urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Submission: On June 29 via manual from US — Scanned from GE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 15 countries across 98 domains to perform 565 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 142.250.181.225 15169 (GOOGLE)
2 5 162.210.196.208 30633 (LEASEWEB-...)
6 104.26.4.103 13335 (CLOUDFLAR...)
2 2.16.241.8 20940 (AKAMAI-ASN1)
5 2.19.126.222 20940 (AKAMAI-ASN1)
38 151.101.193.44 54113 (FASTLY)
1 54.250.12.70 16509 (AMAZON-02)
2 69.16.175.10 20446 (STACKPATH...)
53 142.250.181.226 15169 (GOOGLE)
1 3 13.32.121.21 16509 (AMAZON-02)
4 178.250.7.13 44788 (ASN-CRITE...)
4 3.233.155.232 14618 (AMAZON-AES)
16 142.250.186.98 15169 (GOOGLE)
9 23.97.225.52 8075 (MICROSOFT...)
2 4 91.228.74.208 16509 (AMAZON-02)
11 142.250.184.226 15169 (GOOGLE)
1 142.250.185.131 15169 (GOOGLE)
1 5 192.96.203.13 30633 (LEASEWEB-...)
1 151.101.65.229 54113 (FASTLY)
1 18.196.88.24 16509 (AMAZON-02)
1 23.52.123.144 16625 (AKAMAI-AS)
4 15 51.89.9.252 16276 (OVH)
9 11 37.252.173.215 29990 (ASN-APPNEX)
2 18.192.88.99 16509 (AMAZON-02)
1 213.19.162.21 3356 (LEVEL3)
1 185.255.84.151 200271 (IGUANE-)
1 178.250.7.10 44788 (ASN-CRITE...)
1 147.75.84.158 54825 (PACKET)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 104.18.24.185 13335 (CLOUDFLAR...)
1 3.121.101.248 16509 (AMAZON-02)
1 18.200.232.194 16509 (AMAZON-02)
10 34.98.64.218 396982 (GOOGLE-CL...)
25 185.106.33.48 200478 (TABOOLA-AS)
1 172.64.102.25 13335 (CLOUDFLAR...)
1 18.66.97.31 16509 (AMAZON-02)
2 2.23.209.36 20940 (AKAMAI-ASN1)
1 108.138.7.45 16509 (AMAZON-02)
2 24 141.226.228.48 200478 (TABOOLA-AS)
2 142.250.186.104 15169 (GOOGLE)
2 151.101.65.44 54113 (FASTLY)
3 175.41.208.201 16509 (AMAZON-02)
15 16 15.197.193.217 16509 (AMAZON-02)
6 6 3.251.46.15 16509 (AMAZON-02)
15 18 18.194.169.246 16509 (AMAZON-02)
3 3 37.157.6.241 198622 (ADFORM)
1 9 142.250.185.98 15169 (GOOGLE)
4 172.217.16.206 15169 (GOOGLE)
1 64.233.184.155 15169 (GOOGLE)
8 8 185.29.132.245 30419 (MEDIAMATH...)
1 34.120.96.193 396982 (GOOGLE-CL...)
5 5 2.19.70.117 16625 (AKAMAI-AS)
14 23.37.63.179 16625 (AKAMAI-AS)
4 142.250.186.129 15169 (GOOGLE)
6 138.199.37.225 60068 (CDN77 ^_^)
1 34.95.120.147 396982 (GOOGLE-CL...)
1 130.211.27.62 15169 (GOOGLE)
19 23.212.88.20 16625 (AKAMAI-AS)
2 4 3.127.94.250 16509 (AMAZON-02)
3 2.16.241.17 20940 (AKAMAI-ASN1)
5 142.250.184.194 15169 (GOOGLE)
1 1 124.146.215.49 2514 (INFOSPHER...)
4 185.86.139.102 201081 (SMARTADSE...)
11 18 69.173.144.138 26667 (RUBICONPR...)
2 2 35.208.249.213 19527 (GOOGLE-2)
19 37 172.217.16.194 15169 (GOOGLE)
1 198.47.127.205 3257 (GTT-BACKB...)
1 2 216.52.2.91 32475 (SINGLEHOP...)
1 208.93.169.131 46244 (WEBMD-IDC...)
4 5 178.250.7.11 44788 (ASN-CRITE...)
11 11 141.95.33.111 16276 (OVH)
2 2 52.30.150.15 16509 (AMAZON-02)
2 2 34.254.104.147 16509 (AMAZON-02)
2 2 77.243.51.121 42697 (NETIC-AS)
2 2 151.101.130.49 54113 (FASTLY)
2 2 3.123.215.66 16509 (AMAZON-02)
8 8 3.123.57.37 16509 (AMAZON-02)
4 5 35.244.159.8 15169 (GOOGLE)
3 12 13.248.245.213 16509 (AMAZON-02)
1 1 44.194.73.244 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
2 2 35.205.207.25 396982 (GOOGLE-CL...)
1 18.66.122.68 16509 (AMAZON-02)
26 142.250.186.161 15169 (GOOGLE)
2 178.250.1.3 44788 (ASN-CRITE...)
2 2.19.126.69 20940 (AKAMAI-ASN1)
1 7 142.250.186.164 15169 (GOOGLE)
4 34.120.139.69 396982 (GOOGLE-CL...)
2 13.107.42.14 8068 (MICROSOFT...)
2 5 52.46.155.104 16509 (AMAZON-02)
1 35.186.201.99 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 69.166.1.12 27630 (AS-XFERNET)
2 2 54.78.84.139 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
1 23.53.43.80 20940 (AKAMAI-ASN1)
1 2 35.186.254.217 15169 (GOOGLE)
3 5 198.47.127.18 3257 (GTT-BACKB...)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
1 1 198.47.127.20 62713 (AS-PUBMATIC)
1 104.18.11.47 13335 (CLOUDFLAR...)
34 95.101.148.20 16625 (AKAMAI-AS)
9 104.22.69.131 13335 (CLOUDFLAR...)
2 3.71.149.231 16509 (AMAZON-02)
2 2 216.52.2.30 32475 (SINGLEHOP...)
3 4 162.55.236.224 24940 (HETZNER-AS)
2 35.186.215.140 15169 (GOOGLE)
16 16 46.228.174.117 56396 (AMOBEE)
4 4 46.228.164.11 56396 (AMOBEE)
2 2 96.46.186.57 7979 (SERVERS-COM)
2 2 8.2.108.194 46636 (NATCOWEB)
2 2 35.157.224.17 16509 (AMAZON-02)
1 13.107.21.200 8068 (MICROSOFT...)
8 8 70.42.32.31 22075 (AS-OUTBRAIN)
4 4 2.18.160.221 16625 (AKAMAI-AS)
1 137.74.6.209 16276 (OVH)
1 35.214.143.153 15169 (GOOGLE)
1 34.95.81.88 396982 (GOOGLE-CL...)
1 1 2.16.202.75 20940 (AKAMAI-ASN1)
1 3.65.66.159 16509 (AMAZON-02)
1 2 146.20.132.54 27357 (RACKSPACE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
24 142.250.186.166 15169 (GOOGLE)
5 5 193.0.160.130 54312 (ROCKETFUEL)
6 6 54.93.94.222 16509 (AMAZON-02)
4 4 23.21.83.46 14618 (AMAZON-AES)
4 4 65.9.66.64 16509 (AMAZON-02)
3 5 35.244.174.68 15169 (GOOGLE)
4 87.248.119.251 203220 (YAHOO-DEB)
1 87.248.100.136 34010 (YAHOO-IRD)
1 188.125.72.139 34010 (YAHOO-IRD)
565 100
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
cdn.ampproject.org
5    162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
agent.aralego.com
6    104.26.4.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    2.16.241.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-8.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    2.19.126.222 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-222.deploy.static.akamaitechnologies.com
cdn.adpushup.com
38    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
match.taboola.com
1    54.250.12.70 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-12-70.ap-northeast-1.compute.amazonaws.com
nt.compass-fit.jp
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
53    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
adx.g.doubleclick.net
3    13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
4    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    3.233.155.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-155-232.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
16    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
9    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
11    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
adservice.google.com
googleads4.g.doubleclick.net
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
d-38156135323971525513.ampproject.net
5    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    18.196.88.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-88-24.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com
a.teads.tv
15    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
11    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    18.192.88.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-88-99.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    213.19.162.21 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    3.121.101.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-101-248.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    18.200.232.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-232-194.eu-west-1.compute.amazonaws.com
ads.servenobid.com
10    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
25    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
1    172.64.102.25 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
1    18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net
rules.quantcount.com
2    2.23.209.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-36.deploy.static.akamaitechnologies.com
dmp.im-apps.net
1    108.138.7.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-45.fra56.r.cloudfront.net
l.logly.co.jp
24    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
am-wf.taboola.com
2    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
3    175.41.208.201 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-208-201.ap-northeast-1.compute.amazonaws.com
sync.logly.co.jp
16    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    3.251.46.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-46-15.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
18    18.194.169.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-169-246.eu-central-1.compute.amazonaws.com
x.bidswitch.net
aws-fr-sync.bidswitch.net
3    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
9    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads.g.doubleclick.net
4    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net
www.google-analytics.com
1    64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net
stats.g.doubleclick.net
8    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com
audiencedata.im-apps.net
5    2.19.70.117 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-70-117.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
14    23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
80f97d1e0b5008bb5bd47127c625a037.safeframe.googlesyndication.com
fece383fe8e3a5293e6b4076ba2f38bb.safeframe.googlesyndication.com
cbee8b3275ba2d0f5b03b26778f5362d.safeframe.googlesyndication.com
6    138.199.37.225 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-225.bunnyinfra.net
dsp-media.eskimi.com
1    34.95.120.147 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 147.120.95.34.bc.googleusercontent.com
ox-delivery-prod-europe-west1.openx.net
1    130.211.27.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.27.211.130.bc.googleusercontent.com
win.eskimi.com
19    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hbx.media.net
warp.media.net
hblg.media.net
cs.media.net
c21lg-d.media.net
4    3.127.94.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-94-250.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
3    2.16.241.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-17.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
5    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googletagservices.com
1    124.146.215.49 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
ssbsync-global.smartadserver.com
18    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
37    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
partner.googleadservices.com
1    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
2    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
5    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
11    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
2    52.30.150.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-150-15.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.254.104.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-104-147.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
rtd-tm.everesttech.net
2    3.123.215.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-215-66.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
8    3.123.57.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-57-37.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
12    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    44.194.73.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-73-244.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
1    18.66.122.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-68.fra60.r.cloudfront.net
adx.holmesmind.com
26    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
tpc.googlesyndication.com
2    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2.19.126.69 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-69.deploy.static.akamaitechnologies.com
mnadshield-a.akamaihd.net
7    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
4    34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com
dsp-ap.eskimi.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    54.78.84.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-84-139.eu-west-1.compute.amazonaws.com
match.360yield.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    23.53.43.80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-80.deploy.static.akamaitechnologies.com
sync.im-apps.net
2    35.186.254.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.254.186.35.bc.googleusercontent.com
aw.dw.impact-ad.jp
5    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
34    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
9    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
16    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    35.157.224.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-224-17.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
8    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    2.18.160.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-221.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
1    35.214.143.153 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 153.143.214.35.bc.googleusercontent.com
csync.loopme.me
1    34.95.81.88 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.81.95.34.bc.googleusercontent.com
s-cs.rmp.rakuten.com
1    2.16.202.75 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-75.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    3.65.66.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-66-159.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    146.20.132.54 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
24    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
s0.2mdn.net
5    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    54.93.94.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-94-222.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    23.21.83.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-83-46.compute-1.amazonaws.com
i.liadm.com
4    65.9.66.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-64.fra56.r.cloudfront.net
live.rezync.com
5    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
4    87.248.119.251 (Dublin, Ireland)

ASN203220 (YAHOO-DEB, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com
s.yimg.com
1    87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com
geo.yahoo.com
Apex Domain
Subdomains		 Transfer
89 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 918
trc.taboola.com — Cisco Umbrella Rank: 634
vidstat.taboola.com — Cisco Umbrella Rank: 2607
il-trc-events.taboola.com — Cisco Umbrella Rank: 19529
images.taboola.com — Cisco Umbrella Rank: 1902
imprammp.taboola.com — Cisco Umbrella Rank: 12287
am-match.taboola.com — Cisco Umbrella Rank: 12293
wf.taboola.com — Cisco Umbrella Rank: 2720
am-vid-events.taboola.com — Cisco Umbrella Rank: 11586
sync.taboola.com — Cisco Umbrella Rank: 1091
sync-t1.taboola.com — Cisco Umbrella Rank: 1321
vidstatb.taboola.com — Cisco Umbrella Rank: 5163
match.taboola.com — Cisco Umbrella Rank: 5594
pips.taboola.com — Cisco Umbrella Rank: 1578
cds.taboola.com Failed
am-wf.taboola.com — Cisco Umbrella Rank: 13312
874 KB
81 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
80f97d1e0b5008bb5bd47127c625a037.safeframe.googlesyndication.com
fece383fe8e3a5293e6b4076ba2f38bb.safeframe.googlesyndication.com
cbee8b3275ba2d0f5b03b26778f5362d.safeframe.googlesyndication.com
821 KB
67 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
adx.g.doubleclick.net — Cisco Umbrella Rank: 2498
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346
748 KB
54 media.net
prebid.media.net — Cisco Umbrella Rank: 1429
hbx.media.net — Cisco Umbrella Rank: 1413
warp.media.net — Cisco Umbrella Rank: 2848
hblg.media.net — Cisco Umbrella Rank: 2143
contextual.media.net — Cisco Umbrella Rank: 675
cs.media.net — Cisco Umbrella Rank: 1653
c21lg-d.media.net — Cisco Umbrella Rank: 2776
125 KB
40 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 999
fastlane.rubiconproject.com — Cisco Umbrella Rank: 552
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160
eus.rubiconproject.com — Cisco Umbrella Rank: 616
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
token.rubiconproject.com — Cisco Umbrella Rank: 652
pixel-us-east.rubiconproject.com Failed
pixel-eu.rubiconproject.com Failed
90 KB
24 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 325
256 KB
23 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1134
x.bidswitch.net — Cisco Umbrella Rank: 359
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 10559
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 24135
21 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
8 KB
16 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 20070
ox-delivery-prod-europe-west1.openx.net — Cisco Umbrella Rank: 136676
u.openx.net — Cisco Umbrella Rank: 769
eu-u.openx.net — Cisco Umbrella Rank: 2766
us-u.openx.net — Cisco Umbrella Rank: 496
6 KB
15 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 857
8 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
4 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18317
e3.adpushup.com — Cisco Umbrella Rank: 19943
257 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 646
eb2.3lift.com — Cisco Umbrella Rank: 422
6 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
8 KB
12 eskimi.com
dsp-media.eskimi.com — Cisco Umbrella Rank: 29702
win.eskimi.com — Cisco Umbrella Rank: 53701
dsp-trk.eskimi.com — Cisco Umbrella Rank: 29138
dsp-ap.eskimi.com — Cisco Umbrella Rank: 32691
28 KB
11 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 423
17 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
acdn.adnxs.com Failed
12 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
219 KB
10 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
ads.yap.yahoo.com — Cisco Umbrella Rank: 13923
geo.yahoo.com — Cisco Umbrella Rank: 1423
8 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 405
bidder.criteo.com — Cisco Umbrella Rank: 719
dis.criteo.com — Cisco Umbrella Rank: 608
3 KB
10 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 26534
sync.aralego.com — Cisco Umbrella Rank: 3151
agent.aralego.com — Cisco Umbrella Rank: 288928
6 KB
9 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com — Cisco Umbrella Rank: 3242
static.smilewanted.com — Cisco Umbrella Rank: 12100
18 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 573
6 KB
8 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1197
5 KB
8 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 797
image8.pubmatic.com — Cisco Umbrella Rank: 738
image2.pubmatic.com — Cisco Umbrella Rank: 1036
image4.pubmatic.com — Cisco Umbrella Rank: 1305
2 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 577
5 KB
7 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 642
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
ssum-sec.casalemedia.com Failed
12 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
5 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 14019
82 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
4 KB
5 rlcdn.com
id.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 428
1 KB
5 amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
280 KB
5 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2453
mnadshield-a.akamaihd.net — Cisco Umbrella Rank: 17399
2 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 538
57 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1580
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 697
2 KB
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 597
3 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1372
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1067
2 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2085
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1060
ap.lijit.com — Cisco Umbrella Rank: 782
2 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 922
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1820
448 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
521 B
4 logly.co.jp
l.logly.co.jp — Cisco Umbrella Rank: 61233
sync.logly.co.jp — Cisco Umbrella Rank: 68396
3 KB
4 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 24528
audiencedata.im-apps.net — Cisco Umbrella Rank: 26833
sync.im-apps.net — Cisco Umbrella Rank: 3769
4 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1250
pixel.quantserve.com — Cisco Umbrella Rank: 1003
cms.quantserve.com — Cisco Umbrella Rank: 862
10 KB
4 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10735
1013 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
cm.adform.net Failed
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
3 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 3679
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2972
1 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3368
992 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1863
1 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 105036
20 KB
2 impact-ad.jp
aw.dw.impact-ad.jp — Cisco Umbrella Rank: 97707
570 B
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1419
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2409
812 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
885 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 568
55 KB
2 avads.net
ads.avads.net — Cisco Umbrella Rank: 32934
486 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1129
673 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5256
1 KB
2 everesttech.net
rtd-tm.everesttech.net — Cisco Umbrella Rank: 3563
696 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1361
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 955
861 B
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1103
589 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
85 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 28755
11 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 643
589 B
1 rakuten.com
s-cs.rmp.rakuten.com — Cisco Umbrella Rank: 34713
276 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1061
157 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 9637
460 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 258
670 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 689
2 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1113
875 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2276
176 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 577628
868 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
467 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
883 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 651
863 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1109
862 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1172
635 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 19625
3 KB
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3004
public.servenobid.com Failed
711 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 988
168 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3835
456 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1500
495 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
1 KB
1 ampproject.net
d-38156135323971525513.ampproject.net
1 compass-fit.jp
nt.compass-fit.jp — Cisco Umbrella Rank: 88578
17 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
16 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 googleapis.com Failed
fonts.googleapis.com Failed
imasdk.googleapis.com Failed
0 adscale.de Failed
ih.adscale.de Failed
565 98
Domain Requested by
51 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
www.googletagservices.com
mnadshield-a.akamaihd.net
adx.holmesmind.com
35 cm.g.doubleclick.net 19 redirects www.bg3.co
eus.rubiconproject.com
googleads.g.doubleclick.net
onetag-sys.com
u.openx.net
eb2.3lift.com
34 contextual.media.net cdn.adpushup.com
csync.smilewanted.com
mnadshield-a.akamaihd.net
contextual.media.net
eus.rubiconproject.com
26 tpc.googlesyndication.com bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
adx.holmesmind.com
25 il-trc-events.taboola.com www.bg3.co
24 s0.2mdn.net www.bg3.co
s0.2mdn.net
mnadshield-a.akamaihd.net
16 x.bidswitch.net 13 redirects onetag-sys.com
www.bg3.co
16 match.adsrvr.org 15 redirects cdn.adpushup.com
16 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
cdn.aralego.net
www.bg3.co
www.googletagservices.com
agent.aralego.com
15 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
csync.smilewanted.com
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
am-match.taboola.com
cdn.adpushup.com
contextual.media.net
12 sync.1rx.io 12 redirects
12 eb2.3lift.com 3 redirects www.bg3.co
cdn.adpushup.com
eb2.3lift.com
12 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
onetag-sys.com
www.bg3.co
googleads.g.doubleclick.net
11 id5-sync.com 11 redirects
11 ib.adnxs.com 9 redirects cdn.adpushup.com
googleads.g.doubleclick.net
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 sync.taboola.com 2 redirects imprammp.taboola.com
am-match.taboola.com
www.bg3.co
9 googleads.g.doubleclick.net 1 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
mnadshield-a.akamaihd.net
9 e3.adpushup.com www.bg3.co
8 b1sync.zemanta.com 8 redirects
8 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
8 rtb.mfadsrvr.com 8 redirects
8 sync.mathtag.com 8 redirects
8 trc.taboola.com cdn.taboola.com
imprammp.taboola.com
am-match.taboola.com
www.bg3.co
7 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
7 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 pm.w55c.net 6 redirects
6 cs.media.net contextual.media.net
6 us-u.openx.net 3 redirects u.openx.net
6 token.rubiconproject.com 6 redirects
6 hblg.media.net www.bg3.co
6 dsp-media.eskimi.com cdn.adpushup.com
www.bg3.co
6 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
www.bg3.co
6 pr-bh.ybp.yahoo.com 6 redirects
6 images.taboola.com www.bg3.co
6 cdn.aralego.net www.bg3.co
ads.aralego.com
adx.holmesmind.com
agent.aralego.com
5 idsync.rlcdn.com 3 redirects contextual.media.net
5 p.rfihub.com 5 redirects
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 image8.pubmatic.com 3 redirects onetag-sys.com
5 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
onetag-sys.com
5 dis.criteo.com 4 redirects googleads.g.doubleclick.net
5 www.googletagservices.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
s0.2mdn.net
5 secure-assets.rubiconproject.com 5 redirects
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
eus.rubiconproject.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 s.yimg.com ad.sitemaji.com
s.yimg.com
adx.holmesmind.com
4 googleads4.g.doubleclick.net www.bg3.co
4 live.rezync.com 4 redirects contextual.media.net
4 i.liadm.com 4 redirects
4 am-wf.taboola.com vidstat.taboola.com
4 stags.bluekai.com 4 redirects
4 sync.targeting.unrulymedia.com 4 redirects
4 ad.turn.com 4 redirects
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 dsp-trk.eskimi.com www.bg3.co
4 ghent-aws-fr.bidswitch.net 2 redirects www.bg3.co
4 www.google-analytics.com cdn.ampproject.org
www.bg3.co
www.googletagmanager.com
4 http-intake.logs.datadoghq.com cdn.adpushup.com
4 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
contextual.media.net
4 ads.aralego.com 1 redirects ads.aralego.com
agent.aralego.com
3 c21lg-d.media.net contextual.media.net
3 eu-u.openx.net u.openx.net
www.bg3.co
3 u.openx.net 1 redirects www.bg3.co
cdn.adpushup.com
3 qsearch-a.akamaihd.net www.bg3.co
3 c1.adform.net 3 redirects
3 sync.logly.co.jp nt.compass-fit.jp
sync.logly.co.jp
3 adpushup-d.openx.net cdn.adpushup.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.bg3.co
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 aws-fr-sync.bidswitch.net 2 redirects
2 adx.g.doubleclick.net mnadshield-a.akamaihd.net
2 a.sportradarserving.com 2 redirects
2 us.ck-ie.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ad.sitemaji.com adx.holmesmind.com
securepubads.g.doubleclick.net
2 ap.lijit.com 2 redirects
2 cms.quantserve.com 2 redirects
2 ups.analytics.yahoo.com onetag-sys.com
2 ssbsync-global.smartadserver.com onetag-sys.com
2 aw.dw.impact-ad.jp 1 redirects sync.logly.co.jp
2 sync.inmobi.com 2 redirects
2 match.360yield.com 2 redirects
2 px.ads.linkedin.com eus.rubiconproject.com
eb2.3lift.com
2 mnadshield-a.akamaihd.net hbx.media.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 ads.avads.net 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 ads.creative-serving.com 2 redirects
2 rtd-tm.everesttech.net 2 redirects
2 uipglob.semasio.net 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 ce.lijit.com 1 redirects www.bg3.co
2 trace.mediago.io 2 redirects
2 warp.media.net cdn.adpushup.com
2 hbx.media.net www.bg3.co
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 dmp.im-apps.net nt.compass-fit.jp
dmp.im-apps.net
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 geo.yahoo.com adx.holmesmind.com
1 ads.yap.yahoo.com s.yimg.com
1 cbee8b3275ba2d0f5b03b26778f5362d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 agent.aralego.com 1 redirects
1 match.sharethrough.com csync.smilewanted.com
1 ads.stickyadstv.com 1 redirects
1 s-cs.rmp.rakuten.com www.bg3.co
1 csync.loopme.me www.bg3.co
1 a4p.adpartner.pro www.bg3.co
1 c.bing.com eb2.3lift.com
1 static.smilewanted.com csync.smilewanted.com
1 js-sec.indexww.com cdn.adpushup.com
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 sync.im-apps.net sync.logly.co.jp
1 sync.go.sonobi.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 fece383fe8e3a5293e6b4076ba2f38bb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 80f97d1e0b5008bb5bd47127c625a037.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 dsp-ap.eskimi.com dsp-media.eskimi.com
1 pips.taboola.com cdn.taboola.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 t.adx.opera.com www.bg3.co
1 sync.srv.stackadapt.com 1 redirects
1 match.taboola.com www.bg3.co
1 rtb-csync.smartadserver.com www.bg3.co
1 bh.contextweb.com www.bg3.co
1 simage2.pubmatic.com www.bg3.co
1 ssbsync.smartadserver.com www.bg3.co
1 tg.socdm.com 1 redirects
1 win.eskimi.com cdn.adpushup.com
1 ox-delivery-prod-europe-west1.openx.net cdn.adpushup.com
1 vidstatb.taboola.com www.bg3.co
1 audiencedata.im-apps.net dmp.im-apps.net
1 bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net cdn.ampproject.org
1 pixel.quantserve.com www.bg3.co
1 imprammp.taboola.com vidstat.taboola.com
1 l.logly.co.jp nt.compass-fit.jp
1 rules.quantcount.com secure.quantserve.com
1 amp.analytics-debugger.com cdn.ampproject.org
1 ads.servenobid.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-38156135323971525513.ampproject.net cdn.ampproject.org
1 secure.quantserve.com cdn.adpushup.com
1 nt.compass-fit.jp www.bg3.co
1 www.bg3.co
0 ssum-sec.casalemedia.com Failed js-sec.indexww.com
0 cm.adform.net Failed csync.smilewanted.com
0 id.rlcdn.com Failed onetag-sys.com
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
0 public.servenobid.com Failed cdn.adpushup.com
0 acdn.adnxs.com Failed cdn.adpushup.com
0 match.adsby.bidtheatre.com Failed googleads.g.doubleclick.net
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 cds.taboola.com Failed cdn.taboola.com
0 aax-eu.amazon-adsystem.com Failed eus.rubiconproject.com
0 imasdk.googleapis.com Failed bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
0 fonts.googleapis.com Failed bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
0 ih.adscale.de Failed www.bg3.co
0 prebid.smilewanted.com Failed cdn.adpushup.com
0 static.bg3.co Failed www.bg3.co
565 179
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
cdn.adpushup.com
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.compass-fit.jp
GlobalSign RSA OV SSL CA 2018		 2023-04-11 -
2024-05-12		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.a-mo.net
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-05-20 -
2023-08-18		 3 months crt.sh
quantserve.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
*.logly.co.jp
Amazon RSA 2048 M02		 2023-04-05 -
2024-05-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-06-08 -
2023-09-06		 3 months crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1		 2023-03-20 -
2024-04-12		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
feebee.com.tw
R3		 2023-05-02 -
2023-07-31		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
adpartner.pro
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
loopme.com
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.rmp.rakuten.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-20 -
2024-01-19		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-22 -
2023-07-12		 2 months crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-22 -
2023-07-12		 2 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-02 -
2023-10-25		 6 months crt.sh

