMx4vKcbAqh1IIVQHIeXAzvBhrtjtA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

114342cc15f6811da8fda0352f82caa17aa721892d9ca94b41888a120e91d7a7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vSzTGJ8jYw_qCxLlCh-m4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vSzTGJ8jYw_qCxLlCh-m4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 418ms
135ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 08:40:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 33642
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230130-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 246ms
86ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: EYBR7P17HEFDC54A
age: 1881
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ec3198ebcbb2dd1-TBS
x-amz-id-2: /ZntuQVYIDKNw2eZqP3V++jviJfvY1OtGihMur2G1TpNXa/lGVYOjUdcURKax1jAnf6B+W0dKvw=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 432ms
149ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 180e9d5147564d2d46058c1bfe54b974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 435ms
153ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:34:21 GMT
content-encoding: gzip
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 21984
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: PEKGAIUrlee_xC77DCvO3w-qi04ikg9-s8GoBm_Nl7E3hxFaBnLWbA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 422ms
135ms Script
text/javascript 18.66.123.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-123-194.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: null
Date: Tue, 25 Jul 2023 00:56:56 GMT
Via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 27829
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: xDi3inwyu9uRpDnGIBG99cdiSvpSY5dQuipMCkDhMLQPaH5Mrv2Ybg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 423ms
134ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 07:56:05 GMT
content-encoding: gzip
age: 693879
x-guploader-uploadid: ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 16 Jul 2024 07:56:05 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 528ms
219ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 08:40:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 170 KB
49 KB 520ms
519ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1840906736522761&correlator=3882330015251890&eid=31076267%2C31070233&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=23081961%3A22683176251%2Cpg_interstitial_contact.page&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2508049374&didk=510060275&sfv=1-0-40&ists=1&fas=8&prev_scp=m2_config%3D0-230711-7d1%25400%26m2_stack%3Denabled%2Cgoogle%2Cadx_interstitial%26m2_stack_pageview%3Denabled%2Cgoogle%2Cadx_interstitial%26m2_stack_session%3Denabled%2Cgoogle%2Cadx_interstitial%26m2_canonical%3D57d9b55b5dfa464e43044eab2513af4d%26m2_canonical_session%3D57d9b55b5dfa464e43044eab2513af4d%26dts_pageview_id%3Df19d53df-d83c-42d7-9d39-dfe87d3758b0%26dts_session_id%3D58f76e83-b3cc-433d-b61f-1a7957c28a59%26dts_utm_source%3D%252Fempty%252F%26dts_utm_medium%3D%252Fempty%252F%26dts_utm_campaign%3D%252Fempty%252F%26dts_utm_content%3D%252Fempty%252F%26dts_utm_term%3D%252Fempty%252F%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F&sc=1&cookie_enabled=1&abxe=1&dt=1690274444403&lmt=1690274444&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=370571888.1690274444&ga_sid=1690274444&ga_hid=1715823598&ga_fc=false&dlt=1690274442176&idt=1372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c27f31702b37dbae493da2e9cc304add33c7c58039e78c63ac87b5d0ec1209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49893
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 91B4 6 KB
3 KB 442ms
144ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:40:44 GMT
expires: Wed, 24 Jul 2024 08:40:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ 37 KB
13 KB 139ms
138ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl_page_level_ads.js?cb=31076267

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1f0f1071ab7fcf6a87e947376a3d52b3cdbffe66c5a0acfc72a6e17fbd4a4eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79463
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13169
x-xss-protection: 0
server: cafe
etag: 3859843786994776570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 23 Jul 2024 10:36:21 GMT

GET
H2 200 index.m3u8 Show response
feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/ 135 B
637 B 456ms
142ms XHR
application/vnd.apple.mpegurl 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/index.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-198.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: 3964e306d6b67165ac73c35d1da6dff273cb8e6f51a3fa4a615582a2a637026d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 25 Jul 2023 08:40:44 GMT
content-encoding: gzip
cdn-edgestorageid: 860
cdn-cachedat: 07/18/2023 10:32:50
cdn-pullzone: 1464120
last-modified: Tue, 18 Jul 2023 10:08:46 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 206
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 992d775915c8a9babbd575b51b8f2e73
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 449ms
142ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&domain=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 25 Jul 2023 08:40:44 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 188683
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET envelope
lexicon.33across.com/v1/ 0
0

GET
H2 200 json Show response
gum.criteo.com/sid/ 357 B
717 B 431ms
142ms XHR
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158460/7140/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a40f1146ac7b354a62c89a9d8fc4ed9d76cf53e0f0ff9a83e026af1ecd6d29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 484365
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 136 B
595 B 436ms
138ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158460/7140/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

9ea4355dc8c90c99fc2db09572baa70bfc7868adb40c7d93b618efaa72069680

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
date: Tue, 25 Jul 2023 08:40:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 75 B
863 B 531ms
180ms XHR
application/json 54.72.84.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=false&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158460/7140/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.84.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: dbe92e3cd7e8e3dc5da1e501fba71fe4399d0dc942610b2f172e8840d298465c

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: no-cache
x-server: 10.45.26.112
access-control-allow-credentials: true
content-length: 75
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
579 B 594ms
196ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158460/7140/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: bc3747c106caa252762a424da4e6c79786076c403da48827d44f655b2b600ecf

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 24 Aug 2023 08:40:45 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
374 B 405ms
136ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
date: Tue, 25 Jul 2023 08:40:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
217 B 495ms
154ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=158460
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158460/7140/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:45 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&rid=esp&cc=1

85 B
193 B

248ms
247ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&rid=esp&cc=1
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 12da1fd06ca16782d2cb733c51f475d7ec78a2c47b8cf8f0e9e7034ae9f76542

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-2AobqvbU78Ce3ofZGKSQH5DHQyo"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 25 Jul 2023 08:40:45 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
location: /esp?url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 2038ms
2038ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1840906736522761&correlator=3882330015251890&eid=31076267%2C31070233&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=23081961%3A22683176251%2Ccp_desk_anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C1x1&ifi=2&adks=2276885973&didk=2808662470&sfv=1-0-40&prev_scp=m2_pageview%3D0-230711-7d1%25400%26m2_session%3D0-230711-7d1%25400%26m2_config%3D0-230711-7d1%25400%26m2_stack%3Denabled%2Cgoogle%2Ctc-init%2Cgb%2Canchor-bottom%26m2_pid%3Dgb-adsense%252F%26m2_bidder%3Dgb-adsense%26m2_size%3D728x90%26m2_adid%3Db473d3dc%26m2_pb%3D0.01%26m2_stack_pageview%3Dtc-init%2Cgb%2Canchor-bottom%26m2_stack_session%3Dtc-init%2Cgb%2Canchor-bottom%26m2_canonical%3D57d9b55b5dfa464e43044eab2513af4d%26m2_canonical_session%3D57d9b55b5dfa464e43044eab2513af4d%26dts_pageview_id%3Df19d53df-d83c-42d7-9d39-dfe87d3758b0%26dts_session_id%3D58f76e83-b3cc-433d-b61f-1a7957c28a59%26dts_utm_source%3D%252Fempty%252F%26dts_utm_medium%3D%252Fempty%252F%26dts_utm_campaign%3D%252Fempty%252F%26dts_utm_content%3D%252Fempty%252F%26dts_utm_term%3D%252Fempty%252F%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F&sc=1&cookie_enabled=1&abxe=1&dt=1690274445095&lmt=1690274445&adxs=0&adys=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&frm=20&vis=1&psz=1600x2532&msz=728x-1&fws=512&ohw=0&ga_vid=370571888.1690274444&ga_sid=1690274444&ga_hid=1715823598&ga_fc=false&dlt=1690274442176&idt=1372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ec25d3398c52904c85777717c2a8e4a8cf742e23cf5efb603636362324b3da7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11850
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
13 KB 1787ms
1787ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1840906736522761&correlator=3882330015251890&eid=31076267%2C31070233&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=23081961%3A22683176251%2Ccp_desk_sidebar%2C1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600&ifi=3&adks=3447198357&didk=4180214810&sfv=1-0-40&prev_scp=m2_config%3D0-230711-7d1%25400%26m2_stack%3Denabled%2Cgoogle%2Ctc-init%2Cgb%2Clazy%26m2_pid%3Dgb-adsense%252F%26m2_bidder%3Dgb-adsense%26m2_size%3D300x250%26m2_adid%3Ddc5d14df%26m2_pb%3D0.01%26m2_stack_pageview%3Dlazy%26m2_stack_session%3Dlazy%26m2_canonical%3D57d9b55b5dfa464e43044eab2513af4d%26m2_canonical_session%3D57d9b55b5dfa464e43044eab2513af4d%26dts_pageview_id%3Df19d53df-d83c-42d7-9d39-dfe87d3758b0%26dts_session_id%3D58f76e83-b3cc-433d-b61f-1a7957c28a59%26dts_utm_source%3D%252Fempty%252F%26dts_utm_medium%3D%252Fempty%252F%26dts_utm_campaign%3D%252Fempty%252F%26dts_utm_content%3D%252Fempty%252F%26dts_utm_term%3D%252Fempty%252F%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F&sc=1&cookie_enabled=1&abxe=1&dt=1690274445101&lmt=1690274445&adxs=1008&adys=585&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&frm=20&vis=1&psz=312x1583&msz=312x0&fws=0&ohw=0&ga_vid=370571888.1690274444&ga_sid=1690274444&ga_hid=1715823598&ga_fc=false&dlt=1690274442176&idt=1372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

93dd5670a1cb6a14f1061a470b4512c60f428946ba6f46786764bc3d03ed37bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13785
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 1250ms
1249ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1840906736522761&correlator=3882330015251890&eid=31076267%2C31070233&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=23081961%3A22683176251%2Ccp_desk_incontent_lazy%2C1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C728x250&ifi=4&adks=3423563977&didk=4012696231&sfv=1-0-40&prev_scp=m2_config%3D0-230711-7d1%25400%26m2_stack%3Denabled%2Cgoogle%2Ctc-init%2Clazy%26m2_pid%3Dgb-adsense%252F%26m2_bidder%3Dgb-adsense%26m2_size%3D300x250%26m2_adid%3Ddc5d14df%26m2_pb%3D0.01%26m2_canonical%3D57d9b55b5dfa464e43044eab2513af4d%26m2_canonical_session%3D57d9b55b5dfa464e43044eab2513af4d%26dts_pageview_id%3Df19d53df-d83c-42d7-9d39-dfe87d3758b0%26dts_session_id%3D58f76e83-b3cc-433d-b61f-1a7957c28a59%26dts_utm_source%3D%252Fempty%252F%26dts_utm_medium%3D%252Fempty%252F%26dts_utm_campaign%3D%252Fempty%252F%26dts_utm_content%3D%252Fempty%252F%26dts_utm_term%3D%252Fempty%252F%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F&sc=1&cookie_enabled=1&abxe=1&dt=1690274445104&lmt=1690274445&adxs=280&adys=2169&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&frm=20&vis=1&psz=728x1583&msz=728x0&fws=0&ohw=0&ga_vid=370571888.1690274444&ga_sid=1690274444&ga_hid=1715823598&ga_fc=false&dlt=1690274442176&idt=1372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b1fea52083e796fd06bc4b417c4465adf662ebe6100fb34e479bb5ee9f9da684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12164
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
14 KB 1523ms
1522ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1840906736522761&correlator=3882330015251890&eid=31076267%2C31070233&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=23081961%3A22683176251%2Ccp_desk_incontent_lazy%2C2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C728x250&ifi=5&adks=1164008572&didk=1823369001&sfv=1-0-40&prev_scp=m2_config%3D0-230711-7d1%25400%26m2_stack%3Denabled%2Cgoogle%2Ctc-init%2Clazy%26m2_pid%3Dgb-adsense%252F%26m2_bidder%3Dgb-adsense%26m2_size%3D300x250%26m2_adid%3Ddc5d14df%26m2_pb%3D0.01%26m2_canonical%3D57d9b55b5dfa464e43044eab2513af4d%26m2_canonical_session%3D57d9b55b5dfa464e43044eab2513af4d%26dts_pageview_id%3Df19d53df-d83c-42d7-9d39-dfe87d3758b0%26dts_session_id%3D58f76e83-b3cc-433d-b61f-1a7957c28a59%26dts_utm_source%3D%252Fempty%252F%26dts_utm_medium%3D%252Fempty%252F%26dts_utm_campaign%3D%252Fempty%252F%26dts_utm_content%3D%252Fempty%252F%26dts_utm_term%3D%252Fempty%252F%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F&sc=1&cookie_enabled=1&abxe=1&dt=1690274445110&lmt=1690274445&adxs=280&adys=1250&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&frm=20&vis=1&psz=728x1583&msz=728x0&fws=0&ohw=0&ga_vid=370571888.1690274444&ga_sid=1690274444&ga_hid=1715823598&ga_fc=false&dlt=1690274442176&idt=1372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

855051f8237efebed190b383776b412f20f61508199976acb25b5a9f9ff0d463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14403
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
13 KB 491ms
491ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1840906736522761&correlator=3882330015251890&eid=31076267%2C31070233&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=23081961%3A22683176251%2Ccp_desk_leaderboard%2C1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x250&ifi=6&adks=3356492067&didk=2270024995&sfv=1-0-40&prev_scp=m2_config%3D0-230711-7d1%25400%26m2_stack%3Denabled%2Cgoogle%2Ctc-init%2Clazy%26m2_pid%3Dgb-adsense%252F%26m2_bidder%3Dgb-adsense%26m2_size%3D728x90%26m2_adid%3Db473d3dc%26m2_pb%3D0.01%26m2_canonical%3D57d9b55b5dfa464e43044eab2513af4d%26m2_canonical_session%3D57d9b55b5dfa464e43044eab2513af4d%26dts_pageview_id%3Df19d53df-d83c-42d7-9d39-dfe87d3758b0%26dts_session_id%3D58f76e83-b3cc-433d-b61f-1a7957c28a59%26dts_utm_source%3D%252Fempty%252F%26dts_utm_medium%3D%252Fempty%252F%26dts_utm_campaign%3D%252Fempty%252F%26dts_utm_content%3D%252Fempty%252F%26dts_utm_term%3D%252Fempty%252F%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F&sc=1&cookie_enabled=1&abxe=1&dt=1690274445113&lmt=1690274445&adxs=280&adys=542&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&frm=20&vis=1&psz=1040x0&msz=1040x0&fws=0&ohw=0&ga_vid=370571888.1690274444&ga_sid=1690274444&ga_hid=1715823598&ga_fc=false&dlt=1690274442176&idt=1372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

eb6ba8b4f6e7f5ea5178c904d8bddccac23250d71d888b153b56db1a1703c0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13201
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 1008ms
1008ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1840906736522761&correlator=3882330015251890&eid=31076267%2C31070233&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=23081961%3A22683176251%2Ccp_desk_sidebar%2C2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600&ifi=7&adks=748642165&didk=2815035471&sfv=1-0-40&prev_scp=m2_config%3D0-230711-7d1%25400%26m2_stack%3Denabled%2Cgoogle%2Ctc-init%2Clazy%26m2_pid%3Dgb-adsense%252F%26m2_bidder%3Dgb-adsense%26m2_size%3D300x250%26m2_adid%3Ddc5d14df%26m2_pb%3D0.01%26m2_canonical%3D57d9b55b5dfa464e43044eab2513af4d%26m2_canonical_session%3D57d9b55b5dfa464e43044eab2513af4d%26dts_pageview_id%3Df19d53df-d83c-42d7-9d39-dfe87d3758b0%26dts_session_id%3D58f76e83-b3cc-433d-b61f-1a7957c28a59%26dts_utm_source%3D%252Fempty%252F%26dts_utm_medium%3D%252Fempty%252F%26dts_utm_campaign%3D%252Fempty%252F%26dts_utm_content%3D%252Fempty%252F%26dts_utm_term%3D%252Fempty%252F%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F&sc=1&cookie_enabled=1&abxe=1&dt=1690274445117&lmt=1690274445&adxs=-318&adys=187&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&frm=20&vis=1&psz=294x-1&msz=294x-1&fws=2564&ohw=342&ga_vid=370571888.1690274444&ga_sid=1690274444&ga_hid=1715823598&ga_fc=false&dlt=1690274442176&idt=1372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7ae9b0d4fe6143df71d49c7260780e015b5f61838932281ad2aeab139a9e10d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12080
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3EC1 6 KB
3 KB 135ms
134ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:40:44 GMT
expires: Wed, 24 Jul 2024 08:40:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 flickstree_combine_content_17_06_23.m3u8 Show response
feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/ 5 KB
1 KB 139ms
139ms XHR
application/vnd.apple.mpegurl 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/flickstree_combine_content_17_06_23.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-198.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: 5730c7d2ccee1dbe00f07bcd36df2223be8ac45b200d9f735fbd1a0e8edd3549

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 25 Jul 2023 08:40:45 GMT
content-encoding: gzip
cdn-edgestorageid: 722
cdn-cachedat: 07/18/2023 10:32:53
cdn-pullzone: 1464120
last-modified: Tue, 18 Jul 2023 10:08:46 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 206
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 6cecb5c914ac501790150249c2ef2da1
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
452 B 415ms
138ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158460/7140/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

2c3a91a36b76694d5895032a0b75af9431ece7f152f9cff1cf21356e0092a38b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
date: Tue, 25 Jul 2023 08:40:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 265 B
360 B 158ms
156ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: dfdd1cc5c2ad0b39a128c6cf51788f1c521b53285ad338efcf917e37efcbca07

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: fb412b75dd5d20a4510773377bb2db26
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 431ms
152ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 25 Jul 2023 08:40:45 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: df03b2a1336945366f8e9e286bd50af4