This page contains 78 frames:

Primary Page: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Frame ID: A317F2A58A502898EB5D9DAA5CFD87E7
Requests: 173 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1688020662701&uv=3291&tms=1688020662701&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vD!ul3292_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fcfe58bf-a323-4f73-8ed3-0200f9a1968f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 7612E3A20204C3805202691E54053A5C
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: CF8E451BB0F7E6DF61A21041AFC58DD0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: EBDC94D821264F725FE6CDE7C7CCFABB
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1830F91A2AC0FF7DDE3B5FF55D705B9C
Requests: 7 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 2319A127B3BD8B28B94C20889F845423
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2540110022167727248&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2907&oid=2&is_amp=5&amp_v=2306202201000&d_imp=1&c=38009125&ga_cid=amp-TTPdpg3GeEnSlbeH8gWUZA&ga_hid=9125&dt=1688020662293&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&bdt=2427&dtd=108&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: DE2A2B30C34D82F7D753096DE77D6C29
Requests: 1 HTTP requests in this frame

Frame: https://bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5A5DBDFE9C19242C226B8017999C7E22
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 5A568F58757C2542DEE14DE13E926B8F
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: AF3860CA4127901AD29773ECB4DA3800
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6351D0EACCD6E900D9F59E5C434DA796
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 8A2207DACB4AC5F4A0A1AFE480222FAF
Requests: 11 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 3FD7CBC115B7809F566473E27B6F60A0
Requests: 3 HTTP requests in this frame

Frame: https://bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D83FD9F4211AF3D1EA33203CF323BE50
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEr4Ewco5iyYckwCjoF1xJPVjnKnr5YNktFwXki1OyGho5b-f9p3ctZwGPsqtec8zAray3lLQkWGBGupwhnVlsGZ1trfmbpyho7-QZvAjM5_xg3W4qrBypCyh7Vz8pUtfgZxDZ7DNrWb2Hti55PUdF8FFEjW9FJpw0TwjMQYsOLWv99feGPbERlQ8VuAoKsjPd3JQjsHWT5MZPATmDGsboAR5cSDiJJYENEsljR8Gp02quK90O7r7g1mujSf6Thl_4D4EXVktxkfSmb7jd1P42yyeXlED4spHBOZeOGnDkiZCr-V59hECao_9vhlvTdcZF&sai=AMfl-YSniAvFe6i6VIw-CCNDWkvl3BVMhcpKzjm9Tbq26D31uWOAmP-ea2BqSMrkOXFL4DCbt5BSQyHHr-8k-Hth2d54Xuwu4i7mLYBkVAaADrUMF_9rvUhTVCkD4b7aVDqwGfw07xPJmJgHb1CXlQk&sig=Cg0ArKJSzPYhG0smoos2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E2C2D15C142581E1D27771C5747052CB
Requests: 25 HTTP requests in this frame

Frame: https://hbx.media.net/creativewrapper/0-0-1/js/cw.js
Frame ID: 8D2362312480A2D86AC9925D6B4552EE
Requests: 3 HTTP requests in this frame

Frame: https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Frame ID: E7E265B8A1767DA7CB27F4AAC9621D3B
Requests: 4 HTTP requests in this frame

Frame: https://hbx.media.net/creativewrapper/0-0-1/js/cw.js
Frame ID: FFB2C524EF1A6052A41514DF097C85C2
Requests: 3 HTTP requests in this frame

Frame: https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Frame ID: DF940A7F93D12AFC90D94F3E7F5DFA56
Requests: 4 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJ0musCo8X4AACKkg-8AAAAA
Frame ID: 72B51C1CC789307F2FFFF2545FB8086E
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Frame ID: 554A34B8FC2E28E07FF5993467A73F68
Requests: 10 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 00CBE94A3E369B704FD93A5A52D3BE10
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 9372DAFB3F22606FB48C12B6E6FEA8BE
Requests: 3 HTTP requests in this frame

Frame: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Frame ID: 4121FA7AF6CD5B8CC0C744F4B05EEA7E
Requests: 18 HTTP requests in this frame

Frame: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Frame ID: AD74DD8B37811A66B1E8358D61535429
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 900CB63BE5D32C4D7374F2AFFA3C59F5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64F229C9E21D6EFD831CE419A04B866B
Requests: 9 HTTP requests in this frame

Frame: https://80f97d1e0b5008bb5bd47127c625a037.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3EEC084B35FEB871C9A13BD87748FCA8
Requests: 1 HTTP requests in this frame

Frame: https://fece383fe8e3a5293e6b4076ba2f38bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A187196DB2804FC4B70CFCCFCCBD8AE8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Frame ID: AB0D0D356D0AE507E67E2F2955B45C2D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A90EA605C2E2EF85818D960C86B5501D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2C44B50AB5CB988B0A57FE46F685A89
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: A4337FFF91FC655F37E1BEEA716999D6
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FB274D7D6501DE71685ED906E959ED76
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3927EAD879AFEC0543834386A2742863
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 30E03DB757186E1391310FEA8B5416B6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EAD3524F2D4C41FDA8129CD9D7EE47B8
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1688020663029
Frame ID: 785A262126804E199051712B9230BF80
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 15BB4B535AEBD4FE0A10EC11E85E8CD9
Requests: 14 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 90F4EB8258597BFBB2FFDF4890ACE5DC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 866468EF02BED7749BBC7F6BB0807D2A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4EA3E27AEC4615386B72ED07A1803954
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A0336FEFC67663B8230C1C96C496A69
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: A856C4BA5AF75C47F72AE001C702D4F3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 30C4130B55B73536E7797B74C9D9F286
Requests: 15 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/G5TtuLZHNEpGQ9SbQhiZ-QHm
Frame ID: 476186C932468FDA1613731D5C33C102
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7226639094620937395&gdpr=0&gdpr_consent=
Frame ID: 6297E828FBFB9CF8275C615E38ABBBCF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Frame ID: A697081E2D04155BB9E24D1F35C08324
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/ab6a5d61-cd9d-53b4-a51b-9da6c186bb1d
Frame ID: C9826BE8D340A19E681D90BFA150BA7E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ceb28cf0387e35a6af56b7a3feffc40df8ee82739a8dffd76349b9dce6553318
Frame ID: 8BC69954DE86579F38F69BD18A37A3A3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: F2F2393BA5ABFC28D264E97D2326D1CB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/32075d85e80837ee35cd521c807fef?gdpr_consent=&gdpr=0
Frame ID: 5F213F0238F283D218472B91B514D014
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: E6677E2EE142F85809DE1CE0CD93EF9C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/da8808dc4d5c09e0946f5975cdb3afd57bbdff0c879f50a4d810515d64618b50
Frame ID: DB957B7530DC382326C752DBF5890463
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNVx_NOdZfNRAlDUrwNfIFZk9Hz9hbFbi9bb9bs0sygpSQoU_qunubjcJwH1FwbDJ1TWZgujS2uZl2ZMeJ5_o2KEFLCNEy5vpI_L5TaezxSWA7ZvqtE
Frame ID: 31D5ADC3A66CF9569E1129488FF1B1A4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNUa14qlA30NWm2SLYt4UbrahoZaXNApMnijCXEmCHcRCdVltoI8R8cFvQTv7EauHEZgSyBdKOXaPdvLHvHrBgV8go28gyw52pdAEo6F0Wm5ekPU24A
Frame ID: 7AF2641352BF673D372C13BE3A161363
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: C7F1B4A5587DB98F2F820AC67A71F0CD
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A6DA29823EBAB4531E9F8BEABF97CB77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1DE9BC75FCB778D0B29D18F6F10F9E23
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: E4FB2EB7699005D7368CAE6C6EE8805C
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 2162905ACECA8FA7A424AB627BA0A31B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 272B43450DDC4277E64355F7975C6C5A
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206703533310222704262523000V10&ovsid=5144588525469845757
Frame ID: B09BE4F95CBDFEB8233A1E6B86955E30
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: DB24492CC9A5565D28819F3B6EC85B2E
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206704063310222704262523000V10&ovsid=5134455419784315997
Frame ID: 1B8B66FCF726A1044E2B984EEC94D587
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4A9AAEE07BA17EEB61BE2EF7476F005B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: A01D9345F029927ABD672FBBB9CEE4C9
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=rkt&refUrl=&vid=80206704803310222704262582000V10&ovsid=5141210825728788286
Frame ID: 7D5DBABA5C26F273A20A697636CE4A30
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Frame ID: C297C7237005112539F3A60179189671
Requests: 11 HTTP requests in this frame

Frame: https://cbee8b3275ba2d0f5b03b26778f5362d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 5067A18B477ADA2579958192F9DACE50
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Frame ID: DB4B1CDD7CEEA9FDD5D58BC84A1FCA32
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQJgS2yQEJ1KnqTOB_1tBZ1dFfuZ6LzmnqDFb-eyoy9ST7vu4q9IiPw5r9aPQG54SaHI3W1eIRSM19N4Q8Idg1PGw6SQgUhHtYVJe-dYVtw_NGZytaZ2q4P_qMXe90e066J_DTeIfTSrFaRsC3iXoISxlRjzAJBomkdbnn44BhSmY-plpUUwRtnyBGLZmMSLCOeoSMWFcIfTkF_I9TSL1IdeIFk57y-jgj97mHEECwyww86GDuOTLmXq40OUqnqUQDz_DjVR3LNvX6KJqIELwpsbdkWwIiNwte2mZZYXpD6tnNAoqC2VjpGBiT3f7NiVM5uFSsKatlFV5v&sai=AMfl-YQKQh-6OKpXn2gd-3LGozcz-S94FtB-OpSo00T87cPCoHUj-SbipipEN7hjr0WcwDnbsVNpl78bnEYqL4sc_lVdC1RSLOLb3-smmw&sig=Cg0ArKJSzFFZxiVqFwx0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 14B8094A7E9D6258BBACBC22A7827FF8
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36900E71B281670C42CEC0C1D0C59783
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F5078754A5D2037DA32244B0246BBC1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 236224E01963A9786B686F3AE1657B0D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9335610EC5320A5CF68A92D6F83789CF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3AA09AC199FCD237AA000620103E27B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 393A3F4269BC99AB5BC4E0162C664A45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