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 21 KB
4 KB 721ms
231ms XHR
application/json 3.222.55.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=64a6a318fc0f1863630e3d76&AV_PUBLISHERID=64a6a28412362fe49d068588&AV_VIDEOURL=https%3A%2F%2Ffeed.playstream.media%2FmanualUpload%2Ffsk5i3ztuqclk84rs4h%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&AV_CHANNELID=64a6a2c7623c439f0706fc05&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=64a6a318fc0f1863630e3d76&AV_TEMPLATE=64a6a1832f5662e69105a966&AV_GPID=/64a6a28412362fe49d068588/64a6a318fc0f1863630e3d76/xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&d36=6.2.117&responsive=1&sver=4&avtoken=445247&omv=1.0.1&AV_D66=8.3.14&clsid=2704d1a7-7fd8-4304-8bea-7cf0e6072d08&rando=98&AV_WIDTH=100&AV_HEIGHT=56&AV_CCPA=1---&AV_DNT=0&cb=1690274445249&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64a6a28412362fe49d068588
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.55.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-55-84.compute-1.amazonaws.com
Software: /
Resource Hash: 943a1012ee5b55416c606a4b3b0423ca314f5d19f949856b6c7425a2ffd6bf5f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Thu, 13 Jul 2023 18:54:05 GMT

GET
H2 200 track
track1.aniview.com/ 0
97 B 220ms
220ms Image
text/plain 50.16.166.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&sn=&ic=0&tgt=0&app=&wi=100&he=56&test=&d36=6.2.117&apppkg=&fv=1&proto=https&d66=8.3.14&clsid=2704d1a7-7fd8-4304-8bea-7cf0e6072d08&rando=98&pid=64a6a28412362fe49d068588&cid=64a6a2c7623c439f0706fc05&stagid=64a6a318fc0f1863630e3d76&stplid=64a6a1832f5662e69105a966&e=inventory&vi=100&cb=1690274445248
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.166.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-166-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
647 B 194ms
180ms XHR
application/json 54.72.84.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.84.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2eca5f497cb4b93f7f375439085914224828d80beb44498587be85bd02ad82b6

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
cache-control: no-cache
x-server: 10.45.2.118
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 3EC1 4 KB
1 KB 431ms
143ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 08:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 08:23:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 08:40:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ED4F 14 KB
1 KB 418ms
144ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 08:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 08:22:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 08:40:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame ED4F 2 KB
945 B 528ms
216ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:03:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame ED4F 23 KB
9 KB 527ms
217ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:03:30 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4052 143 B
383 B 449ms
143ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 1739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame ED4F 3 KB
1 KB 536ms
228ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 08:06:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame ED4F 20 KB
9 KB 450ms
141ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:03:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED4F 179 KB
56 KB 248ms
247ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:40:45 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame ED4F 33 KB
14 KB 446ms
140ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:41:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 13:03:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 3EC1 20 KB
9 KB 424ms
149ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8607
x-xss-protection: 0
server: cafe
etag: 1206383197409669553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 19:22:06 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3EC1 205 B
295 B 480ms
208ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 09:11:12 GMT
x-content-type-options: nosniff
age: 84573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Jul 2024 09:11:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3EC1 604 B
920 B 479ms
207ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:38:20 GMT
x-content-type-options: nosniff
age: 122545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 Jul 2024 22:38:20 GMT

GET
H2 200 flickstree_combine_content_17_06_230.ts Show response
feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/ 2 MB
2 MB 168ms
167ms XHR
video/mp2t 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/flickstree_combine_content_17_06_230.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-198.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: e5333d4bcaf0ba8811fe10ae35f1bf54082d7f5a1b6fe8a25ff0f9aa5c2fd507

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 25 Jul 2023 08:40:45 GMT
cdn-edgestorageid: 1075
cdn-cachedat: 07/18/2023 10:32:12
cdn-pullzone: 1464120
content-length: 1851612
last-modified: Tue, 18 Jul 2023 10:07:18 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 823ebb19c40eefc4def8684f73652d4c
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame D2E1 222 KB
62 KB 449ms
134ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame D2E1 15 KB
5 KB 588ms
274ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame D2E1 94 KB
28 KB 594ms
281ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame D2E1 5 KB
2 KB 583ms
270ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame D2E1 40 KB
13 KB 620ms
307ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D2E1 14 KB
1 KB 149ms
148ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 08:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 08:23:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 08:40:45 GMT

GET
H2 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D2E1 3 KB
3 KB 182ms
168ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22123
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D2E1 344 B
449 B 192ms
175ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49016
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D2E1 0
0 454ms
143ms Image
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTas_28axRX3U-IfcRybAqBP4z7--0FC9zzNxHgigY4TcRmL8pP2ZQIF8vv7U1Iwt7eFepzN4YT1ENREbARN6fbst5ATQ
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D2E1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e39962bf455280f804154285b13ad2c81d1b52cbd7db9ffce64b273a95a8f8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200 1316.json Show response
id5-sync.com/g/v2/ 600 B
1 KB 419ms
143ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1316.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158460/7140/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

688f62e65616371d79dd5a594e3ff95cd3e3eac7ae219122c74da14458c38253

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 156ms
152ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.867115600653166

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-KqdDbXhNtY88PzcH7XadqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-KqdDbXhNtY88PzcH7XadqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 219ms
198ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.722597898888655

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yt2bktyVh4ZFCTSxA1SGfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-Yt2bktyVh4ZFCTSxA1SGfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame B8B3 572 B
805 B 444ms
156ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 300eb869068f967210b1ce0ffac9fc8a1f3064cbbe5cf58a202db0f7dd8e20b3

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 378
content-type: text/html
date: Tue, 25 Jul 2023 08:40:46 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D2E1 33 KB
34 KB 415ms
135ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 567089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:09:17 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4052
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
298 B

144ms
143ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:40:46 GMT
expires: Tue, 25 Jul 2023 08:40:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:40:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tc-modernizr.js Show response
cdn.pubguru.com/ 55 KB
21 KB 476ms
163ms Script
application/javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pubguru.com/tc-modernizr.js
Requested by: Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b78222040390c142b5db713e2056cdce01d935a8a289fba890281a4867dddda1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: wK1yK.seBcNMdh0KRrdWih.NVUUalRr_
content-encoding: gzip
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
date: Tue, 25 Jul 2023 02:02:47 GMT
last-modified: Fri, 15 Jan 2021 14:02:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 23880
etag: W/"7397d6933f0607215d5803ac483dccf0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ne-faPqYzGN9W6iiT8VNotcfTBuGXP-9gawO414lMy0cQ70Oc3Qjkw==

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FC74
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

421ms
134ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64a6a28412362fe49d068588
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jul 2023 08:40:46 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 25 Jul 2023 08:40:46 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 0
513 B 910ms
442ms Fetch
application/json 100.26.7.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=367d5ec702a57ec67f35e9045e3a569d&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1690274445085-913952623209-001200-007-002573&AV_TAGID=64a6a318fc0f1863630e3d76&AV_PUBLISHERID=64a6a28412362fe49d068588&AV_VIDEOURL=https%3A%2F%2Ffeed.playstream.media%2FmanualUpload%2Ffsk5i3ztuqclk84rs4h%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&AV_CHANNELID=64a6a2c7623c439f0706fc05&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=64a6a318fc0f1863630e3d76&AV_TEMPLATE=64a6a1832f5662e69105a966&AV_GPID=/64a6a28412362fe49d068588/64a6a318fc0f1863630e3d76/xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&d36=6.2.117&responsive=1&sver=4&avtoken=445247&omv=1.0.1&AV_D66=8.3.14&clsid=2704d1a7-7fd8-4304-8bea-7cf0e6072d08&rando=98&AV_WIDTH=100&AV_HEIGHT=56&AV_CCPA=1---&AV_DNT=0&cb=274446090&wfc=1&tgt=0&&AV_VI=100&AV_VID=0&d4=1&d5=0&AV_PLCMT=2&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=6&ms2s=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64a6a28412362fe49d068588
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.7.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-7-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Thu, 13 Jul 2023 18:54:06 GMT

GET
H2 200 track
track1.aniview.com/ 0
97 B 239ms
239ms Image
text/plain 50.16.166.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=GE&cos=Windows&r=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&rs=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&sid=37166&t=1690274445&cip=91.239.206.82&sn=&tgt=0&osv=10&bv=115.0&brn=Chrome&wi=100&he=56&app=&AV_PUBLISHERID=64a6a28412362fe49d068588&test=&d64=367d5ec702a57ec67f35e9045e3a569d&d63=367d5ec702a57ec67f35e9045e3a569d&aafaid=&proto=https&uid=1690274445085-913952623209-001200-007-002573&cha=0.7&stagid=64a6a318fc0f1863630e3d76&stplid=64a6a1832f5662e69105a966&d35=&d36=6.2.117&cb=43315502269&d39=&d65=&d66=8.3.14&d74=&apppkg=&d9=0000&d37=realtime&pt=2&d66=8.3.14&d74=&stagid=64a6a318fc0f1863630e3d76&stplid=64a6a1832f5662e69105a966&cvid=&cpid=&str=autostart&AV_WIDTH=640&AV_HEIGHT=360&&ppid=64a6a28412362fe49d068588&nid=5e7b9048180bd02ded4b0937&pcid=64a6a2c7623c439f0706fc05&ncid=64a6a295318a0b9c440741d5&pasid=64a6a2c7623c439f0706fc04&e=request&cb=1690274446091&asid=64a66de2b318d5f3a706989f%2C64b8efe668274986f9005524%2C64b8f009cb016f6b58086ed4%2C64a66e07bd3c72c28e0cd68b%2C64a66dabd0aae8918605f859%2C64b8f053660cfaa9ab0f5664%2C64b8f089a7523b965f076a54&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.166.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-166-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
BLOB 200
OK 96fd6c5c-c261-494c-969a-7be931986f41
https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/ 94 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/96fd6c5c-c261-494c-969a-7be931986f41
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length: 96496
Content-Type: text/javascript

POST
H3 204 AGSKWxUGa24TfmpjnqzdJ8DhTilOojM3kQ5oy-C6bL4hPt5N9iIhrphlS5uJXBzh7eUpF-ScW9Wg67UtlXuUmRkFWNMRud-9sYkBxPwDHLdK5ZGCHjGKr2U4RQFCtozezTgcqI7LUd2knw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 424ms
152ms XHR
text/html 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGa24TfmpjnqzdJ8DhTilOojM3kQ5oy-C6bL4hPt5N9iIhrphlS5uJXBzh7eUpF-ScW9Wg67UtlXuUmRkFWNMRud-9sYkBxPwDHLdK5ZGCHjGKr2U4RQFCtozezTgcqI7LUd2knw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EejCbiOC-z4ArolZxeqHOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-EejCbiOC-z4ArolZxeqHOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame DD74 222 KB
61 KB 164ms
162ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame DD74 15 KB
5 KB 210ms
208ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame DD74 94 KB
28 KB 212ms
211ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame DD74 5 KB
2 KB 227ms
225ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame DD74 40 KB
13 KB 228ms
226ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DD74 3 KB
3 KB 135ms
133ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22124
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DD74 344 B
407 B 139ms
137ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49017
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

GET
DATA 200
OK truncated
/ Frame DD74 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8ad0a99d854356e58c40706afeb04a90d983f7aa84aa808b48d472559a9ec43

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 13301139587901443568
tpc.googlesyndication.com/daca_images/simgad/ Frame DD74 70 KB
70 KB 137ms
135ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13301139587901443568

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

e110dfd1555840c1ac9825bc01ca090fe41a796b5e72d57a95a73d59d7c21f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:30:45 GMT
x-content-type-options: nosniff
age: 447001
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71456
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 00:37:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 04:30:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DD74 0
0 145ms
143ms Image
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSIHytXGtPOq-8UDCsvfBPDQPzDFdNWR9iZzodjwAOXDXoiUnnLluGHPRi-Pu_MZE4NAPZ7Td4_NjpXxhMP2IjWimEgA
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B8B3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7089798143079381276

43 B
106 B

159ms
153ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7089798143079381276
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7089798143079381276
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame B8B3
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3557351e-6395-cfb4-3e63-11ecef73e0be
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3557351e-6395-cfb4-3e63-11ecef73e0be&dcc=t

43 B
855 B

336ms
335ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3557351e-6395-cfb4-3e63-11ecef73e0be&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:40:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3Q3NPHFE4ZHC558A2M78
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:40:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X7S2HVTVDW0RQA4DQDQ5
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3557351e-6395-cfb4-3e63-11ecef73e0be&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B8B3
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=6d814963-7f3f-744e-fe6d-937b87402b5e&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=90eed1d6-3d42-4fa0-9949-e9ad527fe34f&ttd_puid=6d814963-7f3f-744e-fe6d-937b87402b5e&gdpr=0&gdpr_consent=

43 B
323 B

159ms
156ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=90eed1d6-3d42-4fa0-9949-e9ad527fe34f&ttd_puid=6d814963-7f3f-744e-fe6d-937b87402b5e&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=90eed1d6-3d42-4fa0-9949-e9ad527fe34f&ttd_puid=6d814963-7f3f-744e-fe6d-937b87402b5e&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B8B3 170 B
409 B 425ms
143ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDFlZTlhYTktYjY0OC0yYWVhLWViOGQtYzljMjRkYTJlNTNl

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B8B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHBvf1qcxmDeDRzhDIs4w0c&google_cver=1

43 B
106 B

155ms
154ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHBvf1qcxmDeDRzhDIs4w0c&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHBvf1qcxmDeDRzhDIs4w0c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D2E1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

145ms
145ms

Image
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Redirect headers

date: Tue, 25 Jul 2023 08:40:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F63 38 KB
15 KB 417ms
134ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:02:10 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame ED4F 62 KB
23 KB 136ms
135ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4427770d30ccf8b4e950d8d03a9d4ec0e4976ed6cc85b793aab1c7d9ecf8fda0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23841
x-xss-protection: 0
server: cafe
etag: 13335932594914250126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 09:33:51 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7BB8 15 KB
6 KB 153ms
151ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:40:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 227679
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D2E1 0
0 187ms
186ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWd77jYq_ZPO9Db2s9u8PpvGq0AGmqpK8cbvum_fEEb25k7jfPBABILnojk5gjfLSA6ABrPbwkAPIAQbgAgCoAwHIAwqqBMMCT9DV5Q87MctAzBq7it9OBSSc2ne4Otj7DQCj5wQ0wseYfNBHrFpiqRiZ89Zmh5-2jhAkKZXN9TuPEZqYE_yslMcmOmaKZC5wU4JFSSj-s-iNX-dFmO-vQfuE1H0f2y4d6sFc1NtPPcjPVLWKrLlwTe7ro6DcxlLG49yWkAcCGysdpsY8d2nrcbwiQbMhNLtpHTmoL7YlyrMubQKGL_-i11WJ1BTstmchs_871COxKHB1KVkCUWx0_nD0p6uHuLMDrmFwnwLhk9Ucsns5-cG4J-OvsaMgLc6hCUf7pr11ylTWj9MbckbPa_pGcef1H3Y4Nwcok8sVRBTv5XXJlZhRNIlQFuxEFWanWXsJBz_a6_y4nqKqFBWDDyBQvaUsHtgLtE6oFWGCFySpZYifwCal9Ji91uIOHVikEXkKdsfAQKFCgeLABK2WzueuBOAEAZIFBAgEGAGSBQQIBRgEgAe8iY9vqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQm_YJ0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgwMjI2NjAzODg1NzEzMRip3Rg&sigh=h3k99MYe1_Q&uach_m=[]&cid=CAQSPABpAlJWVfyjGUkH6jVeXREQOLftaEbsX56RHsi_mBE4Fx_F3j2raln0eDRieyuQwZmt740pfkmYorS-4BgB&template_id=492&cbvp=2
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame 5625 222 KB
61 KB 137ms
136ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 5625 15 KB
5 KB 149ms
148ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 5625 94 KB
28 KB 151ms
150ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 5625 5 KB
2 KB 156ms
155ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 5625 40 KB
13 KB 158ms
157ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5625 3 KB
3 KB 134ms
133ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22124
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5625 344 B
402 B 135ms
134ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49017
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

GET
DATA 200
OK truncated
/ Frame 5625 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4920439ec5d2ecd4ffa32c5820106c1d78f7f0595baad0890f9d751524788009

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3722555285681734457
tpc.googlesyndication.com/simgad/ Frame 5625 21 KB
21 KB 136ms
132ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3722555285681734457?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkzUs55H7_HaUcM7W9MfRigU44akg

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

f025076630b111e12b504f82631fe1e5f8815616bb5f47e665b080b38d2946ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 21:53:49 GMT
x-content-type-options: nosniff
age: 384417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21439
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 13:07:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 21:53:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5625 0
0 147ms
144ms Image
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGdidU1A04QWAoZ_4YAkpKSqSdebynxYAB5mcEJ1HloM2ZMJt4-wdN1oD05sY3GFJ2VuM9ythucJ7onNfjk3qJ34lCfw
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DD74
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

148ms
147ms

Image
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Redirect headers

date: Tue, 25 Jul 2023 08:40:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DD74 3 KB
3 KB 139ms
138ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22124
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DD74 344 B
368 B 138ms
138ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49017
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 47 B
47 B Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: text/javascript

GET
BLOB 200
OK c4afd128-d5d0-49a2-84c1-41bdf829be36
https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/ 47 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/c4afd128-d5d0-49a2-84c1-41bdf829be36
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length: 47
Content-Type: text/javascript

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED4F 0
56 B 250ms
204ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED4F 0
234 B 248ms
203ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 7BB8 433 B
554 B 143ms
142ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=contact.page&sn=ChromeSyncframe&so=3&topUrl=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&bundle=-I1Kpl9zSDkybVNUYjliRWJMMzElMkZQdHNUSVhKRlpCVUo1QXdTUDNUZ2drOXAwUFRmVmFaTElZaEIlMkZHaUZIVnNVeTlZdEpLUkcxaG1ldWV5cTU4WjhYJTJCaG9qS0hMS3J5Wk1tRzZlZFlWTWJCckNpT0UzRmN4c1FFQ3VPYWU3TDJPTm9wcg&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

49bbe0b5cb08f0092426784bc5da75656c83a665bc0de6a6d70818d8d0e8f17f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&gdpr=0&gdpr_consent=&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2027758
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame ED4F 0
54 B 925ms
323ms Ping
image/gif 192.178.49.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lki1rhzx&e=21068133&ctx=2&qqid=CPOH2v66qYADFSij_QcdGxgLoA&met.4=fb.c~lb.eq~ol.s9~idt.d4~dt.-p0&met.3=492.k_1~733.f3~748.g3~742.f2_15~739.g8~555.gx~556.gy_2~738.s8~749.s8_1~113.yw_8~113.z5_1~112.yu_c&met.1=1.lki1rh13~14.1~15.1~16.1~17.1~18.1~19.1~20.1~21.1~1.lki1rgwp~6.1~7.1~8.1~9.1~10.1~12.2~13.3s~14.3v~15.3z~16.mm~17.mm~18.mm~19.wn~20.wn~21.wn&met.7=CBsQCBgBMAE4AQ~CBIQBxgBIA0oDTCxAzikA2ifAnCvA3jcC4ABsAmIAe1tqgEVChNHb29nbGUgU2Fuczo0MDAsNTAwsAEBuAED~CBwQChgBIBQoFDClBDiRBGjKAnCkBHiNCYAB4QaIAZAOsAEBuAED~CAkQChgBIBYoFjCvBDiZBGjKAnClBHibSYAB70aIAd61AbABAbgBAw~CCgQBRgBIBgoGDDdAzjFA0AaSBtQG1jEAmBhaMsCcNsDeL0DgAGRAYgBjwGwAQG4AQM~CB4QChgBIBgoGDCxBDiZBGjLAnCwBHiADIAB1AmIAYEVsAEBuAED~CBwQChgBIBgoGDDgAzjIA0AYSBtQG1i7AmBgaMkCcNkDeKFDgAH1QIgBk50BsAEBuAED~CE0QChgBIBkoGTDuAjjWAmgacJECeKHCA4AB9b8DiAHGlwuwAQG4AQM~CBsQChgBIBkoGTCbBDiCBA~CCgQChgBIIQIKIQIMLEJOK0BaIQIcIwJeM28AYABoboBiAGU8gOwAQG4AQM~CBsQCBgBKAEwiwE4lwloAnCIAXiJF4AB3RSIAZIwoAHi_v________8BsAEBuAED~CBIQBxgBIJ0BKJ0BMM8EOLIDQJ0BSJ4BUJ4BWLsDYOkBaLwDcMsEeK8HgAGDBYgBvCOgAeL-_________wGqARUKE1JvYm90bzp3Z2h0QDQwMDs3MDCwAQG4AQM~CEsQChgBINcBKNcBMMEFOOsDaOcDcP8EeMtFgAGfQ4gB-aIBoAHi_v________8BsAEBuAED~CBsQBhgBINoBKNoBMLsFOOED~CBsQBhgBINoBKNoBMLoFOOAD
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.178.49.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: phx18s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame ED4F 0
54 B 918ms
322ms Ping
image/gif 192.178.49.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~lki1ri19&e=21068133&ctx=2&qqid=CPOH2v66qYADFSij_QcdGxgLoA&met.6=6.1_CgggPCoECAgSAAoLGLgCIFUqBAgIEgAKDRiLBCA8KgYIARICEAEKCxiWBSBpKgQIBRIA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.178.49.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: phx18s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DD74 0
0 179ms
178ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsLWWjYq_ZJGtHs-u7_UPk92L-Av3o9K3cYemotSoEIP07pbTNRABILnojk5gjQKgAfLk840DyAEC4AIAqAMByAMIqgS9Ak_QUS3sxV2RQx627SKoifWM4BaCXMR0ifCTK5_xjGfsrlei3EzVm_ZdoTGmeW__Nmy03pxBbRGb90o_t1AkXaDbBt0jVOXgeeQ_L1UwV9vysLKlnND0Ktfo8z0wOwG8lGJeHD5m0JqJ9iV5hGSFSwhu5_b29zkrkERcHpd7LYn6HdWu5Bsz6035w1hXYSPuvj2nNUa_QCl2AGVURoj-sIwJLfUjO_Hof-IhQRhD7JhVbAbgncRlMXPkfa-dfMuUec0wWKxbxie5IzCBZGBNFnN3nkBl3ENnpMUNp2LPKDYyYTbJGIqFqbQFCKrzC3Y3KeeY9Lmav5-IYv_TILo11dK7I_dX80NiXd88SprDLKNg5HZu3hn0rIeL9XBO0E_1OZsEc-rBV6WtzZBzq9xL6SDHCsm3k4ZM7jVtsDOtwASozO39oATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH9pqMcqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM7YAdIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTM4MDIyNjYwMzg4NTcxMzEYqd0Y&sigh=H0JEQeFJKew&uach_m=[]&cid=CAQSOwBpAlJWbhhppxo8E65Qi2ntx-gz4bunqThjq5KPHyhb6YkJNIroiKA3bbo1TG_HCnmTeWUC1n4-L3KyGAE&cbvp=2
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5625
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

147ms
147ms

Image
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Redirect headers

date: Tue, 25 Jul 2023 08:40:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 3722555285681734457
tpc.googlesyndication.com/simgad/ Frame 5625 21 KB
21 KB 135ms
135ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3722555285681734457?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkzUs55H7_HaUcM7W9MfRigU44akg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

f025076630b111e12b504f82631fe1e5f8815616bb5f47e665b080b38d2946ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 21:53:49 GMT
x-content-type-options: nosniff
age: 384417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21439
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 13:07:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 21:53:49 GMT

GET
H3 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5625 3 KB
3 KB 134ms
133ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22124
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5625 344 B
368 B 134ms
134ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49017
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame 6308 222 KB
61 KB 137ms
136ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 6308 15 KB
5 KB 299ms
298ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 6308 94 KB
28 KB 313ms
311ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 6308 5 KB
2 KB 352ms
351ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 6308 40 KB
13 KB 353ms
352ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6308 14 KB
1 KB 143ms
140ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 08:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 08:27:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 08:40:46 GMT

GET
H3 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6308 3 KB
3 KB 161ms
161ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22124
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6308 344 B
368 B 172ms
171ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49017
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6308 0
0 146ms
144ms Image
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVQT9Wgt_vieFvk6gO0W6Z9l__w0lcoWw1zde47HYIUZaOq-klz_rLHmUxhQdaGTYEKfqNB16w0fz_NF7biX3bU_fesA
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3195253905395960699/ Frame 6308 12 KB
12 KB 166ms
166ms Image
image/jpeg 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3195253905395960699/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

1acc06a1d5400a0e969ff8c6c1077ddc72e63a5a8e798d6a19d88473c4a03a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:22:59 GMT
x-content-type-options: nosniff
age: 440267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12350
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 10:42:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 06:22:59 GMT

GET
DATA 200
OK truncated
/ Frame 6308 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6308 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6308 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 750ca94ee9fe9b7828624e59a4aeb139ff2d343a2a71ad7b5ae006e37d90b582

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads_9_ Show response
fundingchoicesmessages.google.com/f/AGSKWxVWNFTteUEoBSrqQqCZwRcHBxh8DgUI2ELE0YUb91_FT_PhOL0Dc33ShnJmfwM9GLd5MgN1m_XpPIaVuOPm0DO3s6UFzRaVhcfkPe0BBbVZq6jxTwFSdwHWt9v0mEoBAIRUhlF9jfCOzfxiEHVaHcenVIFIJ... 54 B
109 B 149ms
149ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVWNFTteUEoBSrqQqCZwRcHBxh8DgUI2ELE0YUb91_FT_PhOL0Dc33ShnJmfwM9GLd5MgN1m_XpPIaVuOPm0DO3s6UFzRaVhcfkPe0BBbVZq6jxTwFSdwHWt9v0mEoBAIRUhlF9jfCOzfxiEHVaHcenVIFIJefu613Sjz3vbj9nUzaKdG852nuHp0-E/_.th/ads//adscale1./ad_sticky._468x80//ads_9_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fSBHPOxEN4E.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx4vKcbAqh1IIVQHIeXAzvBhrtjtA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

b256860f89e33457e4fe69172475b06817507e9fde11eadcf8a3b1d8747f0598

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NagsxPNKR15yqY65cQttbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NagsxPNKR15yqY65cQttbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 48 KB
16 KB 135ms
133ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fSBHPOxEN4E.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx4vKcbAqh1IIVQHIeXAzvBhrtjtA/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

989797a71c9a05520ce924e3252ce0846c549864e8fa0b6f530272275ff47671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16475
x-xss-protection: 0
server: cafe
etag: 12774666618465165777
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 09:26:35 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGa24TfmpjnqzdJ8DhTilOojM3kQ5oy-C6bL4hPt5N9iIhrphlS5uJXBzh7eUpF-ScW9Wg67UtlXuUmRkFWNMRud-9sYkBxPwDHLdK5ZGCHjGKr2U4RQFCtozezTgcqI7LUd2knw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vY6jBR0pbjBu96wJXDz7ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-vY6jBR0pbjBu96wJXDz7ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6308 33 KB
33 KB 136ms
135ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 567089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:09:17 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame ED4F 0
234 B 645ms
321ms Ping
image/gif 192.178.49.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~lki1ri1c&e=21068133&ctx=2&qqid=CPOH2v66qYADFSij_QcdGxgLoA&met.6=6.1_CgsY6gsgOSoECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.178.49.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: phx18s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5625 0
0 178ms
178ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkFd2joq_ZKDHAojG7_UP76KSaPej0rdxuKqdvuIQ2_PultM1EAEgueiOTmCN8tIDoAHy5PONA8gBAuACAKgDAcgDCKoE7QJP0Igap0vVfB703k-0lguGY_BzYCR3hkV906coZxI7in62ABldSrdJlb45hHy0rjVt0iQowugv1ZDhXgYUQhI27s4QYm9q7BoPhwEJhm5prLIBDicv-Zo-QX3GBNCg1jFALp_jXXNRoRLGsF9Yv3QcjudPV0yKpJrpGPlnpHefMlIvTU3B4SKXoV0yrJpyG2WH9h2CSbrpgI1WfbpIJeydkCfjP07SlL54dLUy8JhlIGTzQzArJ_odU_4jTK7SJV2mDYDY2RWQtNf8Srd6ApbAlLvWND6d4bjeiDNi0lgpOI1oJ9l5HkNE4d8DZcn7zbEZql3M2OAPVIMNIXq_36uoW7RvA7z3jYcJKUL4NU0N793atjTXt5P-rzb9O4bbkZh_4roqlXajRFmHsf1wb6TmjNM6cbxZppzEO0_cuVCVLiNy1fs-PUzU6hX7nFOq5ensU3lfeK2F43ngGHLA62DEoWL5ScSiUtdksr1ZR8AEqMzt_aAE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_aajHKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCTwALSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zODAyMjY2MDM4ODU3MTMxGKndGA&sigh=DfX2DhjbOwg&uach_m=[]&cid=CAQSPABpAlJWbka8pzA4eDcvBWZTdkrFPzCQ_g_bp-thWEvnGWyJC5hgKmImgB0oK_4CVfQimoLYb0Ibe0_uIxgB&cbvp=2
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame 499E 222 KB
61 KB 136ms
136ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 499E 15 KB
5 KB 212ms
212ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 499E 94 KB
28 KB 219ms
218ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 499E 5 KB
2 KB 238ms
238ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 499E 40 KB
13 KB 239ms
239ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:40 GMT
age: 55807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 499E 14 KB
1 KB 142ms
142ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 08:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 08:27:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 08:40:47 GMT

GET
H3 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 499E 3 KB
3 KB 134ms
133ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22125
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 499E 344 B
368 B 134ms
134ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49018
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 499E 0
0 143ms
143ms Image
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7UzUqinWSSv0gTQfIuiJrZwxEw9mhFF4lPFGGR2lKw_UUmWfDgaPqroj-R9pdVcIVsIntGFwWG1OfX152TcPcR2oPBw
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12168694347270706433/ Frame 499E 28 KB
28 KB 134ms
134ms Image
image/jpeg 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12168694347270706433/14763004658117789537?w=400&h=209

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

2c31ff9b6c984442ed2637123ff75deaf256f48b89d10c66a725789e618abbaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 00:51:01 GMT
x-content-type-options: nosniff
age: 200986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28641
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 14:18:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 22 Jul 2024 00:51:01 GMT

GET
DATA 200
OK truncated
/ Frame 499E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 499E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 499E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78e058e2d149dd050edd920b737debbcae846027c23b6bef0a18070298a6bbd0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FC74 34 KB
10 KB 145ms
144ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 217d77b3d3531e97301d1a144c343ae7d30c4847cc935a47718f58164dd185cb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 08:40:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2023 06:44:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=79395
Connection: keep-alive
Content-Length: 10113
Expires: Wed, 26 Jul 2023 06:44:02 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGa24TfmpjnqzdJ8DhTilOojM3kQ5oy-C6bL4hPt5N9iIhrphlS5uJXBzh7eUpF-ScW9Wg67UtlXuUmRkFWNMRud-9sYkBxPwDHLdK5ZGCHjGKr2U4RQFCtozezTgcqI7LUd2knw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xQ6wsNnoluPE8qNIB6VheA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-xQ6wsNnoluPE8qNIB6VheA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGa24TfmpjnqzdJ8DhTilOojM3kQ5oy-C6bL4hPt5N9iIhrphlS5uJXBzh7eUpF-ScW9Wg67UtlXuUmRkFWNMRud-9sYkBxPwDHLdK5ZGCHjGKr2U4RQFCtozezTgcqI7LUd2knw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kn3Rok9qSTBWapdi7LsXpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-kn3Rok9qSTBWapdi7LsXpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGa24TfmpjnqzdJ8DhTilOojM3kQ5oy-C6bL4hPt5N9iIhrphlS5uJXBzh7eUpF-ScW9Wg67UtlXuUmRkFWNMRud-9sYkBxPwDHLdK5ZGCHjGKr2U4RQFCtozezTgcqI7LUd2knw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nr92o2Xm5Tj_AHzx2MGujA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-nr92o2Xm5Tj_AHzx2MGujA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXCSd6LrlhpHZdXeDL36NS-LvMnCRF0i2Gp_AvPkx_V73MQdzOIVspB42KE2I0le1yz4OyANRCaHqiIlHIqZMQJalrSjge_Jvtws79IAHvvX0-vecOejGLdAiaWEuvfZVaYI4DUfw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 177ms
177ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXCSd6LrlhpHZdXeDL36NS-LvMnCRF0i2Gp_AvPkx_V73MQdzOIVspB42KE2I0le1yz4OyANRCaHqiIlHIqZMQJalrSjge_Jvtws79IAHvvX0-vecOejGLdAiaWEuvfZVaYI4DUfw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkwMjc0NDQ2LDk3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8veG4tLXRoLXRoMTEyNzA0NC0tLS0tcGMyYzZkdWl0Ync0ZnZleWY0Y3dhN3EwYmY1YTE3YS5jb250YWN0LnBhZ2UvIixudWxsLFtbOCwiZlNCSFBPeEVONEUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

f89892b79f44a94793801ce9e65ed2562908500cacba3eebb2dd510f988c1a94

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B0A6QPpnxWmuyMm6clTgug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B0A6QPpnxWmuyMm6clTgug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6308 3 KB
3 KB 133ms
133ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22125
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6308 344 B
368 B 136ms
136ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49018
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame ED4F 0
54 B 432ms
323ms Ping
image/gif 192.178.49.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~lki1ri91&e=21068133&ctx=2&qqid=CPOH2v66qYADFSij_QcdGxgLoA&met.6=6.1_CgsYuQ0gNSoECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.178.49.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: phx18s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 499E 33 KB
33 KB 136ms
135ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 567090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:09:17 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 499E 15 KB
15 KB 168ms
167ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:16:37 GMT
x-content-type-options: nosniff
age: 566650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15352
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:34:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:16:37 GMT

GET
H3 200 AGSKWxUIH4Lj_IWbAwyZYcFvnv0KWBngFWlV3rjAMr0IR_HKSv97GD1dPbxv2DLaBSKP5UeqWEB-EFbOYCMlrOfEWVirMFI2wYD4N6K7t59SnIYXZxYBc9Cv5rDBA_NhCz2nQi84Tb1Ftg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 171ms
170ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIH4Lj_IWbAwyZYcFvnv0KWBngFWlV3rjAMr0IR_HKSv97GD1dPbxv2DLaBSKP5UeqWEB-EFbOYCMlrOfEWVirMFI2wYD4N6K7t59SnIYXZxYBc9Cv5rDBA_NhCz2nQi84Tb1Ftg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkwMjc0NDQ3LDE3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8veG4tLXRoLXRoMTEyNzA0NC0tLS0tcGMyYzZkdWl0Ync0ZnZleWY0Y3dhN3EwYmY1YTE3YS5jb250YWN0LnBhZ2UvIixudWxsLFtbOCwiZlNCSFBPeEVONEUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

9658ca00ba5f3920b8d5ac2f6484d51be14218d879528295c1e9a6fd500c2c0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pP64hc55YJh3HXWCmro7TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-pP64hc55YJh3HXWCmro7TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB40 6 KB
3 KB 135ms
134ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:40:44 GMT
expires: Wed, 24 Jul 2024 08:40:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 499E 3 KB
3 KB 133ms
133ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:32:02 GMT
x-content-type-options: nosniff
server: cafe
age: 22125
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Wed, 26 Jul 2023 02:32:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 499E 344 B
368 B 137ms
137ms Image
image/png 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 49018
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jul 2023 19:03:49 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6308 0
0 183ms
182ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CafVUjoq_ZOXhEP-n9u8Pj9WsqAz3o9K3ceyQs6juEIP07pbTNRABILnojk5gjQKgAfLk840DyAEJ4AIAqAMByAMKqgS9Ak_QZmF2XHniQ2FtB_oeKWLOJLt0a6twH903Hwimf_RBQWDP5PQH9K4FPyfUx4ejOQguUZ3rm1JcvKTg3EmP2bLI35Ncg3cwVafxWfZZ4o8rT9Cil8-3wRARJnfc4ro6K4tH_IUH0eIJNXu056pH50GMwQh6vhqhL8EV0LL3BWKofkDgKFWs9XFmh8CZZNc1AezJrDOtlpmq9tvCD3Pp5-mS_-4X3AumEPjp7LdNb46pUWAO4YwiTF9rsZ6b8cPjCi_xy-ruGwxJGWbl1LPjxdAtR-Pt8JKXVc1hktBx5MqA-7lspJMgnj0mna5o9uPrm7yiKFkWpOuuV4-R8nCqnW4vkLJTwBBH11B4Qe4C56Os1o5gorVZKrzmDLzJ0gT7-Y12i1E9bSIBYnO8VLz3JrkumvVnu7M9m08YNh7vwASozO39oATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH9pqMcqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENa3BtIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB2BMNiBQE0BUBgBcBshceChwIABIUcHViLTM4MDIyNjYwMzg4NTcxMzEYqd0Y&sigh=FKTyjb5oLMk&uach_m=[]&cid=CAQSPABpAlJWos1coO5Bcto41Kg-pkGvOJlJTIL7kutMQx8Bl7pD3H3MQSA5lDnME_RKclhSVRKHgLIjh-Hs3BgB&template_id=5000&cbvp=2
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C626 645 B
254 B 182ms
180ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbDg9IDEILBqJAEGMG_uu8BMAE&v=APEucNVDocl0dy7nkWTWW3is6O7Da7NrGQhJKrKgjX8eNs7uHKTVNEq-TTUzbDy4FcOQR_5IA1jkxyDe7JXuM3eVyv8RCt89ORF-M44i5mmxGmVsgq-ZAJk