《鬼滅》破4億陳竹升爲女兒追片 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

565
Requests

74 %
HTTPS

0 %
IPv6

98
Domains

179
Subdomains

100
IPs

15
Countries

4212 kB
Transfer

12499 kB
Size

161
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 44
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1688020661523&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&c8=%E3%80%8A%E9%AC%BC%E6%BB%85%E3%80%8B%E7%A0%B44%E5%84%84%E9%99%B3%E7%AB%B9%E5%8D%87%E7%88%B2%E5%A5%B3%E5%85%92%E8%BF%BD%E7%89%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1688020661523&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&c8=%E3%80%8A%E9%AC%BC%E6%BB%85%E3%80%8B%E7%A0%B44%E5%84%84%E9%99%B3%E7%AB%B9%E5%8D%87%E7%88%B2%E5%A5%B3%E5%85%92%E8%BF%BD%E7%89%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
Request Chain 132
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Request Chain 133
  • https://pr-bh.ybp.yahoo.com/sync/taboola/87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-HjgP.p9E2oQ0CzdIp931t5JRJnGXN7tWgKgCjA--~A
Request Chain 134
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5397954210711331650&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 149
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Request Chain 150
  • https://pr-bh.ybp.yahoo.com/sync/taboola/87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Yy6flc5E2oSQAHZcZF0MylO87Czq_eWzmSxUgw--~A
Request Chain 151
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3Dca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=7aec649d-26b8-4c00-9efc-873fef46c2c7&expires=30&ssp=taboola&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 155
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 158
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 199
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJ0musCo8X4AACKkg-8AAAAA
Request Chain 202
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJGRX3F9-C-CG73
Request Chain 203
  • https://pr-bh.ybp.yahoo.com/sync/taboola/87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Yy6flc5E2oSQAHZcZF0MylO87Czq_eWzmSxUgw--~A
Request Chain 204
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=bc27f53f83a911da83bc3011746cfb94
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECMhE71eZN3Z0k3CDr8-iCM&google_cver=1
Request Chain 207
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
Request Chain 208
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Request Chain 209
  • https://ce.lijit.com/merge?pid=42&3pid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 212
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=14a19c98-44a2-4160-baa3-5a98e76a42de
Request Chain 213
  • https://id5-sync.com/s/464/9.gif?puid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f7b4RCzoo7YRvrlzLTt2b1iF1rdlxi4-Y1h66QI1XQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/6/2.gif?puid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&ttl=%%TTL%% HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LJGRX3F9-C-CG73&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/3/5.gif?puid=3957614a17ac99816ec4962191df004e&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=3957614a17ac99816ec4962191df004e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=3957614a17ac99816ec4962191df004e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/485/2/6.gif?puid=39722627727691159221184553471089160667&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/1/7.gif?puid=33701AC0B730B3D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=ZJ0mwwANKxvc6gA2 HTTP 302
  • https://id5-sync.com/c/464/136/0/8.gif?puid=ZJ0mwwANKxvc6gA2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-f7b4RCzoo7YRvrlzLTt2b1iF1rdlxi4-Y1h66QI1XQ
Request Chain 214
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4effcf1f-7e8f-42bc-8bb3-b7df3362d775&ssp=taboola&expires=30&user_group=5&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 215
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7cb5138a-a4b4-4a6e-af62-319634a85fa2 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7cb5138a-a4b4-4a6e-af62-319634a85fa2&tbid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&query=taboola_hm%3D7cb5138a-a4b4-4a6e-af62-319634a85fa2&isDirect=0
Request Chain 218
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=uOx-wXXTUAFvZsd1JgQE2lvvzoE
Request Chain 220
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=281fd4a9-4ad2-4281-8e67-cb2960553830
Request Chain 227
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Request Chain 228
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&av_tc=True HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=0f31786a-2de3-459e-a2ac-a5a973c93b36&expires=15&ssp=taboola&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 233
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020665&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663595&bpp=48&bdt=1648&idt=1516&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=1&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=1587673068&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1734&biw=1600&bih=1200&isw=336&ish=280&ifk=513527170&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532278%2C44759842%2C42532280%2C44788441%2C21065725&oid=2&pvsid=2012173857900614&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.g77t6ngmynzt&btvi=1&fsb=1&dtd=1565 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 245
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LJGRX3F9-C-CG73 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LJGRX3F9-C-CG73 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/10487bdc-548d-30fb-824e-d65474e74d22?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-cSZeZnBE2oUMiEvpIYYfEBvPPYA9iFrOl7YxcrE-~A&redirect=
Request Chain 263
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Y3MGFiMzg2YzgyYjZkZDU3MjkzM2JkMjIzNjljMDhiYTYxMDYwZg
Request Chain 264
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=&expires=30
Request Chain 265
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpHUlgzRjktQy1DRzcz HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL12VxOarGaTfw096ONucVk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpHUlgzRjktQy1DRzcz&google_push=
Request Chain 267
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJGRX3F9-C-CG73
Request Chain 268
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=I4mxkt1DTOq5LCi6ui4Yng&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I4mxkt1DTOq5LCi6ui4Yng
Request Chain 269
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZRCTrYAtF1ZUnB-IbiLSZg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4JQ_XZxE2oIbUAztdFPQpKy1xo4mWXh8ISauMg--~A
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOLG3jTKfkpeLQVO6YEjqvA&google_cver=1
Request Chain 286
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAaAOQGGr_e_QrcBNaSNo1zC5jULXZAblw2zoL1SyI1__z9IhK7AhweJzG-E41Uoh_hNl7Cxb8sl4alCDYG8exgIxwgZpb6d1Z2Y%26google_hm%3D%5BUID%5D&google_gid=CAESEA7nG2lIN2cN9Cq0HMHxD6c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AaAOQGGr_e_QrcBNaSNo1zC5jULXZAblw2zoL1SyI1__z9IhK7AhweJzG-E41Uoh_hNl7Cxb8sl4alCDYG8exgIxwgZpb6d1Z2Y&google_hm=f4a111a0-c7f4-4455-975e-a3b937298ca0
Request Chain 287
  • https://match.360yield.com/match/ebda?google_gid=CAESEPGMCgeBkM6kJfYbCXUfZjc&google_cver=1&google_push=AaAOQGHDMPdReKTp_mhmAbV-5R51h0KPn35co2Xu6ZGklQElHUA933m_DoXZ0Z8ntO0pXuxlZWHbWpIGbg7MFjtiBjhc6qDR_p4 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPGMCgeBkM6kJfYbCXUfZjc&google_cver=1&google_push=AaAOQGHDMPdReKTp_mhmAbV-5R51h0KPn35co2Xu6ZGklQElHUA933m_DoXZ0Z8ntO0pXuxlZWHbWpIGbg7MFjtiBjhc6qDR_p4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=glUi44qARN-9ALKlzzl6pg&google_push=AaAOQGHDMPdReKTp_mhmAbV-5R51h0KPn35co2Xu6ZGklQElHUA933m_DoXZ0Z8ntO0pXuxlZWHbWpIGbg7MFjtiBjhc6qDR_p4
Request Chain 288
  • https://sync.inmobi.com/gob?google_gid=CAESEEaqq1JRSWAC5W3WJxRvDz4&google_cver=1&google_push=AaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8IDnvGpk HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8IDnvGpk HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-fa18s85VI9ZMs_t91x9YXbzY6pV_ft5apjP_YMsIPg&google_push=AaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8IDnvGpk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=wK9galH7jPw8U2TpgDdk&google_push=AaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8IDnvGpk&google_nid=inmobi_new_eb
Request Chain 289
  • https://trace.mediago.io/cs/google?google_gid=CAESELU8DqZeokVBA6LVd75dIRg&google_cver=1&google_push=AaAOQGEtxwF6SinnDPqI2SgmYFuRAqMylEenTXjBHexFfMmF58nypsoHk6RZ9T83eqlXoUH7o1IMp80GEOqRLaLHrvVAXyCG2yCf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGEtxwF6SinnDPqI2SgmYFuRAqMylEenTXjBHexFfMmF58nypsoHk6RZ9T83eqlXoUH7o1IMp80GEOqRLaLHrvVAXyCG2yCf&google_hm=cd9c4fdd07a636c4fe3c8da4793d2463
Request Chain 291
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 295
  • https://aw.dw.impact-ad.jp/c/map/?oid=26eb996a1a9c6758&cid=PwP4qxe1rbN8aM5fQQfjMqE9SQ8&sp=dsd HTTP 303
  • https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=PwP4qxe1rbN8aM5fQQfjMqE9SQ8&sp=dsd
Request Chain 296
  • https://image8.pubmatic.com/AdServer/ImgSync?p=162474&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162474%26pr%3Dhttps%253A%252F%252Fsync.logly.co.jp%252Frtb%252Fpubmatic.gif%253Fbuyeruid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=162474&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162474%26pr%3Dhttps%253A%252F%252Fsync.logly.co.jp%252Frtb%252Fpubmatic.gif%253Fbuyeruid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDBDNTk0RjQtQzdCRC00ODM0LTk3QkYtQTU2RUE3RDA0RTY0&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=162474&pr=https%3A%2F%2Fsync.logly.co.jp%2Frtb%2Fpubmatic.gif%3Fbuyeruid%3D40C594F4-C7BD-4834-97BF-A56EA7D04E64 HTTP 302
  • https://sync.logly.co.jp/rtb/pubmatic.gif?buyeruid=40C594F4-C7BD-4834-97BF-A56EA7D04E64
Request Chain 307
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=1&gdpr_consent=
Request Chain 319
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7226639094620937395
Request Chain 321
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQXfSSjiMyXkJ1_KOxsOKwNW-4TNqjD8bQ
Request Chain 324
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=66tcrXkPBYRReG93tdN2_zKscMfa-UC4MkIywvno9oE
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOCcdkRWeIYQRaqcAvVX7Lg&google_cver=1
Request Chain 328
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=
Request Chain 330
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7aec649d-26b8-4c00-9efc-873fef46c2c7
Request Chain 331
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3HyIFth-00XHeoVG33mcS9t6gRPHeYhHjCxqKG6k
Request Chain 332
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5397954210711331650
Request Chain 333
  • https://match.adsrvr.org/track/cmf/openx?oxid=af25378a-a0d3-73d6-fcc9-caafc1289c84&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8334b4be-2d19-4991-ac01-0a3d6f7ad157&ttd_puid=af25378a-a0d3-73d6-fcc9-caafc1289c84&gdpr=0&gdpr_consent=
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBakrHeL68TwwPCzzGTy8q8&google_cver=1
Request Chain 344
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/G5TtuLZHNEpGQ9SbQhiZ-QHm
Request Chain 345
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7226639094620937395&gdpr=0&gdpr_consent=
Request Chain 348
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1688020670770 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4988247721 HTTP 302
  • https://sync.1rx.io/usersync/turn/8108881939374098481?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3DRX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Request Chain 350
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/ab6a5d61-cd9d-53b4-a51b-9da6c186bb1d
Request Chain 353
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ceb28cf0387e35a6af56b7a3feffc40df8ee82739a8dffd76349b9dce6553318
Request Chain 355
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQXfSvnxc0H0hBWpQtYhvw4mUmk8g0ahaw
Request Chain 357
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WLsdGjM-1RK-4NxwMP5xxJg8r5_RaGNVArGMbPHAlLo
Request Chain 361
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=1&gdpr_consent=
Request Chain 362
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7226639094620937395
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOCcdkRWeIYQRaqcAvVX7Lg&google_cver=1
Request Chain 366
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=
Request Chain 368
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 369
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU3MTkzMTgxNTI2NzE0ODA2MTU1MA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEELReGdZLeBbEmUEMepSEik&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 371
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU3MTkzMTgxNTI2NzE0ODA2MTU1MA%3D%3D
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4571931815267148061550&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b6abfa5b-3dc8-4743-bfd3-43b6cc936a80&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 375
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4571931815267148061550?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CcXzjZ9E2oQV6uX..zZCi8Xopn7F3O9yW.xiXq1yUw--~A&dongle=0883
Request Chain 376
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=dWag9UwpasalZFgXaaHq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MRLWCZZZKV3XAYLTMFWFURTHLBQWCSDR&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MRLWCZZZKV3XAYLTMFWFURTHLBQWCSDR HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=dWag9UwpasalZFgXaaHq
Request Chain 377
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7226639094620937395&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 386
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/32075d85e80837ee35cd521c807fef?gdpr_consent=&gdpr=0
Request Chain 390
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/da8808dc4d5c09e0946f5975cdb3afd57bbdff0c879f50a4d810515d64618b50
Request Chain 391
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 400
  • https://ghent-aws-fr.bidswitch.net/imp/0.071/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RC10vYtiadZIPTOs-KlgTKp57wAdja8__FwqIafhpYRrcr93wUQASCD__eYfYI0CyAEJqQJcAregGkayPqgDAcgDmwSqBNwBT9Azx6ik__bYx8JueW__WrT-jQlLo-WcxIC1LCBIAtjlWl6yZtTgV7b5imZXaV0yeU8xOdY97PA6UvxvsNtVHAcT60N1UaFGVkS8UdiJuZSI1uyoMT8MoupfU2O56uPkEL1mJwQ7n6FmHKOllu2kecJCWqnzkjQe99LoOALpdzDZXjtK5jv9-H7Y4aNKJvciOw4yUmfRQN09DUuXFQ24ubb2Simng3H__ax1HsVdlxVCxF4KbPAEZXUQRgZuFIHNinksu1TE5sG6wdEOwj35mbErd30q3h09lUKDkSbrMAE1bvyp60E4AQDiAWs4__yrS5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGd4AHre2s5QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDdqgQYhqrA7AHSCBQIgGEQARhfMgKKAjoCgEBIvf3BOvIIGWJpZGRlci1tZWRpYW5ldF84Q1VQRVBLSTmACgTICwGwE57L1RPIE4i7__OID2BMK2BQB0BUBgBcBshcICgYIABIAGADoFwU_Jsigh_Rm__hVcoE__rZA_Juach__m_R_EUACH_F_Jpr_R38_A_I_WAUCTION__PRICE_X_Jcid_RCAQSMgBygQiDYoP9H17zLT12MvoFBBz1TJt743n__o7FWgqB8mFXO3gjaXyoA9mTToyEtuCrwGAE/pwaPzRSjdz0BagHxmIX7Dk_B1CryrHOWiqg8Ii5PxXhwCAFlsSL4jWOsTj2n8op6KTj0LfRgElMZzwDVp0ABT_PGzCdH-6poCrg7VkJ4iTJxvKvIWlmUC5eYLeUy8NRA8w6-IPkKVGMIRpzhCKs0G8oVY__00E0eoWzaPuOQEXQtjJMpXN88inpS-PPKLpVDQZSRTLKmPb47BqNDwxEtc8B6AX7nziFF24OBKwgiBF93vgFxDJIajp0vrVa71ijUgkVV7PlRpMpYPSWMctHBKpmQi5mzIhNxDZkap0DkESCeL43fJRsIkiKLcplZk1Qzx79Eut0siQAUejdUR6otuJsWVq72fXommFJe2z1ArE4ohkwS46LUSxLS58drxRtp6peE-vix_WL2rxx4yLDxv-UBqBAO6J59jqPypi4_cxIgdUS76vENAkneRX0gx-32Kyr9ffUyc-6-uf0SwC4vJNrnT7ja7Z4M4h7uKN2-m4-Ckvs9zHyfPZFpvl2ZI9dcYmjNJ9OxWXTgf5CfPZKjElq_Ws0PSexnJV7I3RqxxrLMEDEwfY7ZYo44ehLcuofGf8f7UAupeWKWByXGEZXM6sFkwq5cfwzTK4qIMX2xIn7Vfgr1cemf1Q7i48bKYrhk0_OFyNoM7kgdnWWTIDUGtykOXG7ooyRGyo4rxMeTqX0_R0xHH86ikRFKDIGWIri91glizJgsv82NXhMgradccxlH-5KSfL38BTTeBrBwf9xDOp7IsGHwjcDhA0uXweec7i1EUiQ3bAymHGmBWcj53fTDoX-HwLaoQiL7-8Z5vLBnQTPcJG1t7rCP7afiHkOlbZoGZUHscpx-R2SDxcMOQp5N6S_bkofp1LC9eAalReNg9DZl9ebxAqnia79_fARGeBvXOn_fmwQqE6xPUANCE3FRM9_L3kie1OUyEwlQU47FS0Kpept9D22n_vweLnt4LmTfAdApKKgSl1qUerBubORDlR4ADvIyXpGOxRFTIJxahxVi586goqpUmDXKU8_A0ihQkt3PLFXwbRubNSvK2Q6BUIqa60xMLfVeScJBrczM0XssbZzUHI3xYuEbm6ZmnY1RU6kpoCzxRlOSvAl7mNMOXmwhnDIHGsos1bEikYKw0fkBZ4DYKy4DoJTeOjB5wx5OtgwGYW5QQetQbTDdOjPr1k-wV669hhbu8Ig6pCgUgfNEiLzKpfRCFGEuVtwosRlyl6nEEbkwwWFW8hp43_mnr3jTx_-tMelKbSFopvozxmwTYEjXuzRjb6F48iuxboN7zc97Irzkvxoe1c68gSuNtCYJDLofgIHsNTsEDUFDY1uq4x7gdxy6zkUxKglxf6Vaf2hv5sTZ_xVOwMA2RATUTir7HsCWVzhf3fYnyl_cf57HHANUFs645wnQeLkqUYHdKZ1ya1gp3F1S63BZWTGMx07nLvAiSZgRobkb8pVhw7H6XGqO6ay8dTMvmG_bIyZsjga1CII6d7wrDfyD45UQ9sep8g/ HTTP 302
  • https://adx.g.doubleclick.net/pagead/adview?ai=C10vYtiadZIPTOs-KlgTKp57wAdja8_FwqIafhpYRrcr93wUQASCD_eYfYI0CyAEJqQJcAregGkayPqgDAcgDmwSqBNwBT9Azx6ik_bYx8JueW_WrT-jQlLo-WcxIC1LCBIAtjlWl6yZtTgV7b5imZXaV0yeU8xOdY97PA6UvxvsNtVHAcT60N1UaFGVkS8UdiJuZSI1uyoMT8MoupfU2O56uPkEL1mJwQ7n6FmHKOllu2kecJCWqnzkjQe99LoOALpdzDZXjtK5jv9-H7Y4aNKJvciOw4yUmfRQN09DUuXFQ24ubb2Simng3H_ax1HsVdlxVCxF4KbPAEZXUQRgZuFIHNinksu1TE5sG6wdEOwj35mbErd30q3h09lUKDkSbrMAE1bvyp60E4AQDiAWs4_yrS5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGd4AHre2s5QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDdqgQYhqrA7AHSCBQIgGEQARhfMgKKAjoCgEBIvf3BOvIIGWJpZGRlci1tZWRpYW5ldF84Q1VQRVBLSTmACgTICwGwE57L1RPIE4i7_OID2BMK2BQB0BUBgBcBshcICgYIABIAGADoFwU&sigh=m_hVcoE_rZA&uach_m=[UACH]&pr=38:0.071&cid=CAQSMgBygQiDYoP9H17zLT12MvoFBBz1TJt743n_o7FWgqB8mFXO3gjaXyoA9mTToyEtuCrwGAE
Request Chain 401
  • https://aws-fr-sync.bidswitch.net/sync?ssp=medianet&dsp_id=16&imp=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&google_hm=Y2E3MTA1YWQtYTc4MS00OWU0LThhMWItNWYxY2U1NDRhMGRm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFkPIwhZUQ4veshJnGlwAMk&google_cver=1&ssp=medianet&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 406
  • https://ghent-aws-fr.bidswitch.net/imp/0.071/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RCCtLatiadZMrgOsqrkdUP1uyysAHY2vPxcKiGn4aWEa3K__d8FEAEgg__3mH2CNAsgBCakC192DYntMsj6oAwHIA5sEqgTcAU__QAmK41CpgPJOTNG9Ob5jojsGULnv9c2m7veY86pRyxk4Sjcu1ymrBhshmNRuamB07__dssc9__Zb6ATsXFOZoyef57hfX-Ns4nN7y-UwLDPFRbFgfh8MrLwMo14mJZIdv8W1jbtY7Op50AQui5T6__LMYbWZiMZT6w__RhSYDEGyPPTYb82k8DFd8__6lBrgYXvecMprHXzA-jIX0exf28PO5fypNnPKd5UvoMV5SMr2PbIUAdP4jm__6VrroZz2oasLIby8Y0ELGiTOPEHtYClpmW-DNcBBPtoJ6sLMO7ABNW78qetBOAEA4gFrOP8q0uSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBneAB63trOUDqAeOzhuoB5PYG6gH7paxAqgH__p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ3aoEGIaqwOwB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBliaWRkZXItbWVkaWFuZXRfOENVUEVQS0k5gAoEyAsBsBOey9UTyBOIu__ziA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcF_Jsigh_Rv__iW7vKxX6Q_Juach__m_R_EUACH_F_Jpr_R38_A_I_WAUCTION__PRICE_X_Jcid_RCAQSMgBygQiDH7vUjeYpZ6sz5OfriVeR4yfOPO1x9jNORME2XgLjae-ixSe-ytV7yegxxXtRGAE/_lbsgVIovpLHEvaFJ2HHP0gDAxv3mi5OI94smABQFVT_YnR5yNWC6JmKp9rKdLcpRiq9ACPoDc9OKCqY4Il1ARus1LoO28rA22yngGtn0pnAASRla7JRB1xvqYYTGogt8jZrXa-oMXyXkey8OAc8U0XKGUT2KOKbNtkKnqY6cYPpQduwZpFoTVvbbmCQyHSZRAQHFFQp_WF_dL_bmWhG0Z15juMl0_9B3761pHbYDSzNaPg-qwtDmjyUK7_xxFXgB2n4ZpmKLxT4ZHwfBGbap5c4ClfI_OjjmoRXIml4vGQkKi12Z-XuDsIQAny8aA2qJbecYL0522W_Z_k1kI-Aj1BwQqbidZilf6HPWQcEzaSUK648rw1X0MUjBvhlSAcO86P1bcE_Z10FJH965ZrcrQNNpAdpPwUHGO6O_F1b7PjtfVWlY9ZSJffBRbjF328Y__xVmYQdzUR_5AAmURvgUjyFqVBfS8ZYXB4v6CbAqwxuv2eSGwWjWtyKCYjiHln-BthlhYuSBtBmu8gI1iHViw7daPq5vmvFrCwBK9U8iSpff7bwuxx53GrKy1bTRKlYWIFSipLYRvv79aIVV0VK5HCmEr83HDvZITW2VBMUGTMKToGr_ooizDDWo9UuOzGXy6STalNZ6iqpZQxKvfxo3EEZYUdlHCjssanXMFTsBsXGzyxPh4mZ5iHJdzDjxlJ-3d-e2NjKiBEWxQ8BLS9PeVeu7pb79txpiAcDX1YnYUCBHkoG8cBkrUGw8Q-XTs_nYU114pS2bhLevPNPOdXPkU8Pt3zrQvP_-gDaSc7hqdgccVMaRNCPtjnZRGURW5BADRAWdJoTDRJ2DNAXlW7qRk3fXDP7T4lo8S29PflAqebEJy9WRPC9Tdtv1Bf8mxdbWi-ohaAkc9jGXmvpZjNhLvqIV9fSEprkaqF8qDVxEyP8inEzpj84q8pZBMRpRPF8M4IQWAfluE7hG40CuBS6aj7krDVVPONQwlTkPyNgk_zWqrccxQPlzr8q68CMqyoS5BS5mtzM2E2DxXE_C3kcfahzQFEsrdOKgtCNjjiujY_AfPPyVMUHnxACVxDjmwRs6YvPih-2H04gudVrqeEYIAiDmdJOmjeV_0HEPCAO3jPbNGCa08-QX8wehbvH1rZecMwX4fe_dTupYUFRtBVRnzLBJH3Pc4RT8OnKTG_njNIyHzWMgV9oDAXe9q6Ibu4z6d2aENft7cz8iGkcwqUjP0z6Gi754lsQYRBGcrzQxGQLfVjtqNs2vCaPzzf-fwRmqeWZaYtgnkOdnYjiq1IK5Sn2gdIdGk8FbFw7_UzE3PcRszgpnVHiWcvgBHYKcln7pUDMRO5QU09Vhv9vJblni7rsRNSxh3Kay1Ds0gmKsOrHOm26lYDu5blNx3k5Osw9REifAUG2SYUtaiFsOLHwnbAVXWy0aR9PmJdQSdHSBlgZfvFNabeiDZgEfwY0VBZD5tjX7ytm4z4-6biZLMx0YOzTo0tLPICeQNSzLGBrYEo3g2ScSk0GlTJyNaKo5vsydO4/ HTTP 302
  • https://adx.g.doubleclick.net/pagead/adview?ai=CCtLatiadZMrgOsqrkdUP1uyysAHY2vPxcKiGn4aWEa3K_d8FEAEgg_3mH2CNAsgBCakC192DYntMsj6oAwHIA5sEqgTcAU_QAmK41CpgPJOTNG9Ob5jojsGULnv9c2m7veY86pRyxk4Sjcu1ymrBhshmNRuamB07_dssc9_Zb6ATsXFOZoyef57hfX-Ns4nN7y-UwLDPFRbFgfh8MrLwMo14mJZIdv8W1jbtY7Op50AQui5T6_LMYbWZiMZT6w_RhSYDEGyPPTYb82k8DFd8_6lBrgYXvecMprHXzA-jIX0exf28PO5fypNnPKd5UvoMV5SMr2PbIUAdP4jm_6VrroZz2oasLIby8Y0ELGiTOPEHtYClpmW-DNcBBPtoJ6sLMO7ABNW78qetBOAEA4gFrOP8q0uSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBneAB63trOUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ3aoEGIaqwOwB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBliaWRkZXItbWVkaWFuZXRfOENVUEVQS0k5gAoEyAsBsBOey9UTyBOIu_ziA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcF&sigh=v_iW7vKxX6Q&uach_m=[UACH]&pr=38:0.071&cid=CAQSMgBygQiDH7vUjeYpZ6sz5OfriVeR4yfOPO1x9jNORME2XgLjae-ixSe-ytV7yegxxXtRGAE
Request Chain 407
  • https://aws-fr-sync.bidswitch.net/sync?ssp=medianet&dsp_id=16&imp=1 HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=medianet&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=medianet&gdpr=0&user_id=SBJeqkwQBflTFFP6SxdK908UV69TF177GEKyNJ8G HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECaKiKYsNKofsDV0eL4A3aA&gdpr=0&google_cver=1
Request Chain 411
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=ZUFIT0o0ci1DZ2c
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1&gdpr=0&C=1
Request Chain 413
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ0mvQtWexvIYPdjyyVskAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1
Request Chain 414
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGxOQI-I2kX2APDwKhbYHUY&google_cver=1
Request Chain 415
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNjYzOTA5NDYyMDkzNzM5NQ%3D%3D
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOLG3jTKfkpeLQVO6YEjqvA&google_cver=1
Request Chain 417
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Y3MGFiMzg2YzgyYjZkZDU3MjkzM2JkMjIzNjljMDhiYTYxMDYwZg&gdpr=0
Request Chain 439
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 440
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Drkt%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206703533310222704262523000V10&ovsid=5144588525469845757
Request Chain 441
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dapx%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=apx&refUrl=&vid=80206703533310222704262523000V10&ovsid=7226639094620937395
Request Chain 442
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dopx%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=opx&refUrl=&vid=80206703533310222704262523000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
Request Chain 443
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dmma%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=mma&refUrl=&vid=80206703533310222704262523000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
Request Chain 444
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D%5BRX_UUID%5D&cb=1688020670768 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=121897633 HTTP 302
  • https://sync.1rx.io/usersync/turn/8613285097639594033?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3DRX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzMxMDIyMjcwNDI2MjUyMzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
Request Chain 446
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=dxu&refUrl=&vid=80206703533310222704262523000V10&ovsid=c5x33qow1QeLhS5
Request Chain 447
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
Request Chain 448
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dzem%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=dWag9UwpasalZFgXaaHq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ4LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU4DAMRQGY3TAMZVGMZTGMJQGIZDENZQGQZDMMRVGIZTAMBQKYYTAJTWONUWIPJTGMYTAMRSGI3TANBSGYZDKMRTGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ4LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU4DAMRQGY3TAMZVGMZTGMJQGIZDENZQGQZDMMRVGIZTAMBQKYYTAJTWONUWIPJTGMYTAMRSGI3TANBSGYZDKMRTGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206703533310222704262523000V10&vsid=3310222704262523000V10
Request Chain 449
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3310222704262523000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3310222704262523000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=7cb5138a-a4b4-4a6e-af62-319634a85fa2&cs=1
Request Chain 450
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Request Chain 451
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262523000V10 HTTP 303
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262523000V10&_li_chk=true&previous_uuid=227d4c8be810464594d291f975832c66 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=227d4c8b-e810-4645-94d2-91f975832c66 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a3410a52-6f0d-4655-8b49-a311a5aa9655%3A1688020673.9161553&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da3410a52-6f0d-4655-8b49-a311a5aa9655%253A1688020673.9161553%26_%3D1688020673.9202669&cb=1688020673.920305 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210825728788286&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da3410a52-6f0d-4655-8b49-a311a5aa9655%253A1688020673.9161553%26_%3D1688020673.9202669 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a3410a52-6f0d-4655-8b49-a311a5aa9655%3A1688020673.9161553&_=1688020673.9202669 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdhMzQxMGE1Mi02ZjBkLTQ2NTUtOGI0OS1hMzExYTVhYTk2NTU6MTY4ODAyMDY3My45MTYxNTUzEAAaDQjDzfSkBhIFCOgHEABCAEoA HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7226639094620937395
Request Chain 453
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 454
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Drkt%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206704063310222704262523000V10&ovsid=5134455419784315997
Request Chain 455
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
Request Chain 456
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3310222704262523000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3310222704262523000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5a5f7648-15f1-4a9c-9c9f-27746a1d8f78&cs=1
Request Chain 457
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Request Chain 458
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262523000V10 HTTP 303
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262523000V10&_li_chk=true&previous_uuid=e5e780eeba604dba9e560e02c249b7e7 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e5e780ee-ba60-4dba-9e56-0e02c249b7e7
Request Chain 459
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dapx%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=apx&refUrl=&vid=80206704063310222704262523000V10&ovsid=7226639094620937395
Request Chain 460
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dopx%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=opx&refUrl=&vid=80206704063310222704262523000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
Request Chain 461
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dmma%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=mma&refUrl=&vid=80206704063310222704262523000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
Request Chain 462
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D%5BRX_UUID%5D&cb=1688020670770 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=842198302 HTTP 302
  • https://sync.1rx.io/usersync/turn/8180939533412026417?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3DRX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Request Chain 463
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzMxMDIyMjcwNDI2MjUyMzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
Request Chain 464
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=dxu&refUrl=&vid=80206704063310222704262523000V10&ovsid=qK68vac51QeLhS5
Request Chain 465
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dzem%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=dWag9UwpasalZFgXaaHq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ4LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU4DAMRQGY3TANBQGYZTGMJQGIZDENZQGQZDMMRVGIZTAMBQKYYTAJTWONUWIPJTGMYTAMRSGI3TANBSGYZDKMRTGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ4LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU4DAMRQGY3TANBQGYZTGMJQGIZDENZQGQZDMMRVGIZTAMBQKYYTAJTWONUWIPJTGMYTAMRSGI3TANBSGYZDKMRTGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206704063310222704262523000V10&vsid=3310222704262523000V10
Request Chain 468
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 469
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Drkt%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=rkt&refUrl=&vid=80206704803310222704262582000V10&ovsid=5141210825728788286
Request Chain 470
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
Request Chain 471
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Request Chain 472
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dapx%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=apx&refUrl=&vid=80206704803310222704262582000V10&ovsid=7226639094620937395
Request Chain 473
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dopx%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=opx&refUrl=&vid=80206704803310222704262582000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
Request Chain 474
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dmma%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=mma&refUrl=&vid=80206704803310222704262582000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
Request Chain 475
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D%5BRX_UUID%5D&cb=1688020670769 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5740290157 HTTP 302
  • https://sync.1rx.io/usersync/turn/8541227503601666097?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3DRX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Request Chain 476
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzMxMDIyMjcwNDI2MjU4MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
Request Chain 477
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=dxu&refUrl=&vid=80206704803310222704262582000V10&ovsid=TDXTRvvq1QeLhS5
Request Chain 478
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dzem%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=dWag9UwpasalZFgXaaHq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ4LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU4DAMRQGY3TANBYGAZTGMJQGIZDENZQGQZDMMRVHAZDAMBQKYYTAJTWONUWIPJTGMYTAMRSGI3TANBSGYZDKOBSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ4LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU4DAMRQGY3TANBYGAZTGMJQGIZDENZQGQZDMMRVHAZDAMBQKYYTAJTWONUWIPJTGMYTAMRSGI3TANBSGYZDKOBSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206704803310222704262582000V10&vsid=3310222704262582000V10
Request Chain 479
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3310222704262582000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3310222704262582000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5a5f7648-15f1-4a9c-9c9f-27746a1d8f78&cs=1
Request Chain 480
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262582000V10 HTTP 303
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262582000V10&_li_chk=true&previous_uuid=bd042a6e1282492787decc530c452b30 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bd042a6e-1282-4927-87de-cc530c452b30 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ad759909-9d7a-4c8a-af23-9e6f4fba6c87%3A1688020674.228011&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dad759909-9d7a-4c8a-af23-9e6f4fba6c87%253A1688020674.228011%26_%3D1688020674.2310212&cb=1688020674.231052 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210825728788286&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dad759909-9d7a-4c8a-af23-9e6f4fba6c87%253A1688020674.228011%26_%3D1688020674.2310212 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ad759909-9d7a-4c8a-af23-9e6f4fba6c87%3A1688020674.228011&_=1688020674.2310212 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHL0b_M6tE2P0x6kBLLVV4M&google_cver=1
Request Chain 500
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LJGRX3F9-C-CG73 HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LJGRX3F9-C-CG73