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:40:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BB40 85 KB
29 KB 219ms
218ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:40:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB40 42 B
63 B 172ms
170ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFTsPq0YgLUsVjJf1olLzqghdOdevYfSIFrohuRf6uOqyVKm7_JjWMd9EZdcEghQMd8I1xamdbU_ryI6ddQGG6GCkhKzLk5i2iKkorrqt2TF9wp50

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB40 0
20 B 173ms
171ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3231001507459957331&x=1&ct=119

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame BB40 3 KB
1 KB 140ms
138ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 08:06:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame BB40 20 KB
8 KB 142ms
141ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:03:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BB40 0
0 149ms
147ms Image
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_GIxUlbEg54MSSyxXKOar63DUhiXB_GEfDQmhGUBupsUaes7pNC-0LPRmlH9mVOxGY2nnYWypeeeJoh1UkWVsLNTyzg
Requested by: Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB40 179 KB
56 KB 205ms
203ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:40:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 499E 0
0 182ms
181ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHiQ5joq_ZIbvIIn97_UPyIeqOI2ZwsVxgcCT6sMRZBABILnojk5gjfLSA6ABuKX9xSjIAQngAgCoAwHIAwqqBNcCT9D0Thu2IngTYnL4h85jXNPMXQwD1b0SpSq9x4EJ9lVePNQxPTJv8cyTn9thVpCEtaGl_DtIgCpDcfapR8O9e-TBxFF7Xx4D47eDym-WRkcKtgF-G69ObCfdXwZO00hQrGoFxfMNIQUSvdB_kxStOG3uYLxGhwhXGWehqlQo9Fvv2rop63fZM3AFiYw3e6lt4zdbEgreiXVlSdZNhvK-zlYBSVjnrKye0o6s4vss6Pws2DntmyOdXBUAfAz44SLsZoOUWszH4_31zPvdFVlYPZOLLdqli6bTrKaUbBNLVDLKanybuVpv4h1XkXvqjYTCaxPd2gmT8pfQ7HOlfJSlAa6ncbSITtSZpOjBqzrn3HTLz_NZx_5tRM5oMz41D9wqMniP7JOPzOIr3zGTJ7khpqFsNDBgOWh3vpPZ86MuQQubHGJlsp6kIlIqeEZhXRjuwNdrNS8bhcAE6YX9haYE4AQBkgUECAQYAZIFBAgFGASgBi6AB7jdzaUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQlvUD0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwHYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgwMjI2NjAzODg1NzEzMRip3Rg&sigh=8yxtkJzW3Xs&uach_m=[]&cid=CAQSPABpAlJWpazLQe1SrLvMjMhief0NESAVdGW_iGAqdQxzbphcIvgD4Z3JSN5S7Ud35tm2f13tIqmdgB73MhgB&template_id=5000&cbvp=2
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 AGSKWxU0trYon2rF0_NYM1tuZF3xMUaxCfvGuq8d9iKYFFIwgdPg5LdJE8cHaDXfTJ26nm-GZ0azNFMmJMJv5vxP1skMoPb3-eN9hxBG_2gfNqvsdYTE5s161Nw_XO-wkUsdMWc55HF6Xw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 166ms
165ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU0trYon2rF0_NYM1tuZF3xMUaxCfvGuq8d9iKYFFIwgdPg5LdJE8cHaDXfTJ26nm-GZ0azNFMmJMJv5vxP1skMoPb3-eN9hxBG_2gfNqvsdYTE5s161Nw_XO-wkUsdMWc55HF6Xw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkwMjc0NDQ3LDM1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly94bi0tdGgtdGgxMTI3MDQ0LS0tLS1wYzJjNmR1aXRidzRmdmV5ZjRjd2E3cTBiZjVhMTdhLmNvbnRhY3QucGFnZS8iLG51bGwsW1s4LCJmU0JIUE94RU40RSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

172ba1368a435e1e096cbd6ceed455ed1f71e4bd521e1908050ff6a4664db24f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bFGSNQiXNA7hXdeQ7vtQPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-bFGSNQiXNA7hXdeQ7vtQPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D2E1 42 B
64 B 175ms
175ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkwD7Gx2R4PgpV1Z19bMkpWeW0VFBsfaptzrO1a6HEhwkpeGuBAwZKM3vxZRYmAObFutD7IhpVBNg4PGhlGkhl4m8ASERB6Tx3AsHIBXibky2RwED23YixStUvttB5RGH7RkKMOgLaNQ&sai=AMfl-YTujrMR7huirilaLfS7U-Fq7v8H1fCwuwvmEx4jE-6Vl9-6u3Qi3bEMlTnxNYtmaXQuCwKWCQmoSEfrB0dPe1zyOe1ZpNzVY_rtSLBA94UZHKVCjyXloTNP137s&sig=Cg0ArKJSzJ8zCjj2zxIvEAE&cid=CAQSPABpAlJWVfyjGUkH6jVeXREQOLftaEbsX56RHsi_mBE4Fx_F3j2raln0eDRieyuQwZmt740pfkmYorS-4BgB&id=ampim&o=280,597&d=1040,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=724&tls=1725&g=100&h=100&tt=1725&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUWq2X40A5xryUfWVTlQISuDMot4jew2OwXHIro_VZMjVYw3OyfM-JMZZ8K9FPgEkiQZf12Knj1XB1WmteNTu70lqP0J2GX6MzHC6UlcZ1r1UBFi63DAXE2IytOZLA2a4RwI24wzw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 148ms
148ms XHR
text/html 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUWq2X40A5xryUfWVTlQISuDMot4jew2OwXHIro_VZMjVYw3OyfM-JMZZ8K9FPgEkiQZf12Knj1XB1WmteNTu70lqP0J2GX6MzHC6UlcZ1r1UBFi63DAXE2IytOZLA2a4RwI24wzw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hdaPUqHgsl6Gf1gDF6eKsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 08:40:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hdaPUqHgsl6Gf1gDF6eKsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C626
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&gdpr=0&C=1

43 B
766 B

136ms
136ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbDg9IDEILBqJAEGMG_uu8BMAE&v=APEucNVDocl0dy7nkWTWW3is6O7Da7NrGQhJKrKgjX8eNs7uHKTVNEq-TTUzbDy4FcOQR_5IA1jkxyDe7JXuM3eVyv8RCt89ORF-M44i5mmxGmVsgq-ZAJk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:40:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:40:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&gdpr=0&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C626
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZL.KjznARgoZgeVgpoV1RQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&google_hm=2

43 B
766 B

135ms
134ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbDg9IDEILBqJAEGMG_uu8BMAE&v=APEucNVDocl0dy7nkWTWW3is6O7Da7NrGQhJKrKgjX8eNs7uHKTVNEq-TTUzbDy4FcOQR_5IA1jkxyDe7JXuM3eVyv8RCt89ORF-M44i5mmxGmVsgq-ZAJk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:40:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENv-8YUyAzpVWQf19eKtP_s&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame C626
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELS2dSeTFXc22ru3IN4P1Wg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESELS2dSeTFXc22ru3IN4P1Wg%26google_cver%3D1

43 B
896 B

180ms
180ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESELS2dSeTFXc22ru3IN4P1Wg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbDg9IDEILBqJAEGMG_uu8BMAE&v=APEucNVDocl0dy7nkWTWW3is6O7Da7NrGQhJKrKgjX8eNs7uHKTVNEq-TTUzbDy4FcOQR_5IA1jkxyDe7JXuM3eVyv8RCt89ORF-M44i5mmxGmVsgq-ZAJk

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
an-x-request-uuid: c2526bf6-6217-4844-8ab2-2c9a281adc62
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 91.239.206.82; 91.239.206.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
an-x-request-uuid: 551429a5-2065-461b-8400-58380d8a6998
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESELS2dSeTFXc22ru3IN4P1Wg%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 91.239.206.82; 91.239.206.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C626
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1MTc4MDY0NzUxNjg1NDg3Ng%3D%3D

170 B
188 B

146ms
146ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1MTc4MDY0NzUxNjg1NDg3Ng%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
an-x-request-uuid: a9e4924a-af31-4953-a1ff-d353810fca98
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1MTc4MDY0NzUxNjg1NDg3Ng%3D%3D
x-proxy-origin: 91.239.206.82; 91.239.206.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FC74 284 B
954 B 546ms
135ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB40 0
20 B 166ms
166ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2732937868441&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB40 0
20 B 166ms
166ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2732937868441&version=m202306200101&ct=119&x=1&cor=3231001507459957000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BB40 89 KB
37 KB 202ms
201ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTuUhOypFKp8VOOuLiMc59Qd48AowJpb9t5iSt7xKGF3iyOoKwGSzKICx2tN4woyA15BuhIcCaIOyleQaTD5lasOuiVWs0FoZIz1UyVa4MMrRi1iRsKA8bapgl6sMV89cwIdntsKYW_YHfU-nUfm2PQ0y7uAcWWzzYnZIotlqMiTQHI3c&cry=1&dbm_d=AKAmf-DL7Q0B3-BovNwe07jhEugpu6HS5-DlMz8Qxa8YH0Z-zlRp6dhasktIkhWRBLr_0RyCTnBpxd6dNnOTUeufNhZQck7kSvnnKPSosxHDXKtOz-n1MGOe7XpWKJ6qGef6c2Bs2SBCG2d7GwhHpYSJE6autoJWaZSTfp0HSM6xa1dnU66CT8KmxN9oQZnwokFLzvKV2tNJjpaHe0NTmjUGyCk8rWS7EquVPqmSsWMtrj3NUOeTZ0Y4Kz_Et61s62PoSE6xopvt0j8tzMjlu1II5yegfu4hGi4SSstujOF6JdJr7tCYlZx1xQGQlZte3TZhlB6rIq1U1MG3pat0EBsPIUEBmgo604Iw9FdYeiM6yMgzFzegXkb0LgPbaotRCcxWuahIlQta0tBEJyrFQG7tnmHy9GoI8AXr0ya0gBbeTIZT9erpGmw_hRk40Ny-R5ICjnjwj2XGvANtFgJuLfJsTs_2AzykHsymyS-lgCQYXSbVAQ536obgwqOO25oAP1s5XVeTj9ZwcckFHD4DNa6dG0ZOTWcVBJdXjFmqF8BK_5FFoe3BjQaWp3UgOLC0ipvvoqmauQqIGohcyO-apl4Tt4VNA1GduC5Sg_PGUXcBUcI-c385VpVrDduOTaW34bv5sDRbpubXgPUXpF2DGPEMOX_NZIE-kzVuAku81MXdvxtsoJXco-3__jGVzVFLmGW8B5xRKKb3YhUvw5yYiBPUORAv7ItSEf7Q32H3vlDfygJ8R42NNL1BOl5aYuYCoaE_3vG3czsnruWx0DnBrx9BQgetO8L1uNw9ezUmuBHbquMTTN8O4FWxOzOSCwCIe0PNSt_e8ivDDrdmMUOm4f4d9_kPMCmD8rDYUPYlRjsisN0jULWaGz8-rahqafekhx2HlEPglJ7Td42qw2-3gresPEMyrz409JZAkfDtnI7h1Xta727g5X9UB1XzklMxr5Qkmx8o3t5FVQY9R_Kbr38Z2SUMU6NMQ3MkXc49Qy_DD26-Iuwdq9MIsfI8MrsJQG5laIvwvBAihbYcRq3K7e_L2SoEOy9ngiIOXGzeJ3bywVWyAdu5XL3Nd9VuHA9PXCAxjSdKkDjv6cO3c8O5BpMXbqDxnajD5i9nJ5x2NjK-tuK2gGGTpfWT31GQbX3VN7UwLJBbu6CRdNfaluFYN2irdVmDwHG1f9TaxgVrlDzS5Pr7JUb5JK_lW879F-61vysSQ2oMf1-HRWw5Qz8lj-URu0GVeyH4AuhpQtrmAFCnOI5N2bK8YhX6GVrX7d_xxBTySVFJtdJ42D3aBlsHqPU_54clMvawGvOmmXIimGi5j39j88ySd3jdn-jMXjN_S6Asq1m-Bm7S6VuvsWJo-7iPcQjoonOgI6BxoOpVWlNpyDwcF-Wu9MeGGlul9_cWDkBO74D-NSxfFmpMl4VbkjdPlNjjLaskQsjdRpSGikT4i97s0qikES-1PqFKtLEeZVi1nFWk77JEpHCpTH7Wqw2A4S-AKXse-wCR3IeYaYQH5jg4mL7nYmwbosZIjBs-cthIMN3i8LP0mNSQkLJwR96TNOjGI-VrBaVsGW7expHMOV525MSSn0S1uAKiDTqKreb7ikeYX0gJ7LliR97a0rmYJHWCwKjTqHPhEjVBW47Pfl0V1nhehKnrGvczpQqj3GKXDl_8ImEu9aLzdE2mu9DHIqJCujfKw4scAg1T8beRIGVw03v5G9S96Uo_usgE2j-ikbhLW1Q46J2pHoO1fqpfU_px_by1gOMDAQWW6MjttPsVt1bU_Oy01CZL_ET-DkNOg0-9GHnpDdgAsa94-IqK0dc4U-w7qBF2jBjTLtuo_-mj5ywsrRiR0tvwBSnD61c3Y-rCvviwL_UOQ3uuSvLMDcgal4Y7JBRuBYy57ZkInqWA_wFW_mTW5y9jVTWDH56Hb6SJpukrKDjdddYX4xgsKdE3up9zTOMYHJNUW4jQWx-72532E62cSn0Vf_EYli3dKORbjfGVMWD2PA34w0oNQuPmVFjDsjsmld9RQscPGWWl4lNqBnYRNsyIhuE9BbLhveU0DkLxVhn0el90bl7nYRCUi4eLxuH7_7RitUAqndnMNAK-up47Xqqcg_C2EwVpBxwHu2iV_dZsbM6NuLmjjuQUb7IkKz78Ds_oiYJPxqhqBS46ZxsbEX4gbPGwm7j15RyURmlhee_I-32R-43jKDDG-7mb_cuw12EPWIMKl8zewMchtUBXqHccLMr_ENuYKV2MXtOjiX9NY7CZ8VGmPlB0iA_NYb5t92az7m05cdEEui9reOes0owQk8edUYrgB_PA-xoWcffPF065FxVxT1fhXgIsMF2cquuVZX6-03BDiRfgSRv3qk2l2oxf12eS-19z7Wuiz3dNYL1f6DaMDpr2kFDDp2xjlnMdx3j_YaEqnjYy73_uxLICp-1mIws9ebFmOEM6ejiwEZsbZCpF7qC0KKAFZybsxojnPgbwIxiyk0SE7NjHI4Y4ew13w3mWgQAmO0wEry3EuDbIOAlUsH6l_gNfgMaAj0SrP4Ou6KLM11c8e9MtXKSaVJfsOv4mAfBK-q8IWeijsEpjunrOdIf9ThR0ynd9Q960bpacUHdVzNdNgUxW6gnmEto-fM72XmVPkI0mz0qLKkxDF7KaS1QAv87ulmSYIRHVFGwjSNRslfdXSB4PQByiSiHCO5H09OAJqyPFMDn_1HI9nq7ezG3JNseoIBmdEiQ7G8Tj-Aokauxb8xgBfG9GS0BQp2XEmrirTzIQ7_U7F3rfVDdC95kONPmFbylvU7Wxti3xB3v4cqtAWH7tEGRTYglyzfo_p-AJFb09woYtJB0ebztx954qBa3OGxsdgej5jjYfbionmNLISV_alFeFwkXsHe2wbNzkfRjcN8AmKzXkqhCadFVfFavTW_Nu371CKcL1-0b6CS_rWg6gImG2ZwoWhiUnxkdvP3iQLYzCQwwgs58zYkyO6XR2HWcaVdkDz52JN0V7UFjRk6GA70ubkSckHzj1iLmK8cL0a0jn7j8ijKF5i75V6cDKrfyLya8zMppK1Ph_Kgk4Tzv5CK6PVkA70pf39Jj1GPHbsR1RZDbxfeQ3hK9pYkcK_dwbP2ksxRTdsNDAYSG0AqSTS-0WF8Nc2QzHm8p7hbppdY83PrOxJKi50dh3jc0tBXzkR5hizqJ_0Ftpm56F32nPEFigGVKxuMsUrAbhqshRTVGmxilq-yg7gUWbwLND_alEXkX2FH7d92hDTPYhlzFgbkO7VVrlaq4jAVAd_opLehtD-bW-UwZs4Ku-t4BImM0L_xTX0RzZ0gm03VLWW9vJYoIlDU8-LIkayyUdfrIqTP7Lt_jEOmSv9bCt9ieoMjGYE3JW3qW0wBG0TkezilQ_SLWj1L2_y0vtPjbZxJVY0mvw0fwZ8Aqu2d33a8EA0VkcInkMdJardOs04wLvElxfzfA1i97u_brsBUJTphn913auVcX5hx6q4L10H4tJYeDivadtoRmFu6RL9mXq5Gnq3DFTI2jspCVY1CChSefGfObM4VTJnmXz9BYqmj9jjpA_KsRmryV_So0Nni4kOVHaJ7zwUyTiheXS1G5FH7FuDGE1_N61PMFuyWUzK0moyps5yY-EfnB8QyvyNbhged_I1rGLFLJPiT47h10o-79Sibx7GwnjGc-hwS-pW9YxNaKUVSBsRFXwilPTlx_9NRY2RvYNUircTKJ0tp29CefedhCfx6Q2fmA0qOabyqoDHN6ZHF196wFT5XtOJQ2DyMhMYz97mBrC-EP7GRuKXeHWjus_5BktQYC4CwOYd67M6Bw0baDwxNhOmaca5b3eKdka8O9kzhp3xLo6AlS9UD0H-BUU80K1wW5D48PL8zSU66EyR1aVtTxsQlyDLhafarCSKveLTraQfPVPkQgXLrRxiB7n-no7qx5uiWJbKXhTH9RWX5pykf1t5rSt2FzfL8UVJWhhUbOf16yfdZZK0tR9Pia0t_GEeWM0Nf5gVhdfq9u1BhQsXUOzJRltpjk2AZMx5gOs3fYomRlpy4MZWTQ-PO7UPtBxFq1Kj9nbpC9fEBG99nq1-JHhnbsYgYPeGcbn1zJLED-ajZUQhL3IkpJ4cWT3jPhh38TFO6mH2OLA8oHY4G65s8CLv1Y-o9-LA5uuArl-sSg7sh07pk5BmCVrrXHSjH-OOUlIlKVn0ejQkEaOM5ajs47w8_Lem20rkcZGJNZADI-MhsNcGG7YxjyumWfuJqSE1p_aZmbjGXr6wzPkI4UfLuxbYRESUX1U6N2EAcCy154qodP3rgsWrVrdjZnpHTfIivPO8f_2xV2OZC7Aif27zVt9un0IWq7F2mI5Unu314q__6qNkaG4EJ7l_SF3UUhn0HzGP419nFUoAGbyCK-_Uqh6ecLAADAZ-9-OfcOZAzJ0W_HD1U1slnpKnrUm0xqXZVI-goEc7DvX0XCo-HXOWAkgbbsl0Je1XS0&cid=CAQSPABpAlJW05364nmhQ-XCedldeZgIwLPcbQezsxzYB3o3Fghm2MJYTgkgdi0fNa0jOTkhJ7dpA1xk3m9ZDxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&ds=l&xdt=1&iif=1&cor=3231001507459957000&adk=548554675&idt=305&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