565 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
www.bg3.co/a/ 		53 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d8f195c25996880ce6b43ce207fd518afa7d57fd7d913686c818046100800b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Jun 2023 06:37:39 GMT
etag
"d3f6-Qy4OTGV7EfbFh7F51ZOUscOovws"
expires
Thu, 29 Jun 2023 06:52:39 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
fac65eae91e538682a3d665f71f914b4c23f75d63e108f39bbfedae2d4c18bc9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 06:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72777
x-xss-protection
0
server
sffe
etag
"6a41d305aa203423"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Jun 2023 06:37:40 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
178344d8a56214b7bc40e4cdb926e343768f44325579cf7bafe5cbbc3f68be7c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 06:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9632
x-xss-protection
0
server
sffe
etag
"1be7715a90ff758e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Jun 2023 06:37:40 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
c33278235a168e54782159e0496e4b12c250ddab171c0761bac140d3886280fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 06:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7559
x-xss-protection
0
server
sffe
etag
"6b0e2d9f40a0c5a6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Jun 2023 06:37:40 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWZlOFp1Lre2zxh%2FTE%2BcMuU5Ge59Rs3mqnD5zzzbUc70vrs0rwrjeT0NJyRKDKCBlksABAWbyKRIUCX6diUmzqCK%2Bkyiar43Q%2BFPrPsV8ta3AdgNs1v1nM413feIH9XmTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7dec298bdcb52dc9-TBS
alt-svc
h3=":443"; ma=86400
content-length
40181

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-8.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
92f5f5d72659cb809049c3fd52551188d65a941cfe8925c1e626b59053aaf045

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Thu, 29 Jun 2023 06:37:40 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 06:00:39 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
GE
content-length
9979
expires
Thu, 29 Jun 2023 07:37:40 GMT
adpushup.js
cdn.adpushup.com/42753/ 		627 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.222 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-222.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
81dddce1be81196c89c46e3bd838069039a0fc623fe60d982e9ef656e4812286

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Thu, 29 Jun 2023 06:37:40 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 00:53:16 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=121, origin; dur=201, ak_p; desc="468894_34831774_626475641_32153_997_64_0_-";dur=1
x-cf-geodata
GE
expires
Thu, 29 Jun 2023 07:37:40 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		271 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d929412ab34490caec24266c10135ee96a1c744ac1096c355cbaa0d2c6e9f1aa

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5GVMR3elvrePSm_hp6cAAg5AXI_kB5lD
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:40 GMT
x-amz-request-id
GQ7E04P73F5Y9THA
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
44855
x-amz-id-2
0Pd/+d2Ehe6FfcPF6kbSj7UJmVb4hx6HO81steyTS4OQwLVPVV3R99mwAZmal+CN5CX9RsC0Z/4=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 09:20:43 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020660.424382,VS0,VE220
etag
"0f664493a9eca000d61d9df8370f8881"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
68
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
lift_widget.js
nt.compass-fit.jp/ 		78 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.12.70 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-12-70.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
64ed982ae9833050d92340ca1cb0ce0f39040b94e95741fa1360b135451dcdd5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type
text/javascript
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1688020661.dop227.ve1.t,1688020661.cds241.ve1.hn,1688020661.cds227.ve1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
f05ca160c79abefb746fc6779d785ee6.jpg
static.bg3.co/imgs/202105/ 		0
0
447c673a810ea0905bff087b7d9bdfa3.jpg
static.bg3.co/imgs/202105/ 		0
0
0ca0b0a5b7bbb93781d33282563d096b.jpg
static.bg3.co/imgs/202106/ 		0
0
9f993b8cc6dfe2f823a1e7ac5a28147e.jpg
static.bg3.co/imgs/202106/ 		0
0
2cf00b59f9d399c80649b71b68b4ff27.jpg
static.bg3.co/imgs/202112/ 		0
0
cf01325a4bcc369fb2f2a5114ddcaf62.jpg
static.bg3.co/imgs/202106/ 		0
0
11a9409a27bf2e0836bf9500d1a044ef.jpg
static.bg3.co/imgs/202012/ 		0
0
55719207fbe3144146a7926e06c0851b.jpg
static.bg3.co/imgs/202105/ 		0
0
4286aa1c292d99180dccd2a342dae13f.jpg
static.bg3.co/imgs/202105/ 		0
0
57cd0fb05fae168d6ca82913c8fcd294.jpg
static.bg3.co/imgs/202105/ 		0
0
bcbd99758d8c2b04320ff3b5642f3d59.jpg
static.bg3.co/imgs/202106/ 		0
0
bd4d36e6749517fa60f97943487d1741.jpg
static.bg3.co/imgs/202105/ 		0
0
ffee80187024dea7a845dbc78a017153.jpg
static.bg3.co/imgs/202105/ 		0
0
af4e28d533759a9d5540006a2b5324da.jpg
static.bg3.co/imgs/202107/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012306202201000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
f688b8dfc364b75c1f758c634c63dd4b757b621e31c8cf5337712450c18a07c4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 16:19:08 GMT
age
51513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2964
x-xss-protection
0
server
sffe
etag
"1f9da89531538a7c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Jun 2024 16:19:08 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012306202201000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
dad6b1d729275da998ffe9046246aed006e6e1279f708d2f42f39cc5e087c9de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 16:19:17 GMT
age
51504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23138
x-xss-protection
0
server
sffe
etag
"b74a072d99473e43"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Jun 2024 16:19:17 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
850 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f96874b747df2aa09b3f3f5a2944fb70106877d78587590cfb549338b300003d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
502
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012306202201000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
3a7164362bbe2722e1734674631cdf2b08acf542e8c6bbf2d2938454a1793350
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 16:19:08 GMT
age
51513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3944
x-xss-protection
0
server
sffe
etag
"7a2486b343b544d2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Jun 2024 16:19:08 GMT
impl.20230628-3-RELEASE.js
cdn.taboola.com/libtrc/ 		784 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2f0cd5c2a5f6d95ba5e342e533d01a20829e7ecb820943b20d35ee0b7404d81c

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4BNsD6ispdS0uNJMNn.qACs9b7OGIqnY
content-encoding
br
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:40 GMT
x-amz-request-id
7JSG74AKQ0T7EKC0
age
19599
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
166041
x-amz-id-2
pP40BwdoEbQnC7Lb6q0XQncS1oWodhKtVv+3ud1CKJ1shSl2GfS+bj/wrQdeuytqJP9THSDgO4E=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 09:10:55 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020661.962268,VS0,VE0
etag
"3b26469e6b15f25e09ba22a5c74da8d6"
vary
Accept-Encoding
content-type
application/javascript
abp
65
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
19495
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 04:02:48 GMT
content-encoding
gzip
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
19039
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
mW_CCfEYMNyoA1d7fIHnnP4TENBE8STcl-wsMkpmRP_gfP6kW6WdrA==
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1688020661.dop227.ve1.t,1688020661.cds241.ve1.hn,1688020661.cds210.ve1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
block.jpg
delivery.adrecover.com/ 		631 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1688020661212
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-8.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Thu, 29 Jun 2023 06:37:41 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Thu, 29 Jun 2023 07:37:41 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
177735
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		68 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=06%3A37%3A41.258&lti=deflated&data=%7B%22id%22%3A780%2C%22ii%22%3A%22%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1687944041364%2C%22vi%22%3A1688020661255%2C%22cv%22%3A%2220230628-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%2C%22vpi%22%3A%22%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2997%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1170.265625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
874c6b5d04c199358682192181954d1f747b9a951a7d233beda91ebc056bb093

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
702
date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
75736
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-mxp6921-MXP
server
nginx
x-timer
S1688020661.336541,VS0,VE702
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
254 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-232.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		371 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.222 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-222.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
bca22b8906a0fcf316d42d0a0e41aa2291afce21ba6c8e41b7c5e6e6da0d480c

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
br
last-modified
Fri, 02 Jun 2023 14:36:08 GMT
server
nginx/1.18.0
etag
W/"6479fe58-5cb64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=26, origin; dur=0, ak_p; desc="468894_34831774_626476718_2683_1301_61_0_-";dur=1
content-length
102722
expires
Fri, 28 Jun 2024 06:37:41 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.222 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-222.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468894_34831774_626476721_153_882_61_0_-";dur=1
content-length
211
expires
Fri, 28 Jun 2024 06:37:41 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.222 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-222.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="468894_34831774_626476720_2222_1018_61_0_-";dur=1
content-length
18371
expires
Thu, 29 Jun 2023 07:37:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
7053e1e13532d1bfe4c971020ebedfede230c3076f0d8de3dd17d04801ff9e22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25895
x-xss-protection
0
server
cafe
etag
768 / 19537 / m202306260101 / config-hash: 7472368790766015396
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:41 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODgwMjA2NjEzODYsInBhY2tldElkIjoiMDAwMEE3MDEtOGEwZGFlYzAtYTg5NS00YTQ0LWEyOGYtMGZiZTY2Yjk2NTNkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2d1aS1taWUtcG8tNHlpLWNoZW4temh1LXNoZW5nLXdlaS1udS1lci16aHVpLXBpYW4uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiR0UifQ%3D%3D&c_b=3294
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:41 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:41 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012306202201000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
02efaa0a75ba4e31a44f968b5dd3ab5a37217a996e6d300b0a9de67ee37982ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 16:19:17 GMT
age
51504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10354
x-xss-protection
0
server
sffe
etag
"4accd3ae87560611"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Jun 2024 16:19:17 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012306202201000/v0/ 		215 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
3bcd512270a10e883d5babf88ce6465a409413382ad0bcda77b36f11fd386d97
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 16:21:34 GMT
age
51367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58132
x-xss-protection
0
server
sffe
etag
"823ef9f0ed55dd63"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Jun 2024 16:21:34 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2ODgwMjA2NjE1MTcsInBhY2tldElkIjoiMDAwMEE3MDEtOGEwZGFlYzAtYTg5NS00YTQ0LWEyOGYtMGZiZTY2Yjk2NTNkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2d1aS1taWUtcG8tNHlpLWNoZW4temh1LXNoZW5nLXdlaS1udS1lci16aHVpLXBpYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJHRSJ9&c_b=3423.3999977111816
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:41 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2ODgwMjA2NjE1MjIsInBhY2tldElkIjoiMDAwMEE3MDEtOGEwZGFlYzAtYTg5NS00YTQ0LWEyOGYtMGZiZTY2Yjk2NTNkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2d1aS1taWUtcG8tNHlpLWNoZW4temh1LXNoZW5nLXdlaS1udS1lci16aHVpLXBpYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkdFIn0%3D&c_b=3428.2999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:41 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1688020661523&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1688020661523&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhu...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1688020661523&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&c8=%E3%80%8A%E9%AC%BC%E6%BB%85%E3%80%8B%E7%A0%B44%E5%84%84%E9%99%B3%E7%AB%B9%E5%8D%87%E7%88%B2%E5%A5%B3%E5%85%92%E8%BF%BD%E7%89%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
uidUlThHUbLJALRuN7CeNaLBlplNgSpu3FquQfleHJSi95HyQbjL9Q==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 29 Jun 2023 06:37:41 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
location
/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1688020661523&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&c8=%E3%80%8A%E9%AC%BC%E6%BB%85%E3%80%8B%E7%A0%B44%E5%84%84%E9%99%B3%E7%AB%B9%E5%8D%87%E7%88%B2%E5%A5%B3%E5%85%92%E8%BF%BD%E7%89%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
content-length
0
x-amz-cf-id
6aVa0w0ofrG_yhuY67liENneLdUtJnFn2yfTHHk_AC2nBb914kMzdQ==
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODgwMjA2NjE1MTcsInBhY2tldElkIjoiMDAwMEE3MDEtOGEwZGFlYzAtYTg5NS00YTQ0LWEyOGYtMGZiZTY2Yjk2NTNkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2d1aS1taWUtcG8tNHlpLWNoZW4temh1LXNoZW5nLXdlaS1udS1lci16aHVpLXBpYW4uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiR0UifQ%3D%3D&c_b=3433.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:41 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 06 Jul 2023 06:37:42 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012306202201000/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
b8309a4ac613362e890e4e818e5324efd8e2cd4184d29ff180a35ae42f9b67b3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 16:19:08 GMT
age
51513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32043
x-xss-protection
0
server
sffe
etag
"e1e90853d30957fd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Jun 2024 16:19:08 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
480 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
nameframe.html
d-38156135323971525513.ampproject.net/2306202201000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-38156135323971525513.ampproject.net/2306202201000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4040
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORfXnTGee%2BEQh17hgUnswhACF%2FMUv37%2Bm9IToWLzk2KmmA80Y0VY2Hn%2B5jITCzk%2BzuVZ89GD0Np5gphMroHNfXO99qqkCWYrTAQ4gvLmqls9ssLi8rC%2BYgWp552OKBx76A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7dec299139aa2dc9-TBS
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
41818a7ea7ce1cf3b16f80fc8af5607be73b6cd6c417eda63f8c9ba378490944

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:43 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
41818a7ea7ce1cf3b16f80fc8af5607be73b6cd6c417eda63f8c9ba378490944

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:43 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8712201102433974&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.20153121382187233&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230629
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a9f14af6f91e14e4b41a7f8116602d52683440d11bf4a4330fb2d6b0b1fe4702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Jun 2023 06:37:42 GMT
x-content-type-options
nosniff
content-encoding
br
age
9414
x-jsd-version
1.0.1735
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
859
x-served-by
cache-fra-eddf8230025-FRA
x-jsd-version-type
version
etag
W/"641-tCGjpuR0GIlPEnqg2P3cjE1ahTA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
auction
tlx.3lift.com/header/ 		19 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.88.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-88-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 29 Jun 2023 06:37:42 GMT
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
66f54f0349abfe5bc81ac8332ccc1b38fed20407d8a2d7264983e60fc7629983
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:43 GMT
AN-X-Request-Uuid
462d6b64-fc35-496a-9dc6-26d91fa543d9
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.88.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-88-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
35a6e65d88d481de2f84f9b067fcfa9287efda970bd3e303b3575ae03b12718d

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.121.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.88.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-88-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f5cf01600c880fa1866bf461c3d9b749e2d49e512df97a074ccc8e9e3cc93cdf

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.121.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		350 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=7c8908d3-0954-4c21-a61f-0247a50faf79%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=80a958ca-1270-400b-abbe-4eaf47ee6ddd%3B497a049b-d6b1-4509-a541-82f4bd20a103&l_pb_bid_id=32e3285af4c92b7%3B33b356fa8e072cc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.8784883871313358
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.21 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2a3d7f6fad6fec0a93faa7db5f2d073f05c1d9403b90f86b0e059043a32d4064

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
10
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=12212238100
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 29 Jun 2023 06:37:42 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 29 Jun 2023 06:37:42 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid
prebid.media.net/rtb/ 		50 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
047a7ee63b3cbde213a291bdfaa9e521963c4cd49c11dd754685d0e31bb2f2a7

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Jun 2023 06:37:42 GMT
cygnus
htlb.casalemedia.com/ 		21 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2249c1676911c984b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A8%2C%22msi%22%3A8%2C%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A2%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2256172f39c9f1556%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2260b637524aa2b4f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227c8908d3-0954-4c21-a61f-0247a50faf79%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f29ce41863ad9cbef67bf38faa1e5eb7365aa22ce15954e81d573cb73256d61

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epiDf6mGAOBmLAzwqCczcRPlPIi8lCaZXsMvrNpnkVwRU3H4eiiUAiqDNDiTisvt0NH1myUG19Vb7826R5hJyHJncyHjZTDE1vSeiHBWfsP1lQQl8VB4JgLqrq6M16ECo%2BiNFMEx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7dec29935db12dc5-TBS
alt-svc
h3=":443"; ma=86400
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2249c1676911c984b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A2%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2260b637524aa2b4f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22970x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B970%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A970%2C%22h%22%3A90%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227c8908d3-0954-4c21-a61f-0247a50faf79%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d027f57b08317fe97ab28d2065a255e5b87ebfd969ab6a4d6f82c412c6117f3e