c0a0547bddcc23eba5ed4d3ef7c8641105c93ca434962f6b25892fd3741f8aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame BB40 111 KB
39 KB 427ms
136ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
Origin: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 13:46:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame BB40 11 KB
4 KB 134ms
134ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTuUhOypFKp8VOOuLiMc59Qd48AowJpb9t5iSt7xKGF3iyOoKwGSzKICx2tN4woyA15BuhIcCaIOyleQaTD5lasOuiVWs0FoZIz1UyVa4MMrRi1iRsKA8bapgl6sMV89cwIdntsKYW_YHfU-nUfm2PQ0y7uAcWWzzYnZIotlqMiTQHI3c&cry=1&dbm_d=AKAmf-DL7Q0B3-BovNwe07jhEugpu6HS5-DlMz8Qxa8YH0Z-zlRp6dhasktIkhWRBLr_0RyCTnBpxd6dNnOTUeufNhZQck7kSvnnKPSosxHDXKtOz-n1MGOe7XpWKJ6qGef6c2Bs2SBCG2d7GwhHpYSJE6autoJWaZSTfp0HSM6xa1dnU66CT8KmxN9oQZnwokFLzvKV2tNJjpaHe0NTmjUGyCk8rWS7EquVPqmSsWMtrj3NUOeTZ0Y4Kz_Et61s62PoSE6xopvt0j8tzMjlu1II5yegfu4hGi4SSstujOF6JdJr7tCYlZx1xQGQlZte3TZhlB6rIq1U1MG3pat0EBsPIUEBmgo604Iw9FdYeiM6yMgzFzegXkb0LgPbaotRCcxWuahIlQta0tBEJyrFQG7tnmHy9GoI8AXr0ya0gBbeTIZT9erpGmw_hRk40Ny-R5ICjnjwj2XGvANtFgJuLfJsTs_2AzykHsymyS-lgCQYXSbVAQ536obgwqOO25oAP1s5XVeTj9ZwcckFHD4DNa6dG0ZOTWcVBJdXjFmqF8BK_5FFoe3BjQaWp3UgOLC0ipvvoqmauQqIGohcyO-apl4Tt4VNA1GduC5Sg_PGUXcBUcI-c385VpVrDduOTaW34bv5sDRbpubXgPUXpF2DGPEMOX_NZIE-kzVuAku81MXdvxtsoJXco-3__jGVzVFLmGW8B5xRKKb3YhUvw5yYiBPUORAv7ItSEf7Q32H3vlDfygJ8R42NNL1BOl5aYuYCoaE_3vG3czsnruWx0DnBrx9BQgetO8L1uNw9ezUmuBHbquMTTN8O4FWxOzOSCwCIe0PNSt_e8ivDDrdmMUOm4f4d9_kPMCmD8rDYUPYlRjsisN0jULWaGz8-rahqafekhx2HlEPglJ7Td42qw2-3gresPEMyrz409JZAkfDtnI7h1Xta727g5X9UB1XzklMxr5Qkmx8o3t5FVQY9R_Kbr38Z2SUMU6NMQ3MkXc49Qy_DD26-Iuwdq9MIsfI8MrsJQG5laIvwvBAihbYcRq3K7e_L2SoEOy9ngiIOXGzeJ3bywVWyAdu5XL3Nd9VuHA9PXCAxjSdKkDjv6cO3c8O5BpMXbqDxnajD5i9nJ5x2NjK-tuK2gGGTpfWT31GQbX3VN7UwLJBbu6CRdNfaluFYN2irdVmDwHG1f9TaxgVrlDzS5Pr7JUb5JK_lW879F-61vysSQ2oMf1-HRWw5Qz8lj-URu0GVeyH4AuhpQtrmAFCnOI5N2bK8YhX6GVrX7d_xxBTySVFJtdJ42D3aBlsHqPU_54clMvawGvOmmXIimGi5j39j88ySd3jdn-jMXjN_S6Asq1m-Bm7S6VuvsWJo-7iPcQjoonOgI6BxoOpVWlNpyDwcF-Wu9MeGGlul9_cWDkBO74D-NSxfFmpMl4VbkjdPlNjjLaskQsjdRpSGikT4i97s0qikES-1PqFKtLEeZVi1nFWk77JEpHCpTH7Wqw2A4S-AKXse-wCR3IeYaYQH5jg4mL7nYmwbosZIjBs-cthIMN3i8LP0mNSQkLJwR96TNOjGI-VrBaVsGW7expHMOV525MSSn0S1uAKiDTqKreb7ikeYX0gJ7LliR97a0rmYJHWCwKjTqHPhEjVBW47Pfl0V1nhehKnrGvczpQqj3GKXDl_8ImEu9aLzdE2mu9DHIqJCujfKw4scAg1T8beRIGVw03v5G9S96Uo_usgE2j-ikbhLW1Q46J2pHoO1fqpfU_px_by1gOMDAQWW6MjttPsVt1bU_Oy01CZL_ET-DkNOg0-9GHnpDdgAsa94-IqK0dc4U-w7qBF2jBjTLtuo_-mj5ywsrRiR0tvwBSnD61c3Y-rCvviwL_UOQ3uuSvLMDcgal4Y7JBRuBYy57ZkInqWA_wFW_mTW5y9jVTWDH56Hb6SJpukrKDjdddYX4xgsKdE3up9zTOMYHJNUW4jQWx-72532E62cSn0Vf_EYli3dKORbjfGVMWD2PA34w0oNQuPmVFjDsjsmld9RQscPGWWl4lNqBnYRNsyIhuE9BbLhveU0DkLxVhn0el90bl7nYRCUi4eLxuH7_7RitUAqndnMNAK-up47Xqqcg_C2EwVpBxwHu2iV_dZsbM6NuLmjjuQUb7IkKz78Ds_oiYJPxqhqBS46ZxsbEX4gbPGwm7j15RyURmlhee_I-32R-43jKDDG-7mb_cuw12EPWIMKl8zewMchtUBXqHccLMr_ENuYKV2MXtOjiX9NY7CZ8VGmPlB0iA_NYb5t92az7m05cdEEui9reOes0owQk8edUYrgB_PA-xoWcffPF065FxVxT1fhXgIsMF2cquuVZX6-03BDiRfgSRv3qk2l2oxf12eS-19z7Wuiz3dNYL1f6DaMDpr2kFDDp2xjlnMdx3j_YaEqnjYy73_uxLICp-1mIws9ebFmOEM6ejiwEZsbZCpF7qC0KKAFZybsxojnPgbwIxiyk0SE7NjHI4Y4ew13w3mWgQAmO0wEry3EuDbIOAlUsH6l_gNfgMaAj0SrP4Ou6KLM11c8e9MtXKSaVJfsOv4mAfBK-q8IWeijsEpjunrOdIf9ThR0ynd9Q960bpacUHdVzNdNgUxW6gnmEto-fM72XmVPkI0mz0qLKkxDF7KaS1QAv87ulmSYIRHVFGwjSNRslfdXSB4PQByiSiHCO5H09OAJqyPFMDn_1HI9nq7ezG3JNseoIBmdEiQ7G8Tj-Aokauxb8xgBfG9GS0BQp2XEmrirTzIQ7_U7F3rfVDdC95kONPmFbylvU7Wxti3xB3v4cqtAWH7tEGRTYglyzfo_p-AJFb09woYtJB0ebztx954qBa3OGxsdgej5jjYfbionmNLISV_alFeFwkXsHe2wbNzkfRjcN8AmKzXkqhCadFVfFavTW_Nu371CKcL1-0b6CS_rWg6gImG2ZwoWhiUnxkdvP3iQLYzCQwwgs58zYkyO6XR2HWcaVdkDz52JN0V7UFjRk6GA70ubkSckHzj1iLmK8cL0a0jn7j8ijKF5i75V6cDKrfyLya8zMppK1Ph_Kgk4Tzv5CK6PVkA70pf39Jj1GPHbsR1RZDbxfeQ3hK9pYkcK_dwbP2ksxRTdsNDAYSG0AqSTS-0WF8Nc2QzHm8p7hbppdY83PrOxJKi50dh3jc0tBXzkR5hizqJ_0Ftpm56F32nPEFigGVKxuMsUrAbhqshRTVGmxilq-yg7gUWbwLND_alEXkX2FH7d92hDTPYhlzFgbkO7VVrlaq4jAVAd_opLehtD-bW-UwZs4Ku-t4BImM0L_xTX0RzZ0gm03VLWW9vJYoIlDU8-LIkayyUdfrIqTP7Lt_jEOmSv9bCt9ieoMjGYE3JW3qW0wBG0TkezilQ_SLWj1L2_y0vtPjbZxJVY0mvw0fwZ8Aqu2d33a8EA0VkcInkMdJardOs04wLvElxfzfA1i97u_brsBUJTphn913auVcX5hx6q4L10H4tJYeDivadtoRmFu6RL9mXq5Gnq3DFTI2jspCVY1CChSefGfObM4VTJnmXz9BYqmj9jjpA_KsRmryV_So0Nni4kOVHaJ7zwUyTiheXS1G5FH7FuDGE1_N61PMFuyWUzK0moyps5yY-EfnB8QyvyNbhged_I1rGLFLJPiT47h10o-79Sibx7GwnjGc-hwS-pW9YxNaKUVSBsRFXwilPTlx_9NRY2RvYNUircTKJ0tp29CefedhCfx6Q2fmA0qOabyqoDHN6ZHF196wFT5XtOJQ2DyMhMYz97mBrC-EP7GRuKXeHWjus_5BktQYC4CwOYd67M6Bw0baDwxNhOmaca5b3eKdka8O9kzhp3xLo6AlS9UD0H-BUU80K1wW5D48PL8zSU66EyR1aVtTxsQlyDLhafarCSKveLTraQfPVPkQgXLrRxiB7n-no7qx5uiWJbKXhTH9RWX5pykf1t5rSt2FzfL8UVJWhhUbOf16yfdZZK0tR9Pia0t_GEeWM0Nf5gVhdfq9u1BhQsXUOzJRltpjk2AZMx5gOs3fYomRlpy4MZWTQ-PO7UPtBxFq1Kj9nbpC9fEBG99nq1-JHhnbsYgYPeGcbn1zJLED-ajZUQhL3IkpJ4cWT3jPhh38TFO6mH2OLA8oHY4G65s8CLv1Y-o9-LA5uuArl-sSg7sh07pk5BmCVrrXHSjH-OOUlIlKVn0ejQkEaOM5ajs47w8_Lem20rkcZGJNZADI-MhsNcGG7YxjyumWfuJqSE1p_aZmbjGXr6wzPkI4UfLuxbYRESUX1U6N2EAcCy154qodP3rgsWrVrdjZnpHTfIivPO8f_2xV2OZC7Aif27zVt9un0IWq7F2mI5Unu314q__6qNkaG4EJ7l_SF3UUhn0HzGP419nFUoAGbyCK-_Uqh6ecLAADAZ-9-OfcOZAzJ0W_HD1U1slnpKnrUm0xqXZVI-goEc7DvX0XCo-HXOWAkgbbsl0Je1XS0&cid=CAQSPABpAlJW05364nmhQ-XCedldeZgIwLPcbQezsxzYB3o3Fghm2MJYTgkgdi0fNa0jOTkhJ7dpA1xk3m9ZDxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fxn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page%2F&ds=l&xdt=1&iif=1&cor=3231001507459957000&adk=548554675&idt=305&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 08:06:10 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame BB40 30 KB
11 KB 136ms
135ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11528
x-xss-protection: 0
server: cafe
etag: 1206305422853166885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 17:48:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BB40 41 KB
13 KB 138ms
137ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jul 2024 17:50:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8B36 1 KB
643 B 135ms
134ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 37182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 22:21:06 GMT
etag: 48472445140208031
expires: Tue, 25 Jul 2023 22:21:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BB40 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f1608932c31df5eedb37134ddde0d5021898ad21e52aab4f7989d4994baef62

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame ED4F 0
54 B 322ms
322ms Ping
image/gif 192.178.49.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=5~lki1riez&e=21068133&ctx=2&qqid=CPOH2v66qYADFSij_QcdGxgLoA&met.6=6.1_Cg8Y7RQgNCoICAQSBBABMAE
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.178.49.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: phx18s08-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 807C 22 KB
8 KB 134ms
133ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 150698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 14:49:10 GMT
expires: Mon, 22 Jul 2024 14:49:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B36
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMNRZxwY40vuhIS_rpb_zhc&google_cver=1&google_push=AaAOQGGfbzD37l407YonbF8NfbyrJ8uciEYbjS7CL6cUjjfihcHb2AsPFvTcxzVOW2Icy-DzEr3ItN6FCXK...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGfbzD37l407YonbF8NfbyrJ8uciEYbjS7CL6cUjjfihcHb2AsPFvTcxzVOW2Icy-DzEr3ItN6FCXKb8lvdlbpzye7Ryjs&google_hm=ULfUsbIsR_qAw7Rb4ta55VI

170 B
188 B

151ms
151ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGfbzD37l407YonbF8NfbyrJ8uciEYbjS7CL6cUjjfihcHb2AsPFvTcxzVOW2Icy-DzEr3ItN6FCXKb8lvdlbpzye7Ryjs&google_hm=ULfUsbIsR_qAw7Rb4ta55VI

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGfbzD37l407YonbF8NfbyrJ8uciEYbjS7CL6cUjjfihcHb2AsPFvTcxzVOW2Icy-DzEr3ItN6FCXKb8lvdlbpzye7Ryjs&google_hm=ULfUsbIsR_qAw7Rb4ta55VI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8B36 0
173 B 439ms
151ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED1cDxHXcWOb_0Rod-msW4E&google_cver=1&google_push=AaAOQGGAZDgb7v8PCw6Go14arWX7_rZHWRdZKM_aBTSRuXi2EyB6ehGgixr_mUEPm54kQ1JdBp7AMCzgeGOLc3rfW1HZC84QmhQ
Requested by: Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B36
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIo8TiGiUQBp7FYzZOVrBEs&google_cver=1&google_push=AaAOQGFBEVtApRYhvLjWfMUKvl4DeNyWLF0mTU0NVe_8BHxD9AOTCyiQ6srTJRO9ql3Xcyxrao3-dMedFZB...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGFBEVtApRYhvLjWfMUKvl4DeNyWLF0mTU0NVe_8BHxD9AOTCyiQ6srTJRO9ql3Xcyxrao3-dMedFZBBgJ-4LyjzN--jzv_p

170 B
188 B

146ms
145ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGFBEVtApRYhvLjWfMUKvl4DeNyWLF0mTU0NVe_8BHxD9AOTCyiQ6srTJRO9ql3Xcyxrao3-dMedFZBBgJ-4LyjzN--jzv_p

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGFBEVtApRYhvLjWfMUKvl4DeNyWLF0mTU0NVe_8BHxD9AOTCyiQ6srTJRO9ql3Xcyxrao3-dMedFZBBgJ-4LyjzN--jzv_p
Date: Tue, 25 Jul 2023 08:40:48 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B36
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBlRz3GDkXnLKPtOqeghIwE&google_cver=1&google_push=AaAOQGHYou1i7ruxe8ANIkSOZZJps9ZGA6Q-4KUFruIcusg0yK1GZA2lVn8gKoTlYJRG_8fAAk2QjQHpqksWcOXAIzRrBPkwLyE
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AaAOQGHYou1i7ruxe8ANIkSOZZJps9ZGA6Q-4KUFruIcusg0yK1GZA2lVn8gKoTlYJRG_8fAAk2QjQHpqksWcOXAIzRrBPkwLyE&google_hm=stfDX9a5zWAYGd_MVFkR5A==

170 B
188 B

148ms
146ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AaAOQGHYou1i7ruxe8ANIkSOZZJps9ZGA6Q-4KUFruIcusg0yK1GZA2lVn8gKoTlYJRG_8fAAk2QjQHpqksWcOXAIzRrBPkwLyE&google_hm=stfDX9a5zWAYGd_MVFkR5A==

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AaAOQGHYou1i7ruxe8ANIkSOZZJps9ZGA6Q-4KUFruIcusg0yK1GZA2lVn8gKoTlYJRG_8fAAk2QjQHpqksWcOXAIzRrBPkwLyE&google_hm=stfDX9a5zWAYGd_MVFkR5A==
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B36
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEGpPzPJ2HQL3-qN5p_ZttlU&google_cver=1&google_push=AaAOQGELbhmL3Y3xDs2ML8yh9McAafBgoLomJfwFOZ_C5tS2Onx1G8THxtDFZPz3geCe_mFPW22hRL1ETRlMuXH6k9oW2TU5mbM-
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGELbhmL3Y3xDs2ML8yh9McAafBgoLomJfwFOZ_C5tS2Onx1G8THxtDFZPz3geCe_mFPW22hRL1ETRlMuXH6k9oW2TU5mbM-&google_hm=M2F4SE9TU1hYblM5UnE2...