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc0FUCbtlYGmhtjtddj1kM314%2BWoPsdvIAdeLN32E5KUWFTouKsozoKKNkeJRzGLwtj2pG856qjHFdOAdy%2B5SNk1bunENVfT46mNhGxgXUYtkZq8OABZe14MYeGu9KjyD9J0abQY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7dec29935db22dc5-TBS
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
hbjson
grid.bidswitch.net/ 		30 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.101.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-101-248.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
00f91b07972124f871fa19c2526437fc493aaadca8b98b984023285f74734616

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 29 Jun 2023 06:37:43 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
14079
adreq
ads.servenobid.com/ 		723 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6568
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.232.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-232-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8a819581cd007de0e5f3d654ba0fbf9bb1e8c492d844ab9a6223481ac464cf60

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
arj
adpushup-d.openx.net/w/1.0/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3a44c284-c4f0-4cef-b8be-7a8231f33184%2C2edf6477-4c33-4e6c-9032-cb3cfed5e721&nocache=1688020662104&pubcid=7c8908d3-0954-4c21-a61f-0247a50faf79&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C970x90%2C900x90%2C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&aucs=%2C&auid=545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
73dc667fa4a43981b56fa0127f4632b777b15a495d49555015fc315e57999533

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3548
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8adcebc4-aae4-41b6-afc7-bc6d74014ea9&nocache=1688020662104&pubcid=7c8908d3-0954-4c21-a61f-0247a50faf79&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=970&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b1138adb-0f97-4011-89cb-a9901474390e&nocache=1688020662104&pubcid=7c8908d3-0954-4c21-a61f-0247a50faf79&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
floating-unit.20230628-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230628-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6598ee9914f891aacfab8ada6bd6716d299987f07687ffdb138af656972e02a

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pftMIyh7Cuo.eLk6JHIqBbc_14_szFS2
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
0YDN2VNB6JNX2SRY
age
55964
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
6oErbTScjjZIEthUTc+FHetS/hg9NLXJnYhs/OPj41/K2xa+pipf8t4huwmHKGKCPnMPl11IHi0=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 15:04:58 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020662.265411,VS0,VE0
etag
"0493df5e121141ac4169287fa03ec16b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3850
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.0.6/ 		113 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa9230eb742fe60368d3a007ec3e93bb89d0673456c88ecf2d0672fc7922b5f3

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
via
1.1 60bea04c75a4b2bbfcdc758c2757084a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP63-P4
age
250310
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
30644
x-served-by
cache-mxp6921-MXP
last-modified
Mon, 26 Jun 2023 09:05:18 GMT
server
AmazonS3
x-timer
S1688020662.301510,VS0,VE0
etag
"eeeb206035e121ddb8447db9b8809b5d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JS936xI_IaQtphWamAjRjMwTcRFzSpn8CeeAg6H4n6cCB05VAqRm1A==
x-cache-hits
17991
feed-card-placeholder.20230628-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230628-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dae0446a1cb8c9ad36908d1a8608b372bb1a620aa703a9794927111e365b947b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
s6_mdIDHt7ZMrwK8THh8P.1uB49od_HB
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
QGFNDN1ARKYVWVBR
age
55969
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
L7SJqIazrDIvbc1DufeX12LVLc4sRDlpSvgjxtUBsyrL57jUNjWctB3idm6QpBkTe4UKuXg7YPA=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 15:04:53 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020662.271476,VS0,VE0
etag
"607553e643c46abde5b3a288e580807c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
54547
userx.20230628-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230628-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7955a616e04f3801e3fff07b410d915a89f19d35ee54940d076387440a9ca409

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YCtETaZZJTJQse4jr16gUHxB8XiCzXjr
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
65VP9DX6S7B1M5CM
age
55943
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
hkItZOj7XxphA+rvRpNcWvvhRZslUdoFIa93GWU0Pgk//SqVbWpuN0A7IOWLnwGZbhkBxP++ptw=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 15:05:19 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020662.301481,VS0,VE0
etag
"4b725d75507974c1ccfcec4dced1d05b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5078
distance-from-article.20230628-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230628-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b98214c949c38421ee9244d06d44a465e4e6f6a98f31dc3dfe84493bb08bc66b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eThsNAuZT.TbBWjc9ChwgKqCue8GtnEb
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
4R02W7217KQZ221V
age
55973
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1135
x-amz-id-2
2pCLfIQ4f/ffOmYbw9HcWePpqqgp1n93h4iMVXKMH3mqCHQy9a0ZvKhSeOFf5MErkGcGulmN2qA=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 15:04:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020662.301675,VS0,VE0
etag
"38f5d53dccad2f151da2c1742a59c530"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
5
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
53125
article-detection.20230628-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230628-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfaa1287c89aefb71b298062d721d72cf76a861d08efbc39aeb69fc731a50914

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8RzmDP47ZY_B1OVa_BqJc2aNjOuGPXut
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
C2AXDVTEFYFG0KEY
age
55980
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1236
x-amz-id-2
6QwLz4eWKHDEZcLOX8lFJjEXH92RmhyYaEHweTF6T7DEooVDvJSOiReg1M/7/muzzFQYD/fWfnA=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 15:04:43 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020662.302077,VS0,VE0
etag
"023dd2af26577e041aaeedd6890b0756"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
53114
explore-more.20230628-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230628-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0bb590b8a0d65bf47f57dbd4d01caa5c4de8eed63594d04c2272771a6ac832e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gS5H7OpiLI2c8PfYJHGf.kmTnBKFSr..
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
T05AMXRDG5RXB5S0
age
55970
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8242
x-amz-id-2
QbPeP09uAsyc59fPW0i0Zha5DBf9gbSqfh/lY2Rk+HGnNSd2uByKV1Ooa75LSAyksYy6mnedq4Y=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 15:04:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020662.340156,VS0,VE0
etag
"a877c08eebdd2325f1171d7a14f329b5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
66
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
34831
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=06%3A37%3A42.193&id=814&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1688020662196%7D&tim=06%3A37%3A42.196&id=2712&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-skip-vignette%22%2C%22type%22%3A%22%7B%5C%22skipVignette%5C%22%3A%7B%5C%22reason%5C%22%3A%5C%22no%20recommendations%5C%22%2C%5C%22details%5C%22%3A%5C%22%5C%22%7D%7D%22%2C%22eventTime%22%3A1688020662197%7D&tim=06%3A37%3A42.197&id=1022&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1688020662215%7D&tim=06%3A37%3A42.215&id=3337&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.261&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-a-delta&llvl=2&id=2780&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109109
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=06%3A37%3A42.263&id=7490&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.271&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=441&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109109
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.273&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=5564&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109109
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.275&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-y-delta&llvl=2&id=6714&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109109
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.276&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4053&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109109
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.279&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5163&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109109
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.280&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-y-delta&llvl=2&id=9442&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109109
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.282&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6761&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109123
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
SM64PABGMRG8J5RK
age
98
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Vc0ugujo7XKoeagit2IOEwch92U/SIaxPVZBgq+e5/wbBmankivo/ARaYPpZfIClpwc2Lx47wdg=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1688020662.359424,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
28
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
125
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/ 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a9262e4f0004178b2eb384213e53dd3e0c71eb13584d3f6b6dba57437014c1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
71282
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127813
x-xss-protection
0
server
cafe
etag
18191761431352456992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 27 Jun 2024 10:49:40 GMT
json
trc.taboola.com/palmate-bg3co/trc/3/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=06%3A37%3A42.312&route=AM:IL:V&lti=deflated&data=%7B%22id%22%3A304%2C%22ii%22%3A%22%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB%22%2C%22ui%22%3A%2287f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35%22%2C%22uifp%22%3A%2287f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35%22%2C%22lbt%22%3A1687944041364%2C%22vi%22%3A1688020661255%2C%22cv%22%3A%2220230628-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%2C%22vpi%22%3A%22%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3281%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1440.265625%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40e17afdc655e6fc22f562ef02dfd2803db8f5cddbf5e2bbb5b560046e913755

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
801
date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
77266
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-mxp6921-MXP
server
nginx
x-timer
S1688020662.393351,VS0,VE801
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
b54be13251b555b938eb201e9a3e4069.jpg
images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_694,y_506/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_694,y_506/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b54be13251b555b938eb201e9a3e4069.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf142827230aae290d75739dea52429ee85ce26fa4b0c28bd0641d9ed95dae3f

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Thu, 29 Jun 2023 06:37:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_694,y_506/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b54be13251b555b938eb201e9a3e4069.jpg
age
3695224
edge-cache-tag
374988108737447047138030717439828515903,306459362203997476148909272074869557533,29ecf9b93bbf306179626feeda1fab70
cache-tag
374988108737447047138030717439828515903,306459362203997476148909272074869557533,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
304
expiration
expiry-date="Sat, 10 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://abc6onyourside.com/
content-length
35194
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100033-IAD, cache-iad-kcgs7200130-IAD, cache-chi-klot8100161-CHI, cache-iad-kcgs7200106-IAD, cache-mxp6921-MXP
last-modified
Wed, 10 May 2023 05:33:22 GMT
server
nginx
x-timer
S1688020662.398480,VS0,VE14
etag
"0cbe12c0a29150468737386c532891b8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 45, 1
b8c75a5e-a145-45c6-a2f6-2da7605ebf5e_1000x600_c6736a202a9b322e0713f47a58b0b87c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/b8c75a5e-a145-45c6-a2f6-2da7605ebf5e_1000x600_c6736a202a9b322e0713f47a58b0b87c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cc0d80482314cf7c3d682e03ab88abd3e6c40ce60edf6b95da915283b030270c

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 29 Jun 2023 06:37:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/b8c75a5e-a145-45c6-a2f6-2da7605ebf5e_1000x600_c6736a202a9b322e0713f47a58b0b87c.png
age
3351194
edge-cache-tag
364717233692718741517924419568517957304,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
364717233692718741517924419568517957304,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
184
expiration
expiry-date="Mon, 12 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.jagran.com/
content-length
6690
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000057-IAD, cache-iad-kjyo7100050-IAD, cache-lax10644-LGB, cache-iad-kiad7000125-IAD, cache-mxp6921-MXP
last-modified
Fri, 12 May 2023 11:34:55 GMT
server
nginx
x-timer
S1688020662.398459,VS0,VE9
etag
"4f1543d7981f7ee6aa57be63bac4209a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 60, 1
b57d2b01c86364d05c3e2828aae624ff.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b57d2b01c86364d05c3e2828aae624ff.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
290a62e833b31b9b78c0634d8e03e414b1f7e539a6efc30eabc31307f56f4242

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Thu, 29 Jun 2023 06:37:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b57d2b01c86364d05c3e2828aae624ff.png
age
3353153
edge-cache-tag
529035348702061502282204788022712146442,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
529035348702061502282204788022712146442,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
133
expiration
expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://wandern24.eu/
content-length
12420
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100135-IAD, cache-iad-kiad7000077-IAD, cache-lga21946-LGA, cache-iad-kcgs7200176-IAD, cache-mxp6921-MXP
last-modified
Thu, 11 May 2023 16:01:22 GMT
server
nginx
x-timer
S1688020662.454401,VS0,VE6
etag
"d0373bf6026f2fc9dead4aef7e4c93ee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 27, 1
3b5aec30da4304a22ac1670248e6173d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b5aec30da4304a22ac1670248e6173d.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9822b5b1b2afb77878fb18258fb89cca34b097ae0ed636613a338c5f855b577e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 29 Jun 2023 06:37:42 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b5aec30da4304a22ac1670248e6173d.png
age
1264329
edge-cache-tag
417338456542193597175996517452005178588,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
417338456542193597175996517452005178588,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
222
req-referer
https://www.itasportpress.it/
content-length
13928
x-request-id
85a35a905ed227dde24859f10bc6161b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100024-IAD, cache-iad-kiad7000026-IAD, cache-lga21952-LGA, cache-iad-kcgs7200093-IAD, cache-mxp6921-MXP
last-modified
Thu, 08 Jun 2023 22:19:28 GMT
server
nginx
x-timer
S1688020662.468454,VS0,VE2
etag
"13d1280af2548458b7be8d40dab07665"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 5, 1
googleanalytics.json
cdn.ampproject.org/rtv/012306202201000/v0/analytics-vendors/ 		2 KB
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 16:18:59 GMT
age
51523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"faa9c0f37b801b56"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Jun 2024 16:18:59 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.102.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only, master-only
age
19810
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, same-origin
last-modified
Thu, 29 Jun 2023 01:07:32 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znDT8KTAg1xDfqEe2UhEdluXEgU1BiNCsOFG8XM4glieAJpFhzhIguIenlwRD312u0q1EdqhaeAYxrpvXfTXvIIlv09kNuzrbdvPbVtHwfOFsO3M18qyrR8nhDXtJbnhZkqVC%2FxYQEdmKY15kw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
7dec29975f538ffe-FRA
gtag.json
cdn.ampproject.org/rtv/012306202201000/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 16:19:11 GMT
age
51511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"e835618b3e9f5aee"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Jun 2024 16:19:11 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 05:39:27 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3496
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Fuo1ByMa91wNb2B7A51z8KQzLwWWuPHFeHHLidsRofq1ICH3S2WHuw==
next-up-widget.20230628-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230628-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
554e7e7207a6c30ab55e3e15db330f5f85cfe90ca4d4b9948df1f714f42e6a47

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
T24cDANVVglHMQeUxHk0qylAbq.fTp5h
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
BAG0E2V5VB6MQ4F5
age
55962
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
73GSrEn75fz3G1muIYV1xSwg9jWtQFJpN4yRaXj3jz3mw8KNUNiKX+IyGMwLByAB4tlpMFnQseo=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 15:05:01 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020662.488026,VS0,VE0
etag
"a953355408ebbb66630ad4b1f53eea2d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
0
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3719
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.459&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=797&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109123
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%2218.265625%22%2C%22eventTime%22%3A1688020662472%7D&tim=06%3A37%3A42.472&id=6507&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
im-uid-hook.js
dmp.im-apps.net/scripts/ 		633 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="NOI PSD OTR"
Content-Type
text/javascript
Cache-Control
private, no-store
Connection
keep-alive
Content-Length
445
lift.json
l.logly.co.jp/ 		30 B
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4ODAyMDY2MV8xXzUwODg5NGExZGM5NQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ref=
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-45.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
26a1969149cc9c163f650bb7fb10d05e9ffa266fe9a906e7af4cc7d612565c4a

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:43 GMT
Content-Encoding
gzip
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P6
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Connection
keep-alive
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id
p9N4lzpjWSNr0ST4A5tH8CIvWmey33xk1HCclzFH-3iSTgE6_c92Ag==
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
st
imprammp.taboola.com/ Frame 7612 		422 B
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1688020662701&uv=3291&tms=1688020662701&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vD!ul3292_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fcfe58bf-a323-4f73-8ed3-0200f9a1968f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
35430d71fd8d1b0422a61302eadbd84e1fe895ba1fccc17a9ae7e8250a609ba5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 29 Jun 2023 06:37:42 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6921-MXP
x-timer
S1688020663.904678,VS0,VE28
sync
am-match.taboola.com/ Frame CF8E 		422 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
35430d71fd8d1b0422a61302eadbd84e1fe895ba1fccc17a9ae7e8250a609ba5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 29 Jun 2023 06:37:43 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1688020662707&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1529&pt=-610732832&tz=0&viewable=true&ddast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=inout2_vB!nonrv_vA!nrlc_vA!ufm_vD!ul3292_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94b08e43aefd03fa04e1a419699f2825ae24316a026e5316548d59d54419c045

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 29 Jun 2023 06:37:42 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1471
x-cache
MISS
x-served-by
cache-mxp6921-MXP
pragma
no-cache
server
nginx
x-timer
S1688020663.794564,VS0,VE53
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&cmcv=&pix=31589837&cb=1688020662701&uv=3291&tms=1688020662701&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vD!ul3292_vB&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1688020658094.3!ts:1688020662700&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-length
0
server
nginx
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame EBDC 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7eb8d2dd663ac3829525507b64f7b6aeb420ab2b640c2fb6867a6bcf17597a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32996
x-xss-protection
0
server
cafe
etag
16850005874643028791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:43 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1830 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
35b77ed26236ad7a9c0ad60b2bf5e1b58167316e42e5a9c90728b59363e38063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33001
x-xss-protection
0
server
cafe
etag
5124644591839518386
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:43 GMT
spa-detector.20230628-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230628-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d73a4469f6831652802e5de5f5142b77217000aa852f6833ac0e04d99ad1ec4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MIJXPgk_PmHKJKqMU463DgWAeXG2.jtj
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:42 GMT
x-amz-request-id
CBQBBCS74RJNYQ11
age
55956
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
810
x-amz-id-2
4i61FdvIKnUHFuxZUbgWkm2Py/CWK+f0bvpMg8qqPVKATxjkmJ/kdwO9OEg/imYHzvq8z6kRpME=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 28 Jun 2023 15:05:07 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1688020663.894538,VS0,VE0
etag
"a5a27a8d86e31c8fb4a994819d7aa888"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
34940
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=06%3A37%3A42.817&id=4415&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1688020662818%7D&tim=06%3A37%3A42.818&id=4552&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%2C%20%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=06%3A37%3A42.820&id=5830&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=9d3bfe8b0ec6dfb5b0a8a423650b8b37&sd=v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020661_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&pi=/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&wi=-3282236128751450990&pt=text&vi=1688020661255&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1688020662822%7D&tim=06%3A37%3A42.822&id=9720&llvl=2&cv=20230628-3-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
L2EvZ3VpLW1pZS1wby00eWktY2hlbi16aHUtc2hlbmctd2VpLW51LWVyLXpodWktcGlhbi5odG1s.json
cdn.adpushup.com/42753/ 		555 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvZ3VpLW1pZS1wby00eWktY2hlbi16aHUtc2hlbmctd2VpLW51LWVyLXpodWktcGlhbi5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.222 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-222.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
GE
date
Thu, 29 Jun 2023 06:37:43 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=24, origin; dur=86, ak_p; desc="468894_34831774_626477806_10992_854_62_0_-";dur=1
content-length
555
expires
Thu, 29 Jun 2023 07:37:43 GMT
amp
www.googletagmanager.com/gtag/ 		684 B
763 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A42.873&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20next-up-a&llvl=2&id=562&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109109
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_9_1/infra/ 		888 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_9_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e45dd19e8d682418f4489a4e9bbc70edf506cda7740c7e279082e6e2765f898c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1687770498
date
Thu, 29 Jun 2023 06:37:43 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
BY0292F1MEZZQS12
age
250047
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1687770498
x-amz-meta-mode
33188
content-length
150314
x-amz-id-2
CGLONzWNwaUV3WWQgJkXwFAZGDzK7AJyh3/aLTRl78r3ClJ6CsU5x4XT//hb4r3NjLqLv3OELz8=
x-served-by
cache-fra-eddf8230027-FRA
last-modified
Mon, 26 Jun 2023 09:08:20 GMT
server
AmazonS3-br
x-timer
S1688020663.369324,VS0,VE0
etag
"6db01c5304c9fefd5d66f93aa41c98da"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
159754
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_9_1/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_9_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1687770517
date
Thu, 29 Jun 2023 06:37:43 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
V5JH624KQB9WC796
age
250045
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1687770518
x-amz-meta-mode
33188
content-length
7877
x-amz-id-2
DDdR3PWdWKoKRlD8ifXrUH9weMuJONLzYE9MbfSBT+yrXISTMjuDyOfDgGwsNyogRMb1MBV2Tyw=
x-served-by
cache-mxp6921-MXP
last-modified
Mon, 26 Jun 2023 09:08:39 GMT
server
AmazonS3-br
x-timer
S1688020663.013851,VS0,VE0
etag
"92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
139196
sync.html
sync.logly.co.jp/sync/ Frame 2319 		495 B
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.logly.co.jp/sync/sync.html
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.208.201 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-208-201.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=2592000
content-length
495
content-type
text/html
date
Thu, 29 Jun 2023 06:37:45 GMT
etag
"649afa4c-1ef"
last-modified
Tue, 27 Jun 2023 15:03:40 GMT
server
nginx
pixel;r=1126360118;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67e...
pixel.quantserve.com/ 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1126360118;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-150647978-1688020662373;pbc=7c8908d3-0954-4c21-a61f-0247a50faf79;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1688020662998;tzo=0;ogl=;ses=8ef54b2f-870f-4b29-8c26-0984d5a66883;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
im-uid.js
dmp.im-apps.net/sdk/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding
gzip
Date
Thu, 29 Jun 2023 06:37:43 GMT
Last-Modified
Fri, 21 Apr 2023 06:05:08 GMT
ETag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="NOI PSD OTR"
Cache-Control
max-age=10800
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2434
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 7612
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1688020662701&uv=3291&tms=1688020662701&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vD!ul3292_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fcfe58bf-a323-4f73-8ed3-0200f9a1968f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
79
date
Thu, 29 Jun 2023 06:37:44 GMT
via
1.1 varnish
x-served-by
cache-mxp6921-MXP
server
nginx
x-timer
S1688020664.388950,VS0,VE79
x-fastly-to-nlb-rtt
77078
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 7612
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-HjgP.p9E2oQ0CzdIp931t5JRJnGXN7tWgKgCjA--~A
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-HjgP.p9E2oQ0CzdIp931t5JRJnGXN7tWgKgCjA--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1688020662701&uv=3291&tms=1688020662701&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vD!ul3292_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fcfe58bf-a323-4f73-8ed3-0200f9a1968f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82239