170 B
188 B

160ms
160ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGELbhmL3Y3xDs2ML8yh9McAafBgoLomJfwFOZ_C5tS2Onx1G8THxtDFZPz3geCe_mFPW22hRL1ETRlMuXH6k9oW2TU5mbM-&google_hm=M2F4SE9TU1hYblM5UnE2Q1FzbDE=

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGELbhmL3Y3xDs2ML8yh9McAafBgoLomJfwFOZ_C5tS2Onx1G8THxtDFZPz3geCe_mFPW22hRL1ETRlMuXH6k9oW2TU5mbM-&google_hm=M2F4SE9TU1hYblM5UnE2Q1FzbDE=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B36
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPGkUxf6SDjRGmEaoYETBiI&google_cver=1&google_push=AaAOQGF2HWPT3Z7AnWhXHuHakyI7bRLa6f2DXKLz6ufW2ZWlTilZYhXYjfsbfoItjdvziz8gXC...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPGkUxf6SDjRGmEaoYETBiI&google_cver=1&google_push=AaAOQGF2HWPT3Z7AnWhXHuHakyI7bRLa6f2DXKLz6ufW2ZWlTilZYhXYjfsbfoItjdvziz8gXC...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RTHBvbEgxRTJ1SEw3TkREbXF1dDA2S3Y3Y2ZSeE9EZ35B&google_push=AaAOQGF2HWPT3Z7AnWhXHuHakyI7bRLa6f2DXKLz6ufW2ZWlTilZYhXYj...

170 B
188 B

148ms
148ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RTHBvbEgxRTJ1SEw3TkREbXF1dDA2S3Y3Y2ZSeE9EZ35B&google_push=AaAOQGF2HWPT3Z7AnWhXHuHakyI7bRLa6f2DXKLz6ufW2ZWlTilZYhXYjfsbfoItjdvziz8gXCCyCXg5BRCWL0lInhRSIDtX9NAcjQ

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RTHBvbEgxRTJ1SEw3TkREbXF1dDA2S3Y3Y2ZSeE9EZ35B&google_push=AaAOQGF2HWPT3Z7AnWhXHuHakyI7bRLa6f2DXKLz6ufW2ZWlTilZYhXYjfsbfoItjdvziz8gXCCyCXg5BRCWL0lInhRSIDtX9NAcjQ
date: Tue, 25 Jul 2023 08:40:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B36
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKSDq4c_8...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKS...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f458b4e-613b-45a2-a7a7-7a6f87a4c846&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

143ms
143ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f458b4e-613b-45a2-a7a7-7a6f87a4c846&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f458b4e-613b-45a2-a7a7-7a6f87a4c846&%%GOOGLE_PUSH_PAIR%%
date: Tue, 25 Jul 2023 08:40:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8B36 0
12 B 143ms
141ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaUbY14k_zFqGg8dHYQ0ueZqhxteLYulElhRxUUt-iXO1mA9VI2O7W_cOWJ6-Za9FycQcAPGs

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

cookiesyncendpoint
sync.aniview.com/ Frame FC74
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&us_privacy=1---&khaos=LKI1RJ6V-21-9GC9
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LKI1RJ6V-21-9GC9&us_privacy=1---

0
213 B

690ms
222ms

Image
text/plain

3.209.25.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LKI1RJ6V-21-9GC9&us_privacy=1---
Protocol: H2
Server: 3.209.25.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-25-174.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:49 GMT
content-length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LKI1RJ6V-21-9GC9&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e71ccbe96f42d70fa40603ada4c96b28
Expires: 0

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
297 B 164ms
162ms XHR
text/plain 18.196.193.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=arinterval

Requested by

Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.193.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-193-247.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jul 2023 08:40:48 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Origin
content-type: text/plain
access-control-allow-origin: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
access-control-allow-credentials: true
x-duration: 5
content-length: 2

GET
H3 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame 807C 38 KB
15 KB 136ms
136ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:02:10 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame FC74 43 B
855 B 936ms
240ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:40:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X7QMF0606WG59DVA6RDX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FC74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOfORvXqypBNSjbypHjObc8&google_cver=1

42 B
711 B

538ms
135ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOfORvXqypBNSjbypHjObc8&google_cver=1
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOfORvXqypBNSjbypHjObc8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FC74
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=90eed1d6-3d42-4fa0-9949-e9ad527fe34f&gdpr=0&gdpr_consent=&expires=30

42 B
711 B

534ms
135ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=90eed1d6-3d42-4fa0-9949-e9ad527fe34f&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=90eed1d6-3d42-4fa0-9949-e9ad527fe34f&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame FC74
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=N768kge_TPOelybWtirxug&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=N768kge_TPOelybWtirxug

43 B
479 B

186ms
185ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=N768kge_TPOelybWtirxug

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:40:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KX2MWT4YQ3E1KZR5TW45
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=N768kge_TPOelybWtirxug
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FC74
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/sJLG20xXw11fbYtA_riN0Mn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-s0LW1cBE2oIOuiD.pvj4DkcX3KxJXO.9ns1rRw--~A

42 B
711 B

199ms
135ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-s0LW1cBE2oIOuiD.pvj4DkcX3KxJXO.9ns1rRw--~A
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 25 Jul 2023 08:40:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-s0LW1cBE2oIOuiD.pvj4DkcX3KxJXO.9ns1rRw--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame FC74
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKI1RJ6V-21-9GC9&us_privacy=1---

0
516 B

707ms
357ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKI1RJ6V-21-9GC9&us_privacy=1---
Requested by: Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4978BA544BD84B9AACE3835AD8BCC80F Ref B: MIL30EDGE1408 Ref C: 2023-07-25T08:40:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBS7AcpJHpumotws9tOg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKI1RJ6V-21-9GC9&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC74
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtJMVJKNlYtMjEtOUdDOQ==&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG3ZNoSS__8w-S95CC0aEaM&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJMVJKNlYtMjEtOUdDOQ==&google_push=

170 B
188 B

144ms
143ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJMVJKNlYtMjEtOUdDOQ==&google_push=

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJMVJKNlYtMjEtOUdDOQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC74
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDk4OGRmM2IwMjQzZjdlZjVhYmQ0MzVlNzVmOTY2ZGJkMTVjMmY5MQ&us_privacy=1---

170 B
188 B

145ms
145ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDk4OGRmM2IwMjQzZjdlZjVhYmQ0MzVlNzVmOTY2ZGJkMTVjMmY5MQ&us_privacy=1---

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDk4OGRmM2IwMjQzZjdlZjVhYmQ0MzVlNzVmOTY2ZGJkMTVjMmY5MQ&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2445686203945292811/ Frame 161F 79 KB
20 KB 414ms
145ms Document
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2445686203945292811/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

61dad36e8edf55ea0476e05180f82a7e126e92b8048eb10db8578db50c75f97d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 402332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20202
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 16:55:16 GMT
expires: Fri, 19 Jul 2024 16:55:16 GMT
last-modified: Thu, 29 Jun 2023 10:05:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BB40 0
0 485ms
188ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssK3aubOo3FQu4YpTs7zRkoilEg_yUVVKhCZQwuq4bQ5uU-eei1Ub2D5q1k4s9TuUdPZyNS_WCUm3D2KOVlpjW458Z8TRqim8nnzPRjtdQFFvKz-EYhHi0icu_mabW3G31LOLdWHPWZx_Me2LrE10Rly68mNdLXudIvFPlSmarOSryxhbVc8u27Kk_1WdoBtg1HvMs_Ot95B8GzhykfF3gwFEHErKYX-CzwOYnB1b3e6Nbmd_4wZrFYuvEnoN60nGfA48geNKVatyuoHuDXbR0tA82cHyqIvrvyQZmxwTFM0QeqOeSZxkeLwBuSHzZsRf1tC5puZbT4M0394H8DIKGtmkbR31CqrkSjNEH0eZUyocomXzE3CX5WG_SDgdfa9nDdzP2EGfli1HxYexXwaxsl9RqQNPb2ijPDSW99bkTT9fRqsuKYGl6AOoFxrC51WaOYsKlzFuBfFuqNLoLB3J5XWgwD2sMy1zPXXYGR12qEBrMbPs3SuUKtHlbZIYCY3JMk9sZ5NuDWvG79qq--M_iCNz9dNhnH2C0ovcl4rFsG3igcJRrKpsqaZZkO_oH4w27GU5xFpPwp7yhr_4EwsACCRtbRDQvFq4sGcRr9M04w2ImWkuMXI2jAFDtsKmowddHwycjFqkmrkd4drYdn8ZUDxIAt8H6Pb0I76y20_XfBW3SMw4I3ePWVmfJtaTZ-89S8vnqMtB5KDr4Pa96ZWL-ayopS8SHRYhgL1nv1NBXMpMrf1Hw_jKxDoKXa5LhGmTZ6BUeaE5E9Qp7iRGWblEg2Kp5ZgBVq8jfjLtKdORUHPotI5NJbzUMlwGioBU3Aq8nOl92PGFBZKWVhcN41MWZ8acBLeEQbT8SemdlWqDb_VkloYlNSlpmjuO1W21KsU5TeuaTAiW8iC0U89tdRUjtge6wkpBCq_LpRgNoBWDJeyc19m38FQgCFCCwjQxvdN2tEGga2VGnhl6rnnMWGKJl3P54KjsBNisYAnU8NZRufRFSjJPxAmB1381rWb71OKo3i1SkReDdGtMKDtNKtY8JC2N5ZsWgkUiOAJPdSeoTTeTJsy_6eTVhkl-eQl5igzjn-Faojbj8muKU_vDr_ZNpzr4IGDGXPPqRg5S5A9aQGm8-jy0R7HETi82nilKMjo4TzfHEC7gTKfAnVlFeDjlQS6-TkcEV-7oBXKpzSJcCyrJDlBCH8wZRIPYFEVqv80Nq7vKWFwpZlNNF3Jk95st8-Xt2EYfWYOKRBD7EjjaEMwUI-_zq_izo1PYqLmFh6z3LPtit9LuDlm7eC0UU6H4qgYWp-tma4K5Q2UGL6rh3zrLQzrz0nuj4aJZVjYnGWfXKecXVGNtsIiYr01izS_suwFfc6Z8lYdLOk3ndogs41CGJeg3rBpm9R7HhHMVe7QXkazs3rFNbqjPuiy4ERqeTQaX4lyuogTWOjL_Cfvi6BmTENvg&sai=AMfl-YR50E8IOk47Nu7ADPPXQ0Z_lAb06SzfRomgrZ5-LTDaa7GVupaXFjzsWajabSfN3ahQxgY3SMhmMHDSO-54u3nwelqOBM2uL16PotDEoIwSowWlleoMkK3GzplOCqMtE8r7m9IfvefHS2AKGZNEDPn-JVldHaR9pCTtmeXrYjw3rWqoRzjljqvKbdRpTfTTHe59yqLb736ojpGNy8VegPpAMXnwGHYGNgAOLxD9G4fsnKmtU3xPFMaFwhe5mPFPFa1ilP8&sig=Cg0ArKJSzJ0F1d5-k0fGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=557&cbvp=1&cstd=553&cisv=r20230719.20908&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Jul 2023 08:40:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:40:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 807C 0
20 B 173ms
173ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbYnrj4q_ZPmgLb_c7_UPjYeg-AgAAAAAOAHgBAI&bg=!29il2IzNAAZsPphkTD47ADkAdvg8WioLZisaqWeYliqjBlWHcxjJkqJBOLfYxb5DVVqiWd9NGoQv2THYzjBBHHAUPBSZpcorG9cCAAAAclIAAAAIaAEHmQOBN23h0wLVufE7NarrOJVRJ_Dyc7OyOqXqw6ppWYxRTZ-fa1WpSP4oKPJVGanDYdq5fG8CeFUuG1PLFD9ST-UixC1P6WH3EoGqZEsNMZ0V3PhmCjWgLn4HiXnXjPxop2n5LlAnCvVX4Yqr7vmklNbR3tAN0c2aWFD6eFYKcFA9uGZv2yNApGE9yIm5pTWcHKiUs3wiVoWzJtxyJL7Da-4bdJVpSbk-qWgjZI3ZMc8CQQ_TflWAiIYhLQeQswXdBQSMfnEyLAQdTGZv0ZHmSV8JfNA7i1WdcQQVfvK6apfBk_Ulmjq5xgXNpUKxjDNEQ5XSgQe6mWsk4l34ffxrvXlVntYSQ4KovjuAyhnYTjTUuxDq9kTlBGAq6VjjkhtjyqGWXLZ_F12QIpEV18oLWaY1oUoB2T6fFbXAH7R_6H9ZHKy8EtthNUxqIJcvzyjLGh1xC0Uf_0kusfiYpPxYwVmueT377oMopDJNcqQm94ti85Uqol4NyOqjr54bCxSn51d3TUu_k3XaVY8xu9v7bzGeyQdMHgStf9fcZ3CIR5d4Q3a8G__MSXxt6ITlu2hpR453mpPvM3VnKiVOhsPGgbf3qVlVtdNbsUY4nzNI76hKgXeK051-x3mnJWEGBjuwxdHa7BPixShW8OlDBIl92NGaxIEgfnsE2qJl6caUA08vfLb93PNg52cT77NYIkUaQdbBnoN1Y-L8mXo62F-XGmX_DbHeGIOkbXmeEVjjzjY33hNsaNIKLiUNXBQy47clRcsEnYmEd7LK9htRTB8-KYhg0KOrJEZV55l32LgQXsioE8ZPcjwX9v4dqj20uG2itb6QKe_6QYVFuGZxBr8QHRohm0wWdAWiXPfpJ-2kDZN5QX6sdAprFyWGDcBykn3DWFjAAoJTMPlHV8cAql8FXtjsa87AdFHG_qR4v4fPGoURA_wCp21rYeQJhn_mmyqUCAD-uC_eInjolDwIOd7VqmYBDLuF74Pb_McBzfWhZDu3Y4gqGc6mJUzdB8_SQEONmYeHdtgZAlYKVlNcwZgLm66ygqYK0uHDqOp0-H6tXpL4H3vmMK9oahTqMupDrnEaP0DPDzOGH4AXWzwNuIMeBrcVyg9FHlQeSnBzXbLMnyzTk34syzhP7JnomXo_-FKg4emr0MYDzg524TAoCdZ04rVhvU_l6uvsEOMmLmqi9fe3QXTn

Requested by

Host: 4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
URL: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 161F 32 KB
11 KB 134ms
133ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2445686203945292811/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2445686203945292811/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 10:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 10:49:05 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BB40 0
0 178ms
177ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssK3aubOo3FQu4YpTs7zRkoilEg_yUVVKhCZQwuq4bQ5uU-eei1Ub2D5q1k4s9TuUdPZyNS_WCUm3D2KOVlpjW458Z8TRqim8nnzPRjtdQFFvKz-EYhHi0icu_mabW3G31LOLdWHPWZx_Me2LrE10Rly68mNdLXudIvFPlSmarOSryxhbVc8u27Kk_1WdoBtg1HvMs_Ot95B8GzhykfF3gwFEHErKYX-CzwOYnB1b3e6Nbmd_4wZrFYuvEnoN60nGfA48geNKVatyuoHuDXbR0tA82cHyqIvrvyQZmxwTFM0QeqOeSZxkeLwBuSHzZsRf1tC5puZbT4M0394H8DIKGtmkbR31CqrkSjNEH0eZUyocomXzE3CX5WG_SDgdfa9nDdzP2EGfli1HxYexXwaxsl9RqQNPb2ijPDSW99bkTT9fRqsuKYGl6AOoFxrC51WaOYsKlzFuBfFuqNLoLB3J5XWgwD2sMy1zPXXYGR12qEBrMbPs3SuUKtHlbZIYCY3JMk9sZ5NuDWvG79qq--M_iCNz9dNhnH2C0ovcl4rFsG3igcJRrKpsqaZZkO_oH4w27GU5xFpPwp7yhr_4EwsACCRtbRDQvFq4sGcRr9M04w2ImWkuMXI2jAFDtsKmowddHwycjFqkmrkd4drYdn8ZUDxIAt8H6Pb0I76y20_XfBW3SMw4I3ePWVmfJtaTZ-89S8vnqMtB5KDr4Pa96ZWL-ayopS8SHRYhgL1nv1NBXMpMrf1Hw_jKxDoKXa5LhGmTZ6BUeaE5E9Qp7iRGWblEg2Kp5ZgBVq8jfjLtKdORUHPotI5NJbzUMlwGioBU3Aq8nOl92PGFBZKWVhcN41MWZ8acBLeEQbT8SemdlWqDb_VkloYlNSlpmjuO1W21KsU5TeuaTAiW8iC0U89tdRUjtge6wkpBCq_LpRgNoBWDJeyc19m38FQgCFCCwjQxvdN2tEGga2VGnhl6rnnMWGKJl3P54KjsBNisYAnU8NZRufRFSjJPxAmB1381rWb71OKo3i1SkReDdGtMKDtNKtY8JC2N5ZsWgkUiOAJPdSeoTTeTJsy_6eTVhkl-eQl5igzjn-Faojbj8muKU_vDr_ZNpzr4IGDGXPPqRg5S5A9aQGm8-jy0R7HETi82nilKMjo4TzfHEC7gTKfAnVlFeDjlQS6-TkcEV-7oBXKpzSJcCyrJDlBCH8wZRIPYFEVqv80Nq7vKWFwpZlNNF3Jk95st8-Xt2EYfWYOKRBD7EjjaEMwUI-_zq_izo1PYqLmFh6z3LPtit9LuDlm7eC0UU6H4qgYWp-tma4K5Q2UGL6rh3zrLQzrz0nuj4aJZVjYnGWfXKecXVGNtsIiYr01izS_suwFfc6Z8lYdLOk3ndogs41CGJeg3rBpm9R7HhHMVe7QXkazs3rFNbqjPuiy4ERqeTQaX4lyuogTWOjL_Cfvi6BmTENvg&sai=AMfl-YR50E8IOk47Nu7ADPPXQ0Z_lAb06SzfRomgrZ5-LTDaa7GVupaXFjzsWajabSfN3ahQxgY3SMhmMHDSO-54u3nwelqOBM2uL16PotDEoIwSowWlleoMkK3GzplOCqMtE8r7m9IfvefHS2AKGZNEDPn-JVldHaR9pCTtmeXrYjw3rWqoRzjljqvKbdRpTfTTHe59yqLb736ojpGNy8VegPpAMXnwGHYGNgAOLxD9G4fsnKmtU3xPFMaFwhe5mPFPFa1ilP8&sig=Cg0ArKJSzJ0F1d5-k0fGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1171&vt=11&dtpt=614&dett=3&cstd=553&cisv=r20230719.20908&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Jul 2023 08:40:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 454ms
183ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ba2a02fadb06e4c925c4f6dec994b7d2b73a9c762884d7491266bb77d7656b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11873
x-xss-protection: 0