Redirect headers

date
Thu, 29 Jun 2023 06:37:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-HjgP.p9E2oQ0CzdIp931t5JRJnGXN7tWgKgCjA--~A
content-length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 7612
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5397954210711331650&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1688020662701&uv=3291&tms=1688020662701&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vD!ul3292_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fcfe58bf-a323-4f73-8ed3-0200f9a1968f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82233

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date
Thu, 29 Jun 2023 06:37:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
js
www.googletagmanager.com/gtag/ 		242 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
74a695504e55816b4cd7d138f2131758c1fab92a0ac69eeee0c37dd8ada8565a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85592
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Jun 2023 06:37:43 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-232.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
ads
googleads.g.doubleclick.net/pagead/ Frame DE2A 		603 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2540110022167727248&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2907&oid=2&is_amp=5&amp_v=2306202201000&d_imp=1&c=38009125&ga_cid=amp-TTPdpg3GeEnSlbeH8gWUZA&ga_hid=9125&dt=1688020662293&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&bdt=2427&dtd=108&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:43 GMT
expires
Thu, 29 Jun 2023 06:37:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=9125&cid=amp-TTPdpg3GeEnSlbeH8gWUZA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&dr=&dt=%E3%80%8A%E9%AC%BC%E6%BB%85%E3%80%8B%E7%A0%B44%E5%84%84%E9%99%B3%E7%AB%B9%E5%8D%87%E7%88%B2%E5%A5%B3%E5%85%92%E8%BF%BD%E7%89%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1688020663&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-TTPdpg3GeEnSlbeH8gWUZA&aip=1&sid=1688020663&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9ndWktbWllLXBvLTR5aS1jaGVuLXpodS1zaGVuZy13ZWktbnUtZXItemh1aS1waWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04YTBkYWVjMC1hODk1LTRhNDQtYTI4Zi0wZmJlNjZiOTY1M2QiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiN2Q5OTRhYzgtZTMxMi00OTE1LTg2NjMtNTRmOGUxMjExZGMxIiwidGltZU9mQXVjdGlvbiI6MTY4ODAyMDY2MjA0MCwiYmlkcyI6W3siY3BtIjowLjAyLCJhZElkIjoiNzU1ZmJiNDdkYTg0NzNiIiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDY1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY4ODAyMDY2MjU1MX0seyJjcG0iOjAuMDEsImFkSWQiOiI3NjA5YjNkM2UxM2ExYzgiLCJvcmlnaW5hbENwbSI6MC4wMSwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NjYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjg4MDIwNjYyNTUyfSx7ImNwbSI6MC4xMzIsImFkSWQiOiI3NzNiY2U2NGU4ZDI3MSIsIm9yaWdpbmFsQ3BtIjowLjEzMiwiYmlkZGVyIjoib3BlbngiLCJyZXZlbnVlIjowLjAwMDEzMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTE0MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2ODgwMjA2NjMyNDN9LHsiY3BtIjowLjAzNCwiYWRJZCI6Ijc5YzZmNDUxNzg1N2ZlYSIsIm9yaWdpbmFsQ3BtIjowLjAzNCwiYmlkZGVyIjoibWVkaWFuZXQiLCJyZXZlbnVlIjowLjAwMDAzNCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTE3NiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2ODgwMjA2NjMyNTN9LHsiY3BtIjowLjA0MTM4NjUwMDAwMDAwMDAxLCJhZElkIjoiODFkZTliZjk3MjljZjMiLCJvcmlnaW5hbENwbSI6MC4wNDg2OTAwMDAwMDAwMDAwMDQsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDA0MTM4NjUwMDAwMDAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoxMTcyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY4ODAyMDY2MzI2OH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJvcGVueCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzczYmNlNjRlOGQyNzEiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMTMyfSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI3ZDk5NGFjOC1lMzEyLTQ5MTUtODY2My01NGY4ZTEyMTFkYzEiLCJ0aW1lT2ZBdWN0aW9uIjoxNjg4MDIwNjYyMDQwLCJiaWRzIjpbeyJjcG0iOjAuMDM0LCJhZElkIjoiNzg0MTExZjdiODFmNjVlIiwib3JpZ2luYWxDcG0iOjAuMDM0LCJiaWRkZXIiOiJtZWRpYW5ldCIsInJldmVudWUiOjAuMDAwMDM0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoxMTc2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY4ODAyMDY2MzI1M30seyJjcG0iOjAuMDM3NDg1LCJhZElkIjoiODBhMTIxZTI0ZDg4MGU5Iiwib3JpZ2luYWxDcG0iOjAuMDQ0MSwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDM3NDg1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoxMTcxLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY4ODAyMDY2MzI2N31dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhZGxpdmV0ZWNoIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI4MGExMjFlMjRkODgwZTkiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDM3NDg1fV0sImNvdW50cnkiOiJHRSJ9&c_b=5179.899997711182
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A43.333&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-a-delta&llvl=2&id=9611&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109227
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A43.345&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=8531&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109227
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A43.346&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-delta&llvl=2&id=968&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109227
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A43.349&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-delta&llvl=2&id=6248&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109227
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=06%3A37%3A43.350&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rec-reel-sc2-delta&llvl=2&id=3669&cv=20230628-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
109227
integrator.js
adservice.google.com/adsid/ 		107 B
197 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		111 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4433573924884916&correlator=2076629330851069&eid=44777897&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=1&adks=1420297610%2C2825066673&sfv=1-0-40&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_23_0_pv%26cluster_reporting%3Dchrome_DESKTOP_23_1_active_0_pv%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D80a121e24d880e9%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_23_0%26cluster_reporting%3Dchrome_DESKTOP_23_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.13%26hb_ap_adid%3D773bce64e8d271%26hb_ap_bidder%3Dopenx%26fcEnabled%3D0&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv3_e%26faid%3Dfalse&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1688020663399&lmt=1688020663&dlt=1688020659866&idt=3029&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&frm=20&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=1614580128.1688020663&ga_sid=1688020663&ga_hid=9125&ga_fc=false&ga_cid=amp-TTPdpg3GeEnSlbeH8gWUZA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9ceb95ba08e55a14db7d61bc29cd55ba59ba88b512845b865875169fa145737a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29157
x-xss-protection
0
google-lineitem-id
-1,5221339624
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138294466156
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A5D 		0
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame CF8E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
84
date
Thu, 29 Jun 2023 06:37:44 GMT
via
1.1 varnish
x-served-by
cache-mxp6921-MXP
server
nginx
x-timer
S1688020664.388973,VS0,VE84
x-fastly-to-nlb-rtt
80470
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame CF8E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Yy6flc5E2oSQAHZcZF0MylO87Czq_eWzmSxUgw--~A
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Yy6flc5E2oSQAHZcZF0MylO87Czq_eWzmSxUgw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82239

Redirect headers

date
Thu, 29 Jun 2023 06:37:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Yy6flc5E2oSQAHZcZF0MylO87Czq_eWzmSxUgw--~A
content-length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame CF8E
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3Dca7105ad-a781-49e4-8a1b-5f1ce544a0d...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=7aec649d-26b8-4c00-9efc-873fef46c2c7&expires=30&ssp=taboola&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82227

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
date
Thu, 29 Jun 2023 06:37:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
get
audiencedata.im-apps.net/imuid/ 		10 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H42XYF4TDJ6KMWPZQ6ZR9BCX
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
193.96.120.34.bc.googleusercontent.com
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 29 Jun 2023 06:37:45 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/ Frame EBDC 		345 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js?bust=31075534
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c66e338a8db51592f578b4a5b3892433aec1ccd78f1c4ed651dcdfa871babc3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121293
x-xss-protection
0
server
cafe
etag
13127291809068593648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:43 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 5A56 		714 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7dec299b0b522dc9-TBS
content-encoding
br
content-type
text/html
date
Thu, 29 Jun 2023 06:37:43 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4MIOKsHO6FMs2Gyvy0DIfB9uyG6%2BD07ymXE8oXj7n74iYOIqWZn7sgIPWBAgTW8%2BEvKLPDmdQPSFHr9ejOHM1V%2FXnbVBc3FGHF6HPeMqg3%2B%2B6Hb%2B9odqeW%2BRRunEjYQ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame AF38
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Jun 2023 06:37:44 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 29 Jun 2023 06:37:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:47 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6351 		714 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7dec299b1b622dc9-TBS
content-encoding
br
content-type
text/html
date
Thu, 29 Jun 2023 06:37:43 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wo%2Fyboo19E1uP2HDYBM5CTqFEVTl7phfG2jDgbgikovNCW8bvdlzBYjgh2q9IUjLqZ6Jtcvr%2FNYR2LKSNOcsSR3AwXga4ipi9XBcYwqgyaVJFBTJMgmd2j5%2BKdG4XmvQrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8A22
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Jun 2023 06:37:44 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 29 Jun 2023 06:37:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=19
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
105
date
Thu, 29 Jun 2023 06:37:43 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
79700
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-mxp6921-MXP
pragma
no-cache
server
nginx
x-timer
S1688020664.668320,VS0,VE105
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
59b311e44f85cd111cd68fb8edf048a7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59b311e44f85cd111cd68fb8edf048a7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
186c189bda141a04594cc4d7f11b3d772492ca3389ad3f7ef22ec3528caae648

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 29 Jun 2023 06:37:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59b311e44f85cd111cd68fb8edf048a7.jpg
age
2126621
edge-cache-tag
381477906369707016374905618160086180191,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
381477906369707016374905618160086180191,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
246
expiration
expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://instantlymodern.com/
content-length
112698
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000123-IAD, cache-iad-kcgs7200161-IAD, cache-lax10648-LGB, cache-iad-kcgs7200131-IAD, cache-mxp6921-MXP
last-modified
Thu, 11 May 2023 17:40:10 GMT
server
nginx
x-timer
S1688020664.684728,VS0,VE0
etag
"b09af403a3689ae907f4c7c1f4ef5402"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 430, 2
8fcbf915447480f04c424a0268a8636d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8fcbf915447480f04c424a0268a8636d.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a68421f97f1c5e283f909fbeb604fc4cc4c72c0c78a372586a85ac564d872f32

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Thu, 29 Jun 2023 06:37:43 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8fcbf915447480f04c424a0268a8636d.png
age
3734870
edge-cache-tag
608262576327528520140867059020889082533,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
608262576327528520140867059020889082533,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
382
expiration
expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://thetimecave.com/
content-length
40826
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100176-IAD, cache-sna10726-LGB, cache-iad-kcgs7200054-IAD, cache-mxp6921-MXP
last-modified
Thu, 11 May 2023 15:11:32 GMT
server
nginx
x-timer
S1688020664.684706,VS0,VE14
etag
"6cc62e5363f6daaaab2e93d374bcb2aa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3, 1, 123, 1
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/ Frame 1830 		345 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4e549b5c5a5676ae22bfe9a472070469e618386af7e967afd3d6a5ff9e487c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121305
x-xss-protection
0
server
cafe
etag
1357643770778076696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:43 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 29 Jun 2023 06:37:43 GMT
via
1.1 varnish
x-amz-request-id
DM4PFN0WZV5ZS5NS
age
25967
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1688020664.750348,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
30
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1512
collect
www.google-analytics.com/r/ 		35 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E3%80%8A%E9%AC%BC%E6%BB%85%E3%80%8B%E7%A0%B44%E5%84%84%E9%99%B3%E7%AB%B9%E5%8D%87%E7%88%B2%E5%A5%B3%E5%85%92%E8%BF%BD%E7%89%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-TTPdpg3GeEnSlbeH8gWUZA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.2763207297843102&gjid=0.9989902662791923&_r=1&a=9125&z=0.8074249586536391&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je36s0&_p=9125&cid=1614580128.1688020663&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688020663&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&dt=%E3%80%8A%E9%AC%BC%E6%BB%85%E3%80%8B%E7%A0%B44%E5%84%84%E9%99%B3%E7%AB%B9%E5%8D%87%E7%88%B2%E5%A5%B3%E5%85%92%E8%BF%BD%E7%89%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5A56 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
52dc40b4859c845baf3ed1db25e7da40399f47be494cad3883b92f8d02991f49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25855
x-xss-protection
0
server
cafe
etag
700 / 19537 / m202306260101 / config-hash: 7472368790766015396
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6351 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
19da023a09b7f0dec43ee305a3562100fbb5393d36ebc5c37b5f522254556b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25864
x-xss-protection
0
server
cafe
etag
506 / 19537 / 31075743 / config-hash: 7472368790766015396
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:44 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
via
1.1 46c9f6285b432bb7ca825d1b5670a6b0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP64-C1
age
1185036
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1688020664.104410,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
GYJJg7cHa9StY_p8FziuGzT8rJ8lRYh0JE2SiZPd1FnWWMlxlyRlkA==
x-cache-hits
85196
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.2.9/ 		445 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.2.9/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0ef96616448b6a5a85f613193f68ad3f98957f5e2dde7fc4cab40d6c2e417238

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1687597267
date
Thu, 29 Jun 2023 06:37:44 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
J5MQ1BK9YWZVAMXC
age
423324
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1687597282
x-amz-meta-mode
33188
content-length
84989
x-amz-id-2
vvXM+wzywQ6lI2iZzxTFPuT5VLQ5MWHQ5zRgKLLINe44kyKO49+PbkfesO7J2/M5RoCfIcqhEUg=
x-served-by
cache-mxp6921-MXP
last-modified
Sat, 24 Jun 2023 09:01:23 GMT
server
AmazonS3-br
x-timer
S1688020664.170449,VS0,VE0
etag
"77c5190f6dfc562a1e0c9f7810afec20"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
258650
sync
am-match.taboola.com/ Frame 3FD7 		528 B
614 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f9b9507e17aa205b9fce21aad1e7f2f330c6b4eb3819fcce36f24887b962db51

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 29 Jun 2023 06:37:44 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&cmcv=&pix=31579697&cb=1688020664132&uv=3291&tms=1688020664132&su=3&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vG!ul3292_vB&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 29 Jun 2023 06:37:44 GMT
via
1.1 1a3a682cf8d843fe52f3224f60584fac.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MXP64-C1
age
1054970
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-mxp6921-MXP
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1688020664.396548,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Fr7HowXM-yDrL3QOCMXEgtHD4_DD4oO_zXSggn0QqPq3ih2Kuw7ceg==
x-cache-hits
341120
container.html
bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D83F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:44 GMT
expires
Fri, 28 Jun 2024 06:37:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E2C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEr4Ewco5iyYckwCjoF1xJPVjnKnr5YNktFwXki1OyGho5b-f9p3ctZwGPsqtec8zAray3lLQkWGBGupwhnVlsGZ1trfmbpyho7-QZvAjM5_xg3W4qrBypCyh7Vz8pUtfgZxDZ7DNrWb2Hti55PUdF8FFEjW9FJpw0TwjMQYsOLWv99feGPbERlQ8VuAoKsjPd3JQjsHWT5MZPATmDGsboAR5cSDiJJYENEsljR8Gp02quK90O7r7g1mujSf6Thl_4D4EXVktxkfSmb7jd1P42yyeXlED4spHBOZeOGnDkiZCr-V59hECao_9vhlvTdcZF&sai=AMfl-YSniAvFe6i6VIw-CCNDWkvl3BVMhcpKzjm9Tbq26D31uWOAmP-ea2BqSMrkOXFL4DCbt5BSQyHHr-8k-Hth2d54Xuwu4i7mLYBkVAaADrUMF_9rvUhTVCkD4b7aVDqwGfw07xPJmJgHb1CXlQk&sig=Cg0ArKJSzPYhG0smoos2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Jun 2023 06:37:44 GMT
ad-choice.min.js
dsp-media.eskimi.com/assets/js/e/ Frame E2C2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 15 Jun 2024 07:09:24 GMT
date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1055
cdn-cachedat
06/16/2023 07:09:24
cdn-pullzone
692289
last-modified
Mon, 14 Nov 2022 14:24:28 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63724f9c-bdd"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
88a6abad49628e7a34d1d71571d8b405
cdn-requestcountrycode
GE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bctr.min.js
dsp-media.eskimi.com/assets/js/e/ Frame E2C2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/bctr.min.js?v=1.4
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
993eff878baaac385889e2599c9b0f03e76b966ab37816f7c71bc3a236190fb1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 23 May 2024 14:31:06 GMT
date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1055
cdn-cachedat
05/24/2023 14:31:06
cdn-pullzone
692289
last-modified
Wed, 24 May 2023 14:13:54 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"646e1ba2-4b3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
4c55497d7ac3bbf5e538723b40837dd4
cdn-requestcountrycode
GE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ri
ox-delivery-prod-europe-west1.openx.net/w/1.0/ Frame E2C2 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-delivery-prod-europe-west1.openx.net/w/1.0/ri?ee=SCI_4352_CTV_FEES&ai=a6eb8722-5431-4d43-8cb2-ef2ee26d3935&ph=43a9730a-6c22-4066-b849-41c7558b6858&ts=2DAABBgABAAECAAIBAAsAAgAAAkUcGApLUnVWNHJMd20xHBb8n9LwmNfkv8oBFvG2pJHD4oDY1wEAHBahz-Xy25_87hQWq7CWzKSp86yDAQAW7JrpyQwVBBEoJDdjODkwOGQzLTA5NTQtNGMyMS1hNjFmLTAyNDdhNTBmYWY3ORwVAhgRU0NJXzQzNTJfQ1RWX0ZFRVMYD3NlY3Rvcl9zY2hlZHVsZRIAACwcFQIAHBUCABwVAgAAHCbW5quIBBUEFQQm1uWriAQWkqb5gwQlAhUCpogCFogCFogCFhQWFBYUFhQWygIAHBwsFpqVuuyygI3EogEW0birt63k76OrAQAAFsr38YIEFqTq-YIEFqDYxZQEFqrXxZQEFRgcFGQU2AQAFQQmygIWygIWygIRNQ4mygI0AgAsLBaQuLqou_ymuMcBFoGT89KWkreWwwEAFuya6ckMBijK9_GCBBak6vmCBBaq18WUBBag2MWUBBgOMTcwMDM0LTEwODkyMjMW1EAWygIlBBZCGAQ5NzcxFQKhERgCT1gMehRoFNwEABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4C2xheXMuY29tLmdlGFdodHRwOi8vYmx0LmVza2ltaS5jb20vYmwvMTQ_Y0lkPTE3MDAzNCZjcklkPTEwODkyMjMmdHM9MTY4ODAyMDY2Mjk3MSZzdD0ke0FVQ1RJT05fTE9TU30AAAA
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:44 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
openxWin
win.eskimi.com/ Frame E2C2 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eskimi.com/openxWin?eid=14&w=Ei8KJDYzYjg0ZGYxLWRhODctNGUwOC05ZTY5LTkxYjc0YWQxOWIzZhAOGL71_K6QMRgFIIGdv98FMR-F61G4HsU_Qfp-arx0k4g_SMX62-8iWLKwCmgCcNifAniCtSmAAQSiARU5XzU3OTYwMTI3MzA3Mzc1NzczMzGyAQ86B3RiaWxpc2lCAmdlSAHCASUIDhC_vZUhGLfK7cgEIAEo86EBMAU4CFjHvUJwAXgCiAECkAECygEgZjM0ZTk2OTk1ZGRmM2ZmNWViMWJmZGUxMzhjZmUyOWPYAZ_U4Z-FuIrEkwHhAQAAAAAAgFFA6gECLS3wAd8MgAIB&esc=false&spent=AAABiQXfOzLwSVnZUuX3TJwZ6AfDbRGek2NBow&adId=170034&auctionId=63b84df1-da87-4e08-9e69-91b74ad19b3f
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.27.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
104343_1079839392_e307fb6269773e5c298ea4dc0d2d3174.png
dsp-media.eskimi.com/upload/ Frame E2C2 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/104343_1079839392_e307fb6269773e5c298ea4dc0d2d3174.png
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
c245b71d95ab40ca0237f2b2664958f53d31f8f9fd6b46518b6f12fa0af1d622