GET
H3 200 black_card.png
s0.2mdn.net/sadbundle/2445686203945292811/ Frame 161F 253 KB
253 KB 135ms
134ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2445686203945292811/black_card.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

9a0331e2f073810c760241bdf7ee7f53b49f5d51256915d7a5f1cbda2d066525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2445686203945292811/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 11:11:15 GMT
x-content-type-options: nosniff
age: 422974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259401
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 10:05:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 11:11:15 GMT

GET
H3 200 728x90.png
s0.2mdn.net/sadbundle/2445686203945292811/ Frame 161F 40 KB
40 KB 239ms
238ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2445686203945292811/728x90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

2f94641484e1ab659a5f3cf97558c3345110ff1cb256d0852c0acabb790e2065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2445686203945292811/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:35:16 GMT
x-content-type-options: nosniff
age: 453933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41158
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 10:05:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 02:35:16 GMT

GET
H3 200 728x90.jpg
s0.2mdn.net/sadbundle/2445686203945292811/ Frame 161F 123 KB
123 KB 189ms
188ms Image
image/jpeg 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2445686203945292811/728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

0cbb3d9e8153475d7a3c82eef0cb183a485e0b5e006a1d2c86486f4866fd9e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2445686203945292811/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 16:55:17 GMT
x-content-type-options: nosniff
age: 402332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125784
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 10:05:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 16:55:17 GMT

POST
H2 200 ctrack
track1.avplayer.com/ 0
121 B 682ms
223ms Ping
text/plain 3.208.150.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.avplayer.com/ctrack?pt=2&d66=8.3.14&d74=&stagid=64a6a318fc0f1863630e3d76&stplid=64a6a1832f5662e69105a966&pid=64a6a28412362fe49d068588&cid=64a6a2c7623c439f0706fc05&r=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&sn=&cd1=&app=&test=&cb=1690274446187
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.150.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-150-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 08:40:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 181ms
180ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 08:40:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BB40 42 B
64 B 172ms
172ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6X3Q4F4R_Ho7ftG4OpvQ7ybiFy7Li4PMWaL6N5OqS9bXc_7LGKnugT31YP_La70o3Ps5Y2cP2cylvVLQT4LERraNuX5FKtiDaIaJ_A3hj43HSGVi-irdX0k-iSmf-&sai=AMfl-YS2wb6E-Nsli4eY_amkYXmqaqA33y1nv31BMjbyG7Ch3jW51CwMEytTLtfxgpXbXCWxhcL1VD5Bc5SAvaTGq0REMKckG8ohKpCMsj_SPfaw0OlCgIRTxTGAXJsg&sig=Cg0ArKJSzCcEUg51_6HeEAE&cid=CAQSPABpAlJW05364nmhQ-XCedldeZgIwLPcbQezsxzYB3o3Fghm2MJYTgkgdi0fNa0jOTkhJ7dpA1xk3m9ZDxgB&id=lidar2&mcvt=1000&p=1510,0,1600,728&mtos=0,915,1000,1050,1095&tos=0,915,85,50,45&v=20230719&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=2276885973&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690274447185&rpt=829&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B65 13 KB
5 KB 135ms
133ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:20:48 GMT
expires: Wed, 24 Jul 2024 08:20:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C89 783 B
534 B 148ms
147ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

eeb13d9ebcb3da42824675f819bf1fd0d818e188b034748ad56bb14ebc1a139b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8lGu3xI5vJw8cl_ydtamkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-8lGu3xI5vJw8cl_ydtamkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:40:49 GMT
expires: Tue, 25 Jul 2023 08:40:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B65 38 KB
15 KB 134ms
134ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:02:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C89 0
0 166ms
166ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=1840906736522761&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB40 0
20 B 166ms
166ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2732937868441&version=m202306200101&ct=119&x=1&cor=3231001507459957000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:40:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
track1.aniview.com/ Frame F1D5 0
120 B 220ms
220ms Ping
text/plain 50.16.166.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=GE&cos=Windows&r=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&rs=xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page&sid=37166&t=1690274445&cip=91.239.206.82&sn=&tgt=0&osv=10&bv=115.0&brn=Chrome&wi=100&he=56&app=&AV_PUBLISHERID=64a6a28412362fe49d068588&test=&d64=367d5ec702a57ec67f35e9045e3a569d&d63=367d5ec702a57ec67f35e9045e3a569d&aafaid=&proto=https&uid=1690274445085-913952623209-001200-007-002573&cha=0.7&stagid=64a6a318fc0f1863630e3d76&stplid=64a6a1832f5662e69105a966&d35=&d36=6.2.117&cb=43315502269&d39=&d65=&d66=8.3.14&d74=&apppkg=&d9=0000&d37=realtime&pt=2&d66=8.3.14&d74=&stagid=64a6a318fc0f1863630e3d76&stplid=64a6a1832f5662e69105a966&cvid=&cpid=&str=autostart&AV_WIDTH=640&AV_HEIGHT=360
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64a6a28412362fe49d068588
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.166.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-166-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 08:40:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7B65 0
12 B 134ms
134ms Image
text/plain 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ouiebw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:40:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 flickstree_combine_content_17_06_231.ts Show response
feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/ 1 MB
1 MB 140ms
140ms XHR
video/mp2t 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.playstream.media/manualUpload/fsk5i3ztuqclk84rs4h/flickstree_combine_content_17_06_231.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-198.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: 2d9ab926c4b29188b963130147509a7b285bb3f8b4a7ea2f1e948665675d54c4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 25 Jul 2023 08:40:50 GMT
cdn-edgestorageid: 860
cdn-cachedat: 07/18/2023 10:33:10
cdn-pullzone: 1464120
content-length: 1136084
last-modified: Tue, 18 Jul 2023 10:07:19 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 0065662b31187fb67eb017307a485f94
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 170ms
170ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=1840906736522761&bg=!ZWalZjLNAAZsPphkTD47ADkAdvg8WuYUE4WHKneiyzJZqNsxu5NVslHCzu-8sYFvvRehBFTeIZwPUbv3dN7VLfAVHCFMHqPvZDICAAAAp1IAAAAyaAEHmQMPd75TyR6scgnpqVEmFbNsltKrGXPh4ctupilGPX_SInMTKzH7DWafbU1-1eUfeWtazQZ15DZcTAiWj9ZsDfFf1pHfsTNnwhe3swsBR4kzX_btcJXfBzDLQcpZOyS0r6wbBz4gnKHh2a2rccl2qWj9x278pIObdrkVxX7KxbnckUxYmDsADkYC9q51GcfcSknR4oXyR9wRxLrakxgiLHpO0ujprnHRsBp1mjy9XHksdyoSekyFjFVTGH1waJCFwaM6M8_Fmb1l3rPs-5f5weAkVlgax5jsIvFM3XzokbRVSWrHdq8MEGSad5rxIidOqbPtT2VnXmPAjuIToPZlt2Ge2m7xhetidyZVMMu2P-tI-jQ8640MV1b3uIv1Z3hMK0nDOFOUQ-0GUR6w2zp9eqvALfOhvj66wlBArt0RBb43mzu_td1SeF-HqrCiq_09iYBRPkACNYVuoDoxuS_hWc16xmDT3z4lVfdfLv0z8AS8ct44herTN0WLdXI5HGHZH5Syt5CR-lbv0e3m-bS8-nXc-gGljij8c9yy92r5Gt9JQ-9uTTYtZJrYE4NcPz6VqcP_gDuIAz2IEum4lxDjcNoIlWpYQDy9f0MDeE8ZkaXTCl0rcZim_VgTl1zfT2lhTDapMjOejkk6Qp5wMwldqEujR8Q4eWOfkjdZLGSDSXfDxHzwIevaS_ka25v7W08Y8DOI462bnIwi-eMuorwI8Hgj4BTuKjXsTFTIrboh4UtYEZD7BZEUTSmMqvOZNyotg1fXjoAketUSEVir8wZi7WTuceDTBojk3bCcXxLaYNze9I_EhJAL0hYTy4ztcm-FlhrBLeha14nHcGiCfylUtpGufVo8x4I7PXYVjNT0lSIg4_ykIV0qNYz9SuFNRrn8EfwEWdXGC0A7Db38JouHbsR-4vnSioHmTsK0Vw_Ha44O3fJUXbg95iL9LmSFE-99E5NHJUhPSht5Cn93i2nVfGO1BqgJXoEcbqCYyNbvIfiEVuRVa4_lUAIcWE0F9No-cFNS4DOvPwOZ89DGTY92CKya
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 89BF 739 B
909 B 153ms
152ms Document
text/html 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e183c3e1daa8fff31ad84d08e37fd28660748d1a52b432796f226bc7373acd76

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 739
content-type: text/html

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6243 15 KB
6 KB 133ms
133ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158460
Requested by: Host: c.pubguru.net
URL: https://c.pubguru.net/pg.contactpage.sidebar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=55689
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 25 Jul 2023 08:40:51 GMT
expires: Wed, 26 Jul 2023 00:09:00 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 6243 0
0

GET

getuid
ads.avct.cloud/ Frame 89BF
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween

0
0

GET
H2

200

match
ads.betweendigital.com/ Frame 89BF
Redirect Chain

https://ads.adlook.me/csync?pid=btw&uid=10c4e2f1-3cf1-52ce-91ac-09e2f513836e&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=f747e6c3b5364159a9c95a02675c40a3

68 B
598 B

152ms
152ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=128&external_user_id=f747e6c3b5364159a9c95a02675c40a3
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://ads.betweendigital.com/match?bidder_id=128&external_user_id=f747e6c3b5364159a9c95a02675c40a3
date: Tue, 25 Jul 2023 08:40:51 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
ads.betweendigital.com/ Frame 89BF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1lUmlHREY5RTJ1RVRFUU82QlJMbVRmcEE2VEZYOXdNQmM5bzJtRVUtfkE%3D&gdpr=0

68 B
598 B

152ms
152ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1lUmlHREY5RTJ1RVRFUU82QlJMbVRmcEE2VEZYOXdNQmM5bzJtRVUtfkE%3D&gdpr=0
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1lUmlHREY5RTJ1RVRFUU82QlJMbVRmcEE2VEZYOXdNQmM5bzJtRVUtfkE%3D&gdpr=0
date: Tue, 25 Jul 2023 08:40:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET btw
px.adhigh.net/p/cm/ Frame 89BF 0
0

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 96EA 49 KB
18 KB 535ms
212ms Document
text/html 195.181.170.18

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.170.18 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Tue, 25 Jul 2023 08:40:51 GMT
etag: W/"64abbb76-c2af"
last-modified: Mon, 10 Jul 2023 08:04:06 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1qhGoke7/+PsDAA
x-77-nzt-ray: 4c156224dd195ad1938abf64c9120234
x-77-pop: frankfurtDE
x-accel-date: 1690013339
x-accel-expires: @1691050139
x-age: 261112
x-cache: HIT

GET urlsvid.json
vpaid.vidoomy.com/sync/ Frame 96EA 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nnoilpdinmjmdfpkdkbbkajejflbkoma
URL: chrome-extension://nnoilpdinmjmdfpkdkbbkajejflbkoma/js/content-script.js

Domain: lexicon.33across.com
URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WMYAA2&gdpr=0&src=pbjs&ver=7.39.0&us_privacy=1---

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15018381&p=158460&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---

Domain: ads.avct.cloud
URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween