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Thu, 29 Jun 2023 06:37:45 GMT
cdn-edgestorageid
1055
cdn-cachedat
06/21/2023 12:13:55
cdn-pullzone
692289
content-length
13477
last-modified
Mon, 19 Jun 2023 10:10:58 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"649029b2-34a5"
content-type
image/png
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
058fb4cc1028b39a07d52b6210685aa8
accept-ranges
bytes
cdn-requestcountrycode
GE
cdn-status
200
expires
Thu, 20 Jun 2024 12:13:55 GMT
cw.js
hbx.media.net/creativewrapper/0-0-1/js/ Frame 8D23 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/creativewrapper/0-0-1/js/cw.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
618324322be1f1efedd5d524cef46c7596c9e1896e03b1abb695e0afeb267ffd
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Thu, 29 Jun 2023 06:37:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=306195
content-length
1091
expires
Sun, 02 Jul 2023 19:40:59 GMT
medianet_bid
ghent-aws-fr.bidswitch.net/win_notice/ Frame 8D23 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghent-aws-fr.bidswitch.net/win_notice/medianet_bid?rid=pwaPzRSjdz0BagHxmIX7Dk_B1CryrHOWiqg8Ii5PxXhwCAFlsSL4jWOsTj2n8op6KTj0LfRgElMZzwDVp0ABT_PGzCdH-6poCrg7VkJ4iTJxvKvIWlmUC5eYLeUy8NRA8w6-IPkKVGMIRpzhCKs0G8oVY__00E0eoWzaPuOQEXQtjJMpXN88inpS-PPKLpVDQZSRTLKmPb47BqNDwxEtc8B6AX7nziFF24OBKwgiBF93vgFxDJIajp0vrVa71ijUgkVV7PlRpMpYPSWMctHBKpmQi5mzIhNxDZkap0DkESCeL43fJRsIkiKLcplZk1Qzx79Eut0siQAUejdUR6otuJsWVq72fXommFJe2z1ArE4ohkwS46LUSxLS58drxRtp6peE-vix_WL2rxx4yLDxv-UBqBAO6J59jqPypi4_cxIgdUS76vENAkneRX0gx-32Kyr9ffUyc-6-uf0SwC4vJNrnT7ja7Z4M4h7uKN2-m4-Ckvs9zHyfPZFpvl2ZI9dcYmjNJ9OxWXTgf5CfPZKjElq_Ws0PSexnJV7I3RqxxrLMEDEwfY7ZYo44ehLcuofGf8f7UAupeWKWByXGEZXM6sFkwq5cfwzTK4qIMX2xIn7Vfgr1cemf1Q7i48bKYrhk0_OFyNoM7kgdnWWTIDUGtykOXG7ooyRGyo4rxMeTqX0_R0xHH86ikRFKDIGWIri91glizJgsv82NXhMgradccxlH-5KSfL38BTTeBrBwf9xDOp7IsGHwjcDhA0uXweec7i1EUiQ3bAymHGmBWcj53fTDoX-HwLaoQiL7-8Z5vLBnQTPcJG1t7rCP7afiHkOlbZoGZUHscpx-R2SDxcMOQp5N6S_bkofp1LC9eAalReNg9DZl9ebxAqnia79_fARGeBvXOn_fmwQqE6xPUANCE3FRM9_L3kie1OUyEwlQU47FS0Kpept9D22n_vweLnt4LmTfAdApKKgSl1qUerBubORDlR4ADvIyXpGOxRFTIJxahxVi586goqpUmDXKU8_A0ihQkt3PLFXwbRubNSvK2Q6BUIqa60xMLfVeScJBrczM0XssbZzUHI3xYuEbm6ZmnY1RU6kpoCzxRlOSvAl7mNMOXmwhnDIHGsos1bEikYKw0fkBZ4DYKy4DoJTeOjB5wx5OtgwGYW5QQetQbTDdOjPr1k-wV669hhbu8Ig6pCgUgfNEiLzKpfRCFGEuVtwosRlyl6nEEbkwwWFW8hp43_mnr3jTx_-tMelKbSFopvozxmwTYEjXuzRjb6F48iuxboN7zc97Irzkvxoe1c68gSuNtCYJDLofgIHsNTsEDUFDY1uq4x7gdxy6zkUxKglxf6Vaf2hv5sTZ_xVOwMA2RATUTir7HsCWVzhf3fYnyl_cf57HHANUFs645wnQeLkqUYHdKZ1ya1gp3F1S63BZWTGMx07nLvAiSZgRobkb8pVhw7H6XGqO6ay8dTMvmG_bIyZsjga1CII6d7wrDfyD45UQ9sep8g&p=0.071&aid=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.94.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-94-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
log
qsearch-a.akamaihd.net/ Frame 8D23 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&dn=bg3.co&cid=8CUPEPKI9&ugd=4&cc=GE&sc=TB&ct=tbilisi&crid=222574718&size=320x50&iwb=1&ver=9.5.4&requrl=bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%2F&acid=aeb6094ab6b542fdb0b1364432b047f4&bidrestime=1688020663080&dc=eu_be&totalTime=5131490&totalTimeBucket=5&sat=0&other_prv=203&other_bids=0.058149&o_id=101&o_ver=NT+10.0&br_id=265&br_ver=89.0.4389.72&seat=16&clisp=rtb-common-6c979b6d59-ljb5q.BE&req_id=7d994ac8-e312-4915-8663-54f8e1211dc1&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&ogerpm=0.0000&rawbid=0.0710&time_stamp=2023-06-29+06%3A37%3A43&visibility=1&viewability=0.5900&stid=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&itype=prebid&pvid_seat=203_16&ckfl=0&mnckfl=0&sd=-1&bdp_wider_bucket=1&splid=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&app_type=prod&cliIP=1542442625&ogerpm_wd_bkt=0-1&advurl=erovnuliliga.ge%2F&bdr_typ=3&ss=1600x1200&dmm_l=0.0000&dmm_r=0.0000&dmm_d10=0.0000&e_rpm=0.0000&second_bidder=*&second_bid=0.000000&adtyp=0%7C1%7C2&gpid_sent=false&buyer_id=20224881068&pvag_id=1049735034&bcrid=16243_16_495981830&pst=EMS&zone=b&rc=3&asn=47810&sfm_key=3_203&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vplcmtt=-1&vcmplrt=-1.0&itype_id=3&wsip=mowx-6874888dd4-gwsf7&sc_pvid=203&ogcbdp=0.0581&pbshr=90.0000&bdp=0.0646&bidfp=0.0000&dfpbd=0.0336&cut=48&prdp=0.0336&algo=unicorn&capd=0&strg=unicorn&dmm_m22=0.0000&server=1&bdp_bucket=0.05&dfp_bucket=0.0&floor_bucket=0.00&erpm_bucket=0.00&erpm_mult=1.000000&current_hour=6&current_day=4.0&dim4=exploration&level_base=0&dmm_m1=2023-06-29+06%3A37%3A43.131789186&dmm_m10=1672575&search_res=48&log_less=false&dim10=false&as_cache=0&mul_ratio=0.0000&predicted_wr=23.4519&cut_bkt=50&dmm_m9=0.0000&url_l1=a&url_l2=gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&seat_id=16&model_key=generic_prebid_bsdv-_0&model_version=202306281257_generic_prebid_bsdv-_0&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_ctr=-1.0000&ss_d1=1600&ss_d2=1200
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:38:00 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 29 Jun 2023 06:38:00 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame E7E2 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 29 Jun 2023 06:37:52 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 29 Jun 2023 07:37:52 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-232.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2C2 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:44 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9ndWktbWllLXBvLTR5aS1jaGVuLXpodS1zaGVuZy13ZWktbnUtZXItemh1aS1waWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04YTBkYWVjMC1hODk1LTRhNDQtYTI4Zi0wZmJlNjZiOTY1M2QiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJvcGVueCIsInJldmVudWUiOjAuMDAwMTMyLCJyZXNwb25zZVRpbWUiOjExNDAsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6Im9wZW54Iiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAxMzIsIndpbm5lckFkVW5pdElkIjoiNzczYmNlNjRlOGQyNzEiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzUsM10sInNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHg1MCIsInByZWJpZEF1Y3Rpb25JZCI6IjdkOTk0YWM4LWUzMTItNDkxNS04NjYzLTU0ZjhlMTIxMWRjMSIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiR0UifQ%3D%3D&c_b=6345.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=7d994ac8-e312-4915-8663-54f8e1211dc1&cid=8CUPEPKI9&crid=222574718&adunit_count=1&dn=www.bg3.co&requrl=https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&istop=true&event=client_bid_won&value=0.034&rd=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:38:00 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 29 Jun 2023 06:38:00 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9ndWktbWllLXBvLTR5aS1jaGVuLXpodS1zaGVuZy13ZWktbnUtZXItemh1aS1waWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04YTBkYWVjMC1hODk1LTRhNDQtYTI4Zi0wZmJlNjZiOTY1M2QiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJtZWRpYW5ldCIsInJldmVudWUiOjAuMDAwMDM0LCJyZXNwb25zZVRpbWUiOjExNzYsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6Im1lZGlhbmV0Iiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAwMzQsIndpbm5lckFkVW5pdElkIjoiNzljNmY0NTE3ODU3ZmVhIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOls1LDNdLCJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMjB4NTAiLCJwcmViaWRBdWN0aW9uSWQiOiI3ZDk5NGFjOC1lMzEyLTQ5MTUtODY2My01NGY4ZTEyMTFkYzEiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkdFIn0%3D&c_b=6384.799999237061
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
log
hblg.media.net/ Frame E7E2 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELAQCAAABAAAAAgAAAAAAAAEABgAAQIABAAgAINAASDY0NzM4NjM3MTcyMTRfNjUyNjg2NDFfMjIyNTc0NzE4MjAzMUBhZWI2MDk0YWI2YjU0MmZkYjBiMTM2NDQzMmIwNDdmNJYDkxgEVg4tsj-WAWh0dHBzOi8vd3d3LmJnMy5jby9hL2d1aS1taWUtcG8tNHlpLWNoZW4temh1LXNoZW5nLXdlaS1udS1lci16aHVpLXBpYW4uaHRtbARHRQxiZzMuY28SOENVUEVQS0k5CAwzMjB4NTAKMC4wMzQKZXVfYmUMUFJFQklEBmFkbQAAAAAAAIBNQNDs-d2gYgIxAAAAAAAA8L88cnRiLWNvbW1vbi02Yzk3OWI2ZDU5LWxqYjVxLkJFAhA3NTdkMjVhYwJiAg&cpr=0.9353641319663892
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:45 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 29 Jun 2023 06:37:45 GMT
clog
hblg.media.net/ Frame E7E2 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4381&lper=1&itypeid=3&itype=PREBID&cc=GE&cid=8CUPEPKI9&reqid=7d994ac8-e312-4915-8663-54f8e1211dc1&vid=7d994ac8-e312-4915-8663-54f8e1211dc1&dn=bg3.co&rawDn=bg3.co&pid=8PRW23HG5&ugd=4&fleet=common&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_enf=false&geo_source=2&sc=TB&ct=tbilisi&pubid=pub-8CUPEPKI9&tgtval=pub-8CUPEPKI9&csip=rtb-common-6c979b6d59-ljb5q.BE&dtc=eu_be&zone=b&sd=-1&ptype=23&tmax=3000&xtmax=300&gdpr=0&gsi=0&app=0&sat=0&screeninfo=1600x1200&asn=47810&sckfl=0&usp_status=0&usp_enf=1&pexid=PREBID-8CUPEPKI9&geoll=false&is_ortb=false&s_city=Tbilisi&commit_id=757d25ac&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-06-28+00%3A00%3A00&pbasrc=0&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&ipcc=GE&is_msnnative_src=false&rtttime=214&req_tid_present=false&pvid=203&prvAccId=16&prvApiId=8CUPEPKI9&adj0=0.0&adj1=9.0&adj2=10.0&pst=0&crid=222574718&prspt=headerBid&prvReqId=6473863717214_65268641_2225747182031&reqsize=320x50&size=320x50&chnl=unicorn&bdp=0.065&cbdp=0.034&og_cbdp=0.058&ogbdp=0.071&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=erovnuliliga.ge&dfpBd=0.034&dt=O&dbf=1&epc=222574718&s=1&snm=SUCCESS&bId=20224881068&pcrid=16_16_495981830&tpbTkn=false&pvAgId=1049735034&pvAgNm=TP+-+GE_GLOBAL+-+AMR+-+DV360+-+UA&iurl=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fad%3Fdbm_p%3DAKAmf-CbrrB94wsrowg3tA3-YdmZUThngoVYmRB4-19KJy_WCFSSgnsWcczuo13yxehzoI5KfQK5%26cry%3D1&exid=43&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=59&slotVisibility=1&adpos=1&iframingState=0&exp=ssProfile%3D0%7Cebc%3D1%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cbsw_cw_smpl%3D1%7Cdbr%3D1&mnrf=0&seat=16&ortbseat=16&brsrclk=0&bidrestime=1688020663080&fpuReq=0&bfs=103&acsn=1&bcrid=16243_16_495981830&strg=unicorn&stagid=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&vls=0&mang=1&pvdTmax=242&fpusp=false&ae=false&epcexp=false&moau=false&ucrid_ver=2&omid=0&apTags%3C%3E=75&apPrfs%3C%3E=62%23%2365%23%2313%23%2316%23%2361&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CUPEPKI9&mx_SPRIG=0&mx_bsBucket=1&mx_ssProfile=0&mx_g_uid_source_cvrg%3C%3E=pubcid%23EIDS&mx_int_dsp_id=23&mx_lr=0&mx_g_one_uid_sent=pubcid&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CUPEPKI9&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=5&mx_sent_seats%3C%3E=44%23%23191%23%23151%23%23250%23%23354%23%23431%23%23257%23%2374%23%2376%23%2316%23%23162%23%23165%23%23200%23%23366%23%23367%23%23148%23%23303%23%2380%23%23306&mx_GCID=0&mx_g_uid_cvrg%3C%3E=pubcid&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&mx_g_uid_sent%3C%3E=pubcid&mx_tgs=300x50%7C300x75%7C320x50%7C468x60%7C728x90&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_gpid_sent=false&mx_commit_id=4110dd7e6e&mx_sent_deals%3C%3E=Mnet_Bidtellect_View%23%23mn-viant-attmet-d%23%23mn-viant-ctr-d%23%23+mn-adelphic-bf%23%23mn_rad_eng_disp%23%23mn-bmw-oww-yah-d%23%23mn_mtk_aac_jj_disp%23%23mn_citi_yahoo_d%23%23mn-Stirista-d%23%23mn-joh-oww-gmp-vrz-dis%23%23mn-Stirista-politics%23%23mn_kohls_RON_dis%23%23mn_usaa_yahoo_d&linearity=1&is_video_cmp=false&acid=aeb6094ab6b542fdb0b1364432b047f4&rtime=121.0&wsip=mowx-6874888dd4-gwsf7&ltime=149.0&act=headerBid&abs=0%7C0%7Cnxblock%3D-1%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0%7C1%7C2&impId=4853af4a5b44782&reftime=15000&reftype=0&keywordSellerId=false&dsid=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&mowxReqId=aeb6094ab6b542fdb0b1364432b047f4_2&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0%23%231%23%232&ctr=-1.0&rfc=3&dfpDiv=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&supplyTagId=222574718&mnrfc=3&supply_placement=6&vplcmtt=6&video_maxdur=300&v_plcmt_override=0&v_placement_override=0&viewability_vendor=MEDIA.NET+EXCHANGE&viewability_mnet=59&v_mkey=gen-vblt_prebid_test_2_1&v_mver=202306282206_gen-vblt_prebid_test_2&v_alg=gen-vblt_prebid_all&vcmplrt=-1.0&imp_tid_present=false&actltime=199&debug_ts=2023-06-29+06%3A37%3A43&__expireat=1688024263386&mview=1&rme=adm&utime=1339&sf=0&cpr=0.6125970763827076
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:45 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 29 Jun 2023 06:37:45 GMT
cw.js
hbx.media.net/creativewrapper/0-0-1/js/ Frame FFB2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/creativewrapper/0-0-1/js/cw.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
618324322be1f1efedd5d524cef46c7596c9e1896e03b1abb695e0afeb267ffd
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Thu, 29 Jun 2023 06:37:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=306195
content-length
1091
expires
Sun, 02 Jul 2023 19:40:59 GMT
medianet_bid
ghent-aws-fr.bidswitch.net/win_notice/ Frame FFB2 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghent-aws-fr.bidswitch.net/win_notice/medianet_bid?rid=_lbsgVIovpLHEvaFJ2HHP0gDAxv3mi5OI94smABQFVT_YnR5yNWC6JmKp9rKdLcpRiq9ACPoDc9OKCqY4Il1ARus1LoO28rA22yngGtn0pnAASRla7JRB1xvqYYTGogt8jZrXa-oMXyXkey8OAc8U0XKGUT2KOKbNtkKnqY6cYPpQduwZpFoTVvbbmCQyHSZRAQHFFQp_WF_dL_bmWhG0Z15juMl0_9B3761pHbYDSzNaPg-qwtDmjyUK7_xxFXgB2n4ZpmKLxT4ZHwfBGbap5c4ClfI_OjjmoRXIml4vGQkKi12Z-XuDsIQAny8aA2qJbecYL0522W_Z_k1kI-Aj1BwQqbidZilf6HPWQcEzaSUK648rw1X0MUjBvhlSAcO86P1bcE_Z10FJH965ZrcrQNNpAdpPwUHGO6O_F1b7PjtfVWlY9ZSJffBRbjF328Y__xVmYQdzUR_5AAmURvgUjyFqVBfS8ZYXB4v6CbAqwxuv2eSGwWjWtyKCYjiHln-BthlhYuSBtBmu8gI1iHViw7daPq5vmvFrCwBK9U8iSpff7bwuxx53GrKy1bTRKlYWIFSipLYRvv79aIVV0VK5HCmEr83HDvZITW2VBMUGTMKToGr_ooizDDWo9UuOzGXy6STalNZ6iqpZQxKvfxo3EEZYUdlHCjssanXMFTsBsXGzyxPh4mZ5iHJdzDjxlJ-3d-e2NjKiBEWxQ8BLS9PeVeu7pb79txpiAcDX1YnYUCBHkoG8cBkrUGw8Q-XTs_nYU114pS2bhLevPNPOdXPkU8Pt3zrQvP_-gDaSc7hqdgccVMaRNCPtjnZRGURW5BADRAWdJoTDRJ2DNAXlW7qRk3fXDP7T4lo8S29PflAqebEJy9WRPC9Tdtv1Bf8mxdbWi-ohaAkc9jGXmvpZjNhLvqIV9fSEprkaqF8qDVxEyP8inEzpj84q8pZBMRpRPF8M4IQWAfluE7hG40CuBS6aj7krDVVPONQwlTkPyNgk_zWqrccxQPlzr8q68CMqyoS5BS5mtzM2E2DxXE_C3kcfahzQFEsrdOKgtCNjjiujY_AfPPyVMUHnxACVxDjmwRs6YvPih-2H04gudVrqeEYIAiDmdJOmjeV_0HEPCAO3jPbNGCa08-QX8wehbvH1rZecMwX4fe_dTupYUFRtBVRnzLBJH3Pc4RT8OnKTG_njNIyHzWMgV9oDAXe9q6Ibu4z6d2aENft7cz8iGkcwqUjP0z6Gi754lsQYRBGcrzQxGQLfVjtqNs2vCaPzzf-fwRmqeWZaYtgnkOdnYjiq1IK5Sn2gdIdGk8FbFw7_UzE3PcRszgpnVHiWcvgBHYKcln7pUDMRO5QU09Vhv9vJblni7rsRNSxh3Kay1Ds0gmKsOrHOm26lYDu5blNx3k5Osw9REifAUG2SYUtaiFsOLHwnbAVXWy0aR9PmJdQSdHSBlgZfvFNabeiDZgEfwY0VBZD5tjX7ytm4z4-6biZLMx0YOzTo0tLPICeQNSzLGBrYEo3g2ScSk0GlTJyNaKo5vsydO4&p=0.071&aid=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.94.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-94-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:51 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
log
qsearch-a.akamaihd.net/ Frame FFB2 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&dn=bg3.co&cid=8CUPEPKI9&ugd=4&cc=GE&sc=TB&ct=tbilisi&crid=222574718&size=320x50&iwb=1&ver=9.5.4&requrl=bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html%2F&acid=06b9ab75268c4ae39b1a0b0ab8827ec2&bidrestime=1688020663123&dc=eu_be&totalTime=4943660&totalTimeBucket=4&sat=0&other_prv=203&other_bids=0.058149&o_id=101&o_ver=NT+10.0&br_id=265&br_ver=89.0.4389.72&seat=16&clisp=rtb-common-6c979b6d59-ljb5q.BE&req_id=7d994ac8-e312-4915-8663-54f8e1211dc1&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&ogerpm=0.0000&rawbid=0.0710&time_stamp=2023-06-29+06%3A37%3A43&visibility=1&viewability=0.5900&stid=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&itype=prebid&pvid_seat=203_16&ckfl=0&mnckfl=0&sd=-1&bdp_wider_bucket=1&splid=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&app_type=prod&cliIP=1542442625&ogerpm_wd_bkt=0-1&advurl=erovnuliliga.ge%2F&bdr_typ=3&ss=1600x1200&dmm_l=0.0000&dmm_r=0.0000&dmm_d10=0.0000&e_rpm=0.0000&second_bidder=*&second_bid=0.000000&adtyp=0%7C1%7C2&gpid_sent=false&buyer_id=20224881068&pvag_id=1049735034&bcrid=16243_16_495981830&pst=EMS&zone=b&rc=3&asn=47810&sfm_key=3_203&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vplcmtt=-1&vcmplrt=-1.0&itype_id=3&wsip=mowx-6874888dd4-52xdc&sc_pvid=203&ogcbdp=0.0581&pbshr=90.0000&bdp=0.0646&bidfp=0.0000&dfpbd=0.0336&cut=48&prdp=0.0336&algo=unicorn&capd=0&strg=unicorn&dmm_m22=0.0000&server=1&bdp_bucket=0.05&dfp_bucket=0.0&floor_bucket=0.00&erpm_bucket=0.00&erpm_mult=1.000000&current_hour=6&current_day=4.0&dim4=exploration&level_base=0&dmm_m1=2023-06-29+06%3A37%3A43.132222223&dmm_m10=1630320&search_res=48&log_less=false&dim10=false&as_cache=0&mul_ratio=0.0000&predicted_wr=23.4519&cut_bkt=50&dmm_m9=0.0000&url_l1=a&url_l2=gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&seat_id=16&model_key=generic_prebid_bsdv-_0&model_version=202306281257_generic_prebid_bsdv-_0&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_ctr=-1.0000&ss_d1=1600&ss_d2=1200
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:38:00 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 29 Jun 2023 06:38:00 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame DF94 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 29 Jun 2023 06:37:52 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 29 Jun 2023 07:37:52 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-232.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9ndWktbWllLXBvLTR5aS1jaGVuLXpodS1zaGVuZy13ZWktbnUtZXItemh1aS1waWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04YTBkYWVjMC1hODk1LTRhNDQtYTI4Zi0wZmJlNjZiOTY1M2QiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJtZWRpYW5ldCIsInJldmVudWUiOjAuMDAwMDM0LCJyZXNwb25zZVRpbWUiOjExNzYsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6Im1lZGlhbmV0Iiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAwMzQsIndpbm5lckFkVW5pdElkIjoiNzg0MTExZjdiODFmNjVlIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzIweDUwIiwicHJlYmlkQXVjdGlvbklkIjoiN2Q5OTRhYzgtZTMxMi00OTE1LTg2NjMtNTRmOGUxMjExZGMxIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJHRSJ9&c_b=6461.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
log
hblg.media.net/ Frame DF94 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELAQCAAABAAAAAgAAAAAAAAEABgAAQIABAAgAINAATDU4Mzg4MDI5NDgwNDZfMTEzMDYyMzMzMF8yMjI1NzQ3MTgyMDMxQDA2YjlhYjc1MjY4YzRhZTM5YjFhMGIwYWI4ODI3ZWMylgOTGARWDi2yP5YBaHR0cHM6Ly93d3cuYmczLmNvL2EvZ3VpLW1pZS1wby00eWktY2hlbi16aHUtc2hlbmctd2VpLW51LWVyLXpodWktcGlhbi5odG1sBEdFDGJnMy5jbxI4Q1VQRVBLSTkIDDMyMHg1MAowLjAzNApldV9iZQxQUkVCSUQGYWRtAAAAAAAAgE1Apu353aBiAjEAAAAAAADwvzxydGItY29tbW9uLTZjOTc5YjZkNTktbGpiNXEuQkUCEDc1N2QyNWFjAmIC&cpr=0.7832406595946122
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:45 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 29 Jun 2023 06:37:45 GMT
clog
hblg.media.net/ Frame DF94 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4410&lper=1&itypeid=3&itype=PREBID&cc=GE&cid=8CUPEPKI9&reqid=7d994ac8-e312-4915-8663-54f8e1211dc1&vid=7d994ac8-e312-4915-8663-54f8e1211dc1&dn=bg3.co&rawDn=bg3.co&pid=8PRW23HG5&ugd=4&fleet=common&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_enf=false&geo_source=2&sc=TB&ct=tbilisi&pubid=pub-8CUPEPKI9&tgtval=pub-8CUPEPKI9&csip=rtb-common-6c979b6d59-ljb5q.BE&dtc=eu_be&zone=b&sd=-1&ptype=23&tmax=3000&xtmax=300&gdpr=0&gsi=0&app=0&sat=0&screeninfo=1600x1200&asn=47810&sckfl=0&usp_status=0&usp_enf=1&pexid=PREBID-8CUPEPKI9&geoll=false&is_ortb=false&s_city=Tbilisi&commit_id=757d25ac&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-06-28+00%3A00%3A00&pbasrc=0&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&ipcc=GE&is_msnnative_src=false&rtttime=214&req_tid_present=false&pvid=203&prvAccId=16&prvApiId=8CUPEPKI9&adj0=0.0&adj1=9.0&adj2=10.0&pst=0&crid=222574718&prspt=headerBid&prvReqId=5838802948046_1130623330_2225747182031&reqsize=320x50&size=320x50&chnl=unicorn&bdp=0.065&cbdp=0.034&og_cbdp=0.058&ogbdp=0.071&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=erovnuliliga.ge&dfpBd=0.034&dt=O&dbf=1&epc=222574718&s=1&snm=SUCCESS&bId=20224881068&pcrid=16_16_495981830&tpbTkn=false&pvAgId=1049735034&pvAgNm=TP+-+GE_GLOBAL+-+AMR+-+DV360+-+UA&iurl=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fad%3Fdbm_p%3DAKAmf-CbrrB94wsrowg3tA3-YdmZUThngoVYmRB4-19KJy_WCFSSgnsWcczuo13yxehzoI5KfQK5%26cry%3D1&exid=43&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=59&slotVisibility=1&adpos=1&iframingState=0&exp=ssProfile%3D0%7Cebc%3D1%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cbsw_cw_smpl%3D1%7Cdbr%3D1&mnrf=0&seat=16&ortbseat=16&brsrclk=0&bidrestime=1688020663123&fpuReq=0&bfs=103&acsn=1&bcrid=16243_16_495981830&strg=unicorn&stagid=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&vls=0&mang=1&pvdTmax=242&fpusp=false&ae=false&epcexp=false&moau=false&ucrid_ver=2&omid=0&apTags%3C%3E=75&apPrfs%3C%3E=62%23%2365%23%2313%23%2316%23%2361&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CUPEPKI9&mx_SPRIG=0&mx_bsBucket=1&mx_ssProfile=0&mx_g_uid_source_cvrg%3C%3E=pubcid%23EIDS&mx_int_dsp_id=23&mx_lr=0&mx_g_one_uid_sent=pubcid&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CUPEPKI9&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=10&mx_sent_seats%3C%3E=44%23%23191%23%23151%23%23250%23%23354%23%23431%23%23257%23%2374%23%2376%23%2316%23%23162%23%23165%23%23200%23%23366%23%23367%23%23148%23%23303%23%2380%23%23306&mx_GCID=0&mx_g_uid_cvrg%3C%3E=pubcid&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&mx_g_uid_sent%3C%3E=pubcid&mx_tgs=200x200%7C250x250%7C300x50%7C300x75%7C300x100%7C300x250%7C320x50%7C320x100%7C468x60%7C728x90&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_gpid_sent=false&mx_commit_id=4110dd7e6e&mx_sent_deals%3C%3E=Mnet_Bidtellect_View%23%23mn-viant-attmet-d%23%23mn-viant-ctr-d%23%23+mn-adelphic-bf%23%23mn_rad_eng_disp%23%23mn-bmw-oww-yah-d%23%23mn_mtk_aac_jj_disp%23%23mn_citi_yahoo_d%23%23mn-Stirista-d%23%23mn-joh-oww-gmp-vrz-dis%23%23mn-Stirista-politics%23%23mn_kohls_RON_dis%23%23mn_usaa_yahoo_d&linearity=1&is_video_cmp=false&acid=06b9ab75268c4ae39b1a0b0ab8827ec2&rtime=136.0&wsip=mowx-6874888dd4-52xdc&ltime=192.0&act=headerBid&abs=0%7C0%7Cnxblock%3D-1%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0%7C1%7C2&impId=471a2cc5c5c00bd&reftime=15000&reftype=0&keywordSellerId=false&dsid=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&mowxReqId=06b9ab75268c4ae39b1a0b0ab8827ec2_2&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0%23%231%23%232&ctr=-1.0&rfc=3&dfpDiv=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&supplyTagId=222574718&mnrfc=3&supply_placement=6&vplcmtt=6&video_maxdur=300&v_plcmt_override=0&v_placement_override=0&viewability_vendor=MEDIA.NET+EXCHANGE&viewability_mnet=59&v_mkey=gen-vblt_prebid_test_2_1&v_mver=202306282206_gen-vblt_prebid_test_2&v_alg=gen-vblt_prebid_all&vcmplrt=-1.0&imp_tid_present=false&actltime=199&debug_ts=2023-06-29+06%3A37%3A43&__expireat=1688024263386&mview=1&rme=adm&utime=1423&sf=0&cpr=0.5062150745371825
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:45 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 29 Jun 2023 06:37:45 GMT
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 72B5
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJ0musCo8X4AACKkg-8AAAAA
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJ0musCo8X4AACKkg-8AAAAA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82217