Domain: px.adhigh.net
URL: https://px.adhigh.net/p/cm/btw

Domain: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/sync/urlsvid.json

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_floor_requested Value: 1
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_lazy Value: 1
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_driftingTypePercent Value: 1
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_chaser Value: 1
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_outstream Value: 0
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_vignettePercent Value: 1
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_autoAd Value: 0
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_session_depth Value: 1
.pubguru.net/	1970-01-20 22:16:50	Name: pg_c Value: 8ad380fa-1530-4e89-91d9-a3a04cb99cbd
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_preconnecting Value: unset
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_geo_response_time Value: 432
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1969-12-31 23:59:59	Name: pg_geo Value: {"country":"GE","region":"TB","ip":"91.239.206.82"}
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 14:14:26	Name: pg_custom_timeout Value:
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 14:14:26	Name: pg_ip Value: 91.239.206.82
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 14:14:26	Name: pg_beacon Value: 1
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 22:16:50	Name: pg_mm2_cookie_a Value: 1ffb7e27-2b9e-4056-b4b1-724b0522bef6
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_session_id Value: 58f76e83-b3cc-433d-b61f-1a7957c28a59
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_tc Value: sample
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_canonical_session Value: xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_utm_source Value: /empty/
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_utm_medium Value: /empty/
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_utm_campaign Value: /empty/
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_utm_content Value: /empty/
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_utm_term Value: /empty/
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:36	Name: pg_dynamic_floor_expiry Value: 6
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_after_init_response_time Value: 539
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1969-12-31 23:59:59	Name: pg_pl Value: 14
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_quick_check Value: true
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:45:38	Name: pg_ua Value: Mozilla/5.0 (Windows NT 10.0 Win64 x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_inner_width Value: 1600
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_tc_device Value: desktop
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_latency_before_tc Value: 674
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 14:14:26	Name: pg_bot_percent Value: 99.99
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:45:38	Name: pg_bot_reason Value: mrf
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_bot_model Value: 1
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_tc_response_time Value: 259
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 14:14:26	Name: _pbjs_userid_consent_data Value: 6683316680106290
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: _lr_retry_request Value: true
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 14:14:26	Name: _lr_env_src_ats Value: false
.betweendigital.com/	1970-01-20 22:16:50	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 22:16:50	Name: tuuid Value: 10c4e2f1-3cf1-52ce-91ac-09e2f513836e
.betweendigital.com/	1970-01-20 22:16:50	Name: ut Value: ZL-KjAAJvDD6l0UntkYyiBNjN5jDcbjP7Qy7-g==
.betweendigital.com/	1970-01-20 22:16:50	Name: ss Value: 1
.betweendigital.com/	1970-01-20 22:16:50	Name: unm Value: 1
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:31:18	Name: pg_stack_session Value: ["enabled","google","adx_interstitial","tc-init","gb","anchor-bottom","lazy"]
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1969-12-31 23:59:59	Name: pg_analytics Value: disabled
.crwdcntrl.net/	1970-01-20 20:00:00	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 20:00:00	Name: _cc_id Value: 733e3f820a865d1b509ddb394a6f84b7
.crwdcntrl.net/	1970-01-20 20:00:02	Name: _cc_cc Value: "ACZ4XmNQMDc2TjVOszAySLQwM00xTDI1sExJSTK2NEk0S7MwSTJnAIKU%2FV29IBoKAFKuCvU%3D"
.crwdcntrl.net/	1970-01-20 20:00:02	Name: _cc_aud Value: "ABR4XmNgYGBI2d%2FVC6SgAAAbxAI7"
.contact.page/	1970-01-20 13:31:14	Name: lotame_domain_check Value: contact.page
.adsrvr.org/	1970-01-20 22:18:16	Name: TDID Value: 90eed1d6-3d42-4fa0-9949-e9ad527fe34f
.contact.page/	1970-01-20 20:00:02	Name: _cc_id Value: 733e3f820a865d1b509ddb394a6f84b7
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 14:57:38	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2290eed1d6-3d42-4fa0-9949-e9ad527fe34f%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-07-25T08%3A40%3A45%22%7D
.openx.net/	1970-01-20 22:16:50	Name: i Value: be2d763a-d6b8-4bb9-a4bb-5b93e36718a3\|1690274445
.contact.page/	1970-01-20 13:32:40	Name: panoramaId_expiry Value: 1690360845364
.contact.page/	1970-01-20 13:32:40	Name: panoramaId Value: 6a448d7f0bc7feb2e697058f8c67a9fb927a85fc73558977cd7c308e3383da24
.contact.page/	1970-01-20 13:32:40	Name: panoramaIdType Value: panoDevice
.contact.page/	1970-01-20 22:52:50	Name: cto_bidid Value: 6AqcTF9Dbkx1MnFDJTJGQjZCdEdkZ0o2NDJsT0dLY0VMVXhDRmJ3TXhuMUVXcXNHc0o2eG9zbUp1d3BNRjVFcnZzcjV0NmR5aktISzU3WklqdlZnVWJ3RWVSNiUyQmclM0QlM0Q
.aniview.com/	1970-01-20 14:00:02	Name: aniC Value: 1690274445085-913952623209-001200-007-002573
.id5-sync.com/	1970-01-20 15:40:50	Name: 3pi Value:
.id5-sync.com/	1970-01-20 15:40:50	Name: id5 Value: 86060171-38c1-7e57-8cb1-fbc434237d29#1690274446102#1
.openx.net/	1970-01-20 13:52:50	Name: pd Value: v2\|1690274446\|n0vNvQiygu
.doubleclick.net/	1970-01-20 13:31:18	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 22:52:50	Name: uid Value: 002564d9-cbac-4a32-8381-cad379408b62
.openx.net/	1970-01-20 13:52:50	Name: univ_id Value: 537072971\|90eed1d6-3d42-4fa0-9949-e9ad527fe34f\|1690274446614647
.contact.page/	1970-01-20 22:52:50	Name: cto_bundle Value: 0kfHLF9zSDkybVNUYjliRWJMMzElMkZQdHNUSVlTajZFMmJoeWVuTTRNcHU5MFhSJTJGTmZWSG5TNHZIU1U5OFNSc25IVTRuVnJsQyUyQm1nbWpKN1dPTDZjdmpxQWNROFhHTE4lMkJnRHUzU0d0RmRubWt6TlNBOThaYnFyc0slMkJ5eiUyQnpTOGNnVjlXSVBNbGFMS3ZiZzFFazdiUVJzOERJQUElM0QlM0Q
.adform.net/	1970-01-20 14:15:52	Name: C Value: 1
.adform.net/	1970-01-20 14:57:38	Name: uid Value: 7089798143079381276
.doubleclick.net/	1970-01-20 23:07:14	Name: IDE Value: AHWqTUlDkFLhRoFODne7ciDDeseK-NrU-eInXHqTB2zVetbzradf4W5bA6X2iQRnXK8
.contact.page/	1970-01-20 22:52:50	Name: __gads Value: ID=b9e99ff60aaa11e0:T=1690274445:RT=1690274445:S=ALNI_MYaSbyywSycbph05XAgY3K6dk8U2Q
.contact.page/	1970-01-20 22:52:50	Name: __gpi Value: UID=00000c476bee695a:T=1690274445:RT=1690274445:S=ALNI_Mb8gOdqvazo0su8_s-36CvBnNS7bg
.amazon-adsystem.com/	1970-01-20 19:32:40	Name: ad-id Value: A5_HLAMufk1CjhLUrbzoQkk
.amazon-adsystem.com/	1970-01-20 23:07:14	Name: ad-privacy Value: 0
.contact.page/	1970-01-20 22:16:50	Name: FCNEC Value: %5B%5B%22AKsRol-XPVvy2xmHJwamV0Ehcf3ii0UKWwoERFlPHdZkJFMQjLy9GtrMnwEzRUTOaVhI1ldVidPyPcoGk5vqNFEsP0bPQBlw-7_BJS-_zdakXjepPMHxhM_R5HQYylIPqtbnb_1Ffk6qpz6VNZOqJA-77uVoX-aNMw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.doubleclick.net/	1970-01-20 17:50:26	Name: APC Value: Aa3gxNojq4l_lIuUVvddJQGRiimJEm6A25YGh9ueOi0AakZbztPtmA
.adnxs.com/	1970-01-20 15:40:50	Name: uuid2 Value: 3551780647516854876
.adnxs.com/	1970-01-20 15:40:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTrj]y?U!]tbPl1M>e)ZlrFUfJ+tGXxo<^^j$6G8Cc_F<!b[RnDs<Yy8tb#nzzx0Fwc3If)y3KL9D3I?+<Yz+Z
.rubiconproject.com/	1970-01-20 22:16:50	Name: khaos Value: LKI1RJ6V-21-9GC9
.casalemedia.com/	1970-01-20 22:16:50	Name: CMID Value: ZL.KkKZFIUg8CIc881hMOwAA
.casalemedia.com/	1970-01-20 15:40:50	Name: CMPS Value: 1151
.casalemedia.com/	1970-01-20 15:40:50	Name: CMPRO Value: 1151
.adsrvr.org/	1970-01-20 22:18:16	Name: TDCPM Value: CAEYASABKAIyCwiMyqC4sr2GPBAFOAFaB3J1Ymljb25gAg..
.bidswitch.net/	1970-01-20 22:16:50	Name: tuuid Value: 0f458b4e-613b-45a2-a7a7-7a6f87a4c846
.bidswitch.net/	1970-01-20 22:16:50	Name: c Value: 1690274448
.bidswitch.net/	1970-01-20 22:16:50	Name: tuuid_lu Value: 1690274448
.ctnsnet.com/	1970-01-20 22:16:50	Name: cid_50b7d4b1b22c47fa80c3b45be2d6b9e5 Value: 1
.ctnsnet.com/	1970-01-20 22:16:50	Name: gid_CAESEMNRZxwY40vuhIS_rpb_zhc Value: 1
.blismedia.com/	1970-01-20 22:16:54	Name: b Value: 64BF8A90F2187F5BA3B1F7C4BLIS
.analytics.yahoo.com/	1970-01-20 22:16:50	Name: IDSYNC Value: 18yx~2cyw
.yieldmo.com/	1970-01-20 22:16:50	Name: yieldmo_id Value: 3axHOSSXXnS9Rq6CQsl1%7C1690243200000%7C0
.adsby.bidtheatre.com/	1970-01-20 13:41:19	Name: __kuid Value: d607063d-3c4c-43b9-8d7a-dc0eb5f96fa5.459488448
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/	1970-01-20 13:32:40	Name: pg_pv_time_1 Value: 5531
.yahoo.com/	1970-01-20 22:17:12	Name: A3 Value: d=AQABBJCKv2QCEM19qLyXZhZ2aMvHMKX2Y9sFEgEBAQHcwGTJZAAAAAAA_eMAAA&S=AQAAAqRKrny3GS-O8lZ2XLuJzyw
.rubiconproject.com/	1970-01-20 22:16:50	Name: audit Value: 1\|Md2blwaSq7qX6ewJINdHLRZkqPAlBrXo9z1CJGJ5m+7tQKxMlrvSDjuoeJGc9MVCnDpxh8vwDs3qFTrNE4+z9l9kidU5U7i9vspVenLgrnoUpYWVrKDp+E3OYGmoobl7
.linkedin.com/	1970-01-20 22:16:50	Name: bcookie Value: "v=2&a63074f9-c4ea-4f33-8f1c-63daa33fa3e6"
.linkedin.com/	1970-01-20 13:32:40	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3003:u=1:x=1:i=1690274449:t=1690360849:v=2:sig=AQGAP12WKlO_g4f_BTYjVB10V5fk7R5w"
.aniview.com/	1970-01-20 13:45:38	Name: 1_C_5 Value: LKI1RJ6V-21-9GC9
sync.aniview.com/	1970-01-20 13:45:38	Name: 1_C_5 Value: LKI1RJ6V-21-9GC9

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/ Message: Access to XMLHttpRequest at 'chrome-extension://nnoilpdinmjmdfpkdkbbkajejflbkoma/js/content-script.js' from origin 'https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://nnoilpdinmjmdfpkdkbbkajejflbkoma/js/content-script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://c.pubguru.net/pg.contactpage.sidebar.js(Line 24) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f52990b6a1eb2583a4766365ec10388.safeframe.googlesyndication.com
a3.pubguru.net
aax-eu.amazon-adsystem.com
ads.adlook.me
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.yieldmo.com
api.rlcdn.com
bcp.crwdcntrl.net
c.pubguru.net
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.playstream.media
cdn.prod.uidapi.com
cdn.pubguru.com
cm.g.doubleclick.net
csi.gstatic.com
d3byk4ol5wi3iq.cloudfront.net
dsum-sec.casalemedia.com
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
feed.playstream.media
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcm.ctnsnet.com
go1.aniview.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsby.bidtheatre.com
match.adsrvr.org
nnoilpdinmjmdfpkdkbbkajejflbkoma
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
px.adhigh.net
px.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
s2s.aniview.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
sync.aniview.com
t.pubmatic.com
tags.crwdcntrl.net
tg1.playstream.media
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track1.aniview.com
track1.avplayer.com
ups.analytics.yahoo.com
us-u.openx.net
vid.vidoomy.com
vpaid.vidoomy.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page
ads.avct.cloud
api.rlcdn.com
image6.pubmatic.com
lexicon.33across.com
nnoilpdinmjmdfpkdkbbkajejflbkoma
px.adhigh.net
vpaid.vidoomy.com
100.26.7.25
13.107.42.14
142.250.181.226
142.250.184.193
142.250.184.226
142.250.184.238
142.250.185.194
142.250.185.230
142.250.185.98
142.250.186.106
142.250.186.35
142.250.186.40
143.204.98.4
151.101.65.229
162.19.138.117
162.19.138.83
169.150.247.36
172.217.16.195
172.217.18.1
172.217.18.2
172.217.18.98
172.67.38.106
176.122.21.226
178.250.7.13
178.250.7.2
18.173.154.117
18.196.193.247
18.197.55.175
18.66.107.220
18.66.123.194
185.59.220.198
185.64.189.112
185.64.190.82
185.80.39.216
188.42.191.196
192.178.49.3
195.181.170.18
2.18.162.159
216.58.212.132
216.58.212.161
23.212.211.47
23.213.164.238
23.52.120.246
23.53.42.179
3.208.150.184
3.209.25.174
3.222.55.84
3.6.30.125
3.75.62.37
34.102.146.192
34.120.107.143
34.240.83.116
34.255.212.168
34.96.105.8
34.96.70.87
35.186.193.173
35.186.253.211
35.190.39.111
35.244.159.8
35.71.131.137
37.157.6.233
37.252.171.85
50.16.166.217
52.46.128.147
54.239.33.158
54.72.84.52
64.227.64.62
65.9.66.97
69.16.175.42
69.173.144.139
69.173.144.165
69.173.151.100
03635e66d68a69bfdfb5781ba67d6444eae727cf30b617c1e6860948d58c2479
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cbb3d9e8153475d7a3c82eef0cb183a485e0b5e006a1d2c86486f4866fd9e57
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
114342cc15f6811da8fda0352f82caa17aa721892d9ca94b41888a120e91d7a7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12da1fd06ca16782d2cb733c51f475d7ec78a2c47b8cf8f0e9e7034ae9f76542
14693bbadbe107a74dbc7e04fc77d45492f832553478518973ea18cba588769c
1630c613fc24121cd55136cd133f5e2ecefc55f6147f1d28eb5659ac139eefb2
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
172ba1368a435e1e096cbd6ceed455ed1f71e4bd521e1908050ff6a4664db24f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1acc06a1d5400a0e969ff8c6c1077ddc72e63a5a8e798d6a19d88473c4a03a06
1b3df9f3efa263c7e1806468bd23a27fe056991f98555bca599e712b8dbe9843
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1f0f1071ab7fcf6a87e947376a3d52b3cdbffe66c5a0acfc72a6e17fbd4a4eab
217d77b3d3531e97301d1a144c343ae7d30c4847cc935a47718f58164dd185cb
26902e742cc334dd433ef9f8621cde439411fc5ec71e7cb45124f89335801b8c
29e39962bf455280f804154285b13ad2c81d1b52cbd7db9ffce64b273a95a8f8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c31ff9b6c984442ed2637123ff75deaf256f48b89d10c66a725789e618abbaa
2c3a91a36b76694d5895032a0b75af9431ece7f152f9cff1cf21356e0092a38b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d9ab926c4b29188b963130147509a7b285bb3f8b4a7ea2f1e948665675d54c4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eca5f497cb4b93f7f375439085914224828d80beb44498587be85bd02ad82b6
2f94641484e1ab659a5f3cf97558c3345110ff1cb256d0852c0acabb790e2065
300eb869068f967210b1ce0ffac9fc8a1f3064cbbe5cf58a202db0f7dd8e20b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
3964e306d6b67165ac73c35d1da6dff273cb8e6f51a3fa4a615582a2a637026d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4427770d30ccf8b4e950d8d03a9d4ec0e4976ed6cc85b793aab1c7d9ecf8fda0
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47311004026fcba935d2650e2348b15cee26caa7a66075a90ec58729c68a917c
4920439ec5d2ecd4ffa32c5820106c1d78f7f0595baad0890f9d751524788009
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
49bbe0b5cb08f0092426784bc5da75656c83a665bc0de6a6d70818d8d0e8f17f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5730c7d2ccee1dbe00f07bcd36df2223be8ac45b200d9f735fbd1a0e8edd3549
5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f1608932c31df5eedb37134ddde0d5021898ad21e52aab4f7989d4994baef62
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dad36e8edf55ea0476e05180f82a7e126e92b8048eb10db8578db50c75f97d
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
688f62e65616371d79dd5a594e3ff95cd3e3eac7ae219122c74da14458c38253
6a156519b783c083e2c25ed5c49c00dd956d6be26a347ef09a77221abbed33e9
6a40f1146ac7b354a62c89a9d8fc4ed9d76cf53e0f0ff9a83e026af1ecd6d29f
6b498d5fed30dd46b47aa0bee2179932f283d5954a70348c797abdfda6fa15df
7106fc7a8a57bd3515049560e573cb31911735db6d9fef39321b159ffe24d50d
750ca94ee9fe9b7828624e59a4aeb139ff2d343a2a71ad7b5ae006e37d90b582
78e058e2d149dd050edd920b737debbcae846027c23b6bef0a18070298a6bbd0
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7ae9b0d4fe6143df71d49c7260780e015b5f61838932281ad2aeab139a9e10d8
7bae791f900d23d79289c581c7c1ad9ed37ce16d39e7c1028f92937b53f638e6
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82a3aaaa2e99adc8c983e9b7fdfb7324e1dd658e7aef392df97ce993dc15a35d
855051f8237efebed190b383776b412f20f61508199976acb25b5a9f9ff0d463
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
93dd5670a1cb6a14f1061a470b4512c60f428946ba6f46786764bc3d03ed37bc
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
943a1012ee5b55416c606a4b3b0423ca314f5d19f949856b6c7425a2ffd6bf5f
9658ca00ba5f3920b8d5ac2f6484d51be14218d879528295c1e9a6fd500c2c0a
989797a71c9a05520ce924e3252ce0846c549864e8fa0b6f530272275ff47671
9a0331e2f073810c760241bdf7ee7f53b49f5d51256915d7a5f1cbda2d066525
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ea4355dc8c90c99fc2db09572baa70bfc7868adb40c7d93b618efaa72069680
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a1b1900a78afacf42faa188813cbdc845f19a7bd6f103c7e9b90a12f4a6a49bf
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a9c27f31702b37dbae493da2e9cc304add33c7c58039e78c63ac87b5d0ec1209
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acbac941f34fee374d600cda65091a386457ae999ba28137ec71effcc66175e6
ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fea52083e796fd06bc4b417c4465adf662ebe6100fb34e479bb5ee9f9da684
b256860f89e33457e4fe69172475b06817507e9fde11eadcf8a3b1d8747f0598
b78222040390c142b5db713e2056cdce01d935a8a289fba890281a4867dddda1
ba2a02fadb06e4c925c4f6dec994b7d2b73a9c762884d7491266bb77d7656b90
bc3747c106caa252762a424da4e6c79786076c403da48827d44f655b2b600ecf
bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48
c02583b968a6f0d1bd76b7a1ab4a85d1dec23db5ba2cb70c778522185665d1c5
c0a0547bddcc23eba5ed4d3ef7c8641105c93ca434962f6b25892fd3741f8aa5
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cd6f6af6341bdb8c0e2b2642e68c80643ee58a2e9bae25fff793660ac6c1c409
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8ad0a99d854356e58c40706afeb04a90d983f7aa84aa808b48d472559a9ec43
dbe92e3cd7e8e3dc5da1e501fba71fe4399d0dc942610b2f172e8840d298465c
dfdd1cc5c2ad0b39a128c6cf51788f1c521b53285ad338efcf917e37efcbca07
e110dfd1555840c1ac9825bc01ca090fe41a796b5e72d57a95a73d59d7c21f4b
e183c3e1daa8fff31ad84d08e37fd28660748d1a52b432796f226bc7373acd76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5333d4bcaf0ba8811fe10ae35f1bf54082d7f5a1b6fe8a25ff0f9aa5c2fd507
eb6ba8b4f6e7f5ea5178c904d8bddccac23250d71d888b153b56db1a1703c0f6
ec25d3398c52904c85777717c2a8e4a8cf742e23cf5efb603636362324b3da7e
ed5c0cc8d05757beeda433f571b7e8b7b4c7fb6834313919876ea8931c52d7b8
ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082
eeb13d9ebcb3da42824675f819bf1fd0d818e188b034748ad56bb14ebc1a139b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f025076630b111e12b504f82631fe1e5f8815616bb5f47e665b080b38d2946ae
f89892b79f44a94793801ce9e65ed2562908500cacba3eebb2dd510f988c1a94
faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page Open in urlscan Pro Puny th-th1127044-แพทย-หญิง-สาวินี-บ.contact.page IDN 3.6.30.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

254 Requests

85 %HTTPS

0 %IPv6

49 Domains

82 Subdomains

62 IPs

10 Countries

6100 kBTransfer

11647 kBSize

99 Cookies

5 Outgoing links

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xn--th-th1127044-----pc2c6duitbw4fveyf4cwa7q0bf5a17a.contact.page Open in urlscan Pro Puny
th-th1127044-แพทย-หญิง-สาวินี-บ.contact.page IDN
3.6.30.125 Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

85 %
HTTPS

0 %
IPv6

49
Domains

82
Subdomains

62
IPs

10
Countries

6100 kB
Transfer

11647 kB
Size

99
Cookies

254 HTTP transactions
15 data transactions