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 29 Jun 2023 06:37:46 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"91.239.206.129","key":"ZJ0musCo8X4AACKkg-8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad205"}
X-SO-Key
ZJ0musCo8X4AACKkg-8AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad205
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJ0musCo8X4AACKkg-8AAAAA
Cache-Control
private
X-SO-HostName
m-ad205.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
91.239.206.129
su
ih.adscale.de/ Frame 72B5 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 72B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 72B5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJGRX3F9-C-CG73
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJGRX3F9-C-CG73
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82231

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJGRX3F9-C-CG73
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 72B5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Yy6flc5E2oSQAHZcZF0MylO87Czq_eWzmSxUgw--~A
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Yy6flc5E2oSQAHZcZF0MylO87Czq_eWzmSxUgw--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82232

Redirect headers

date
Thu, 29 Jun 2023 06:37:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Yy6flc5E2oSQAHZcZF0MylO87Czq_eWzmSxUgw--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 72B5
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=bc27f53f83a911da83bc3011746cfb94
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=bc27f53f83a911da83bc3011746cfb94
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82210

Redirect headers

location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=bc27f53f83a911da83bc3011746cfb94
date
Thu, 29 Jun 2023 06:37:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 72B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECMhE71eZN3Z0k3CDr8-iCM&google_cver=1
0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECMhE71eZN3Z0k3CDr8-iCM&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
82
date
Thu, 29 Jun 2023 06:37:46 GMT
via
1.1 varnish
x-served-by
cache-mxp6921-MXP
server
nginx
x-timer
S1688020667.609655,VS0,VE82
x-fastly-to-nlb-rtt
80067
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECMhE71eZN3Z0k3CDr8-iCM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 72B5 		42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35:$UID
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 29 Jun 2023 06:37:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 72B5
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
date
Thu, 29 Jun 2023 06:37:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82215
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 72B5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
78
date
Thu, 29 Jun 2023 06:37:45 GMT
via
1.1 varnish
x-served-by
cache-mxp6921-MXP
server
nginx
x-timer
S1688020665.987041,VS0,VE78
x-fastly-to-nlb-rtt
77004
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 72B5
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
HTTP/1.1
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 72B5 		49 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
ka-GE
content-type
image/gif
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-6lrt4
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 72B5 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 72B5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=14a19c98-44a2-4160-baa3-5a98e76a42de
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=14a19c98-44a2-4160-baa3-5a98e76a42de
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82208

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:48 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=14a19c98-44a2-4160-baa3-5a98e76a42de
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
936608
content-length
0
expires
Thu, 29 Jun 2023 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 72B5
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f7b4RCzoo7YRvrlzLTt2b1iF1rdlxi4-Y1h66QI1XQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/6/2.gif?puid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&ttl=%%TTL%%
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LJGRX3F9-C-CG73&gdpr=0
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/19/3/5.gif?puid=3957614a17ac99816ec4962191df004e&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=3957614a17ac99816ec4962191df004e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=3957614a17ac99816ec4962191df004e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7...
  • https://id5-sync.com/c/464/485/2/6.gif?puid=39722627727691159221184553471089160667&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/1/7.gif?puid=33701AC0B730B3D&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=ZJ0mwwANKxvc6gA2
  • https://id5-sync.com/c/464/136/0/8.gif?puid=ZJ0mwwANKxvc6gA2&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-f7b4RCzoo7YRvrlzLTt2b1iF1rdlxi4-Y1h66QI1XQ
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-f7b4RCzoo7YRvrlzLTt2b1iF1rdlxi4-Y1h66QI1XQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84081

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-f7b4RCzoo7YRvrlzLTt2b1iF1rdlxi4-Y1h66QI1XQ
date
Thu, 29 Jun 2023 06:37:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 72B5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4effcf1f-7e8f-42bc-8bb3-b7df3362d775&ssp=taboola&expires=30&user_group=5&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82231

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date
Thu, 29 Jun 2023 06:37:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 72B5
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7cb5138a-a4b4-4a6e-af62-319634a85fa2
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7cb5138a-a4b4-4a6e-af62-319634a85fa2&tbid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&query=taboola_hm%3D7cb5138a-a4b4-...
0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7cb5138a-a4b4-4a6e-af62-319634a85fa2&tbid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&query=taboola_hm%3D7cb5138a-a4b4-4a6e-af62-319634a85fa2&isDirect=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 29 Jun 2023 06:37:53 GMT
via
1.1 varnish
server
nginx
x-timer
S1688020673.192867,VS0,VE27
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6921-MXP

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7cb5138a-a4b4-4a6e-af62-319634a85fa2&tbid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&query=taboola_hm%3D7cb5138a-a4b4-4a6e-af62-319634a85fa2&isDirect=0
date
Thu, 29 Jun 2023 06:37:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84004
sd
u.openx.net/w/1.0/ Frame 72B5 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 72B5 		37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 29 Jun 2023 06:37:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 72B5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=uOx-wXXTUAFvZsd1JgQE2lvvzoE
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=uOx-wXXTUAFvZsd1JgQE2lvvzoE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
83300

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=uOx-wXXTUAFvZsd1JgQE2lvvzoE
Date
Thu, 29 Jun 2023 06:37:58 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
t.adx.opera.com/ Frame 72B5 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 72B5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=281fd4a9-4ad2-4281-8e67-cb2960553830
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=281fd4a9-4ad2-4281-8e67-cb2960553830
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82213

Redirect headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=281fd4a9-4ad2-4281-8e67-cb2960553830
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:44 GMT
x-amz-request-id
H94FJWAASNXACN8Y
age
3323
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
8WdH+xczaFe1eqbP6uhBtmeiAXrbpYFeRAWQ5dFgC6C272jCeuos7M3xJKCXQ+u1QBjnGzDHVZQ=
x-served-by
cache-mxp6921-MXP
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1688020665.722398,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
79
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
10311
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:44 GMT
x-amz-request-id
30CY49K8XHP39FSW
age
26973
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
7aQGNHaCtIjELai7pC4skDDPaj4Y+Gv9U+t+GrOiet4J8UDvIP3fxIDax5ORl6I8THMkCxTjFg0=
x-served-by
cache-mxp6921-MXP
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1688020665.722379,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
10
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
31825
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Jun 2023 06:37:44 GMT
x-amz-request-id
E0K3EADYPH4DYY6V
age
2714
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
o84c2xeVrQDatJK5eXb5G91D+ix4Rc43AkKKvwz6enw4FiKp4x48sJSXDujLJwZa9RBWxK/kpqA=
x-served-by
cache-mxp6921-MXP
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1688020665.722357,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
67
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
681
cookie.js
partner.googleadservices.com/gampad/ Frame EBDC 		210 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js?bust=31075534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
371a19bb5761b08f01dc6d4b3178da91c826ac30ca8d5eeffee76c703c059a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EBDC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js?bust=31075534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 554A 		71 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js?bust=31075534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
2a41c5bc342ba16ef770e490619a4ca606ceb1b87031a583cc5dbfa53bd8dad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
30054
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:45 GMT
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 3FD7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
80
date
Thu, 29 Jun 2023 06:37:45 GMT
via
1.1 varnish
x-served-by
cache-mxp6921-MXP
server
nginx
x-timer
S1688020665.337614,VS0,VE80
x-fastly-to-nlb-rtt
79751
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8334b4be-2d19-4991-ac01-0a3d6f7ad157
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 3FD7
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&av_tc=True
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=0f31786a-2de3-459e-a2ac-a5a973c93b36&expires=15&ssp=taboola&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82216

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date
Thu, 29 Jun 2023 06:37:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usync.js
eus.rubiconproject.com/ Frame 8A22 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8af3518ce1943c3dc09cbfb280463e74cc924bc45bdedc5fe61848f72c29e2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 02:46:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72570
Connection
keep-alive
Content-Length
10113
Expires
Fri, 30 Jun 2023 02:47:14 GMT
usync.js
eus.rubiconproject.com/ Frame AF38 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8af3518ce1943c3dc09cbfb280463e74cc924bc45bdedc5fe61848f72c29e2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 02:46:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72569
Connection
keep-alive
Content-Length
10113
Expires
Fri, 30 Jun 2023 02:47:14 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 1830 		210 B
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
f8a4b657194a0cd88ecf77f8bdc066c4c25885e1aa52b5df5f370eb49fd3bed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
195
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1830 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame 00CB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168802...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
content-length
459
content-type
text/html
date
Thu, 29 Jun 2023 06:37:47 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
x-amz-cf-id
CnKD5CO63ls9fiiMvjTgdg2siPEE78bq4Afn8pSPPsIB1fGKQYm0_A==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
RefreshHit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:45 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/ Frame 5A56 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a9262e4f0004178b2eb384213e53dd3e0c71eb13584d3f6b6dba57437014c1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
71285
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127813
x-xss-protection
0
server
cafe
etag
18191761431352456992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 27 Jun 2024 10:49:40 GMT
usync.html
eus.rubiconproject.com/ Frame 9372 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Jun 2023 06:37:45 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ Frame 6351 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
61282
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127740
x-xss-protection
0
server
cafe
etag
1744020965594933375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 27 Jun 2024 13:36:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230626/r20110914/ Frame D83F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230626/r20110914/abg_lite_fy2021.js
Requested by
Host: bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
URL: https://bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
2e72c758e7736e7e076632f78fd3cddd13ec53094ea1436db85f336ede7d93e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
32423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9140
x-xss-protection
0
server
cafe
etag
3220921055065218126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:37:22 GMT
css
fonts.googleapis.com/ Frame D83F 		0
0
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame D83F 		0
0
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame D83F 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230626/r20110914/client/ Frame D83F 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230626/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
URL: https://bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
32423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
8395464388031192745
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:37:22 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Jun 2023 06:37:58 GMT
container.html
mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/ Frame 4121 		667 B
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/creativewrapper/0-0-1/js/cw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-69.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f00340624ead5370c90c6c143feaeee7120ce637921e26df9ed73e4c06b3e497
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=725711
content-length
667
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:48 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
container.html
mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/ Frame AD74 		667 B
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/creativewrapper/0-0-1/js/cw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.69 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-69.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f00340624ead5370c90c6c143feaeee7120ce637921e26df9ed73e4c06b3e497
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=725711
content-length
667
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:48 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 8A22
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LJGRX3F9-C-CG73
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LJGRX3F9-C-CG73
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/10487bdc-548d-30fb-824e-d65474e74d22?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-cSZeZnBE2oUMiEvpIYYfEBvPPYA9iFrOl7YxcrE-~A&redirect=
35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-cSZeZnBE2oUMiEvpIYYfEBvPPYA9iFrOl7YxcrE-~A&redirect=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:54 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Thu, 29 Jun 2023 06:37:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-cSZeZnBE2oUMiEvpIYYfEBvPPYA9iFrOl7YxcrE-~A&redirect=
content-length
0
17721118560835046037
tpc.googlesyndication.com/daca_images/simgad/ Frame 554A 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/17721118560835046037
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
d04ef1c15c39c2134c2de16c5a203d82aa498b5d9202bbb93ea971559fcb7f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 21:03:04 GMT
x-content-type-options
nosniff
age
466481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105125
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 12:15:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 21:03:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230626/r20110914/ Frame 554A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230626/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
2e72c758e7736e7e076632f78fd3cddd13ec53094ea1436db85f336ede7d93e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
32423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9140
x-xss-protection
0
server
cafe
etag
3220921055065218126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:37:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230626/r20110914/client/ Frame 554A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230626/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
32423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:37:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230626/r20110914/client/ Frame 554A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230626/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
32423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
8395464388031192745
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:37:22 GMT
l
www.google.com/ads/measurement/ Frame 554A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSE-1Z6K7Sl0fxL3M2sh_V-2NEWm3UGcruXsLvSqBUZSYKzHCka_dFN9_k1ZC24nQ7ewU8FxaNezIi9-qF8DNeR_hO0Gw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1688020665378&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1529&pt=1115329249&tz=0&viewable=true&ddast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=inout2_vB!nonrv_vA!nrlc_vA!ufm_vG!ul3292_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b27d317eb23b000799a1ab8e4dd3ac2fa2c6ff5182ce9ad0db5ddff3bf6bc0f0

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1469
x-cache
MISS
x-served-by
cache-mxp6921-MXP
pragma
no-cache
server
nginx
x-timer
S1688020665.460565,VS0,VE146
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
pips.taboola.com/ 		4 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230027-FRA
date
Thu, 29 Jun 2023 06:37:45 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 9372 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8af3518ce1943c3dc09cbfb280463e74cc924bc45bdedc5fe61848f72c29e2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 02:46:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72569
Connection
keep-alive
Content-Length
10113
Expires
Fri, 30 Jun 2023 02:47:14 GMT
adchoice_logo_15x15_v2.png
dsp-media.eskimi.com/upload/wl/eskimi/ Frame E2C2 		360 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15_v2.png?_=2.1.0.9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Thu, 29 Jun 2023 06:37:45 GMT
cdn-edgestorageid
1055
cdn-cachedat
06/16/2023 07:20:03
cdn-pullzone
692289
content-length
360
last-modified
Tue, 28 Feb 2023 09:21:44 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"63fdc7a8-168"
content-type
image/png
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cache-control
public, max-age=31536000
cdn-requestid
df90c29d7dabcbdfc6ac2380d59cb056
accept-ranges
bytes
cdn-requestcountrycode
GE
cdn-status
200
expires
Sat, 15 Jun 2024 07:20:03 GMT
site
dsp-trk.eskimi.com/tracking/ Frame E2C2 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/tracking/site?e=34ZwW-uHaE3ANE7ZN-DyISzLqJ8BFntzd95JGVj8JEChTuFjDD4U5EiZ6cFyfIDJyLFPrb3TfFP3WDAfBwNjDQNwWAsKYyr4rcAcIGbr2y2gN5y-d9MOmUUyQeLdBkibjWb9lPldc3FOsZQA-9_icx9c6MZdEFnAms5bDNH7eUW23FeV0W0W73WgN3SQhGbUTHZH8AU0cHm7i2ZswAs2QTmQO6asz3fs5oFbdjYCZG4gpedDbQp0l58u3kDUuSJh8oGF_0K1x-5-b_xSNNEZU1rGACuXCFFr9gf0DpBE4ABUMt_53XkX1V6JOPMvKtBhk3UsHGB_s9UYPqLBOdb8HhxLhoxza17ywgXmmq7m2WCVVIDg4Eaq1T7zyOVFmhJDeO3cgycKWDqYN6_zd2Q5iTzPJjYopZn6iudA7RdTjc5HGaocjLIpTPYU2V6XfjiLbx3Fm_fFlMZ5Q2oKypWlOjtRavYjYQ2rM2V4pBZKu-pEUlfetLmLBG0oMh9PcyWmix0zEOWsDk8oDFLQ5x8iEJF3LhjJgm-_BJssA-vyfJC5y0qD2I5fDn3YypXcQ2Fv&d=bg3.co&ex=14&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
utr.min.js
dsp-media.eskimi.com/assets/js/e/ Frame E2C2 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/utr.min.js?vv=0&trv=0&trve=0&src=utr&bId=1688020662974.14.63b84df1-da87-4e08-9e69-91b74ad19b3f&baId=ead-e268ef808171198a2dedc76c6b04f7f4&mr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 28 Jun 2024 06:37:45 GMT
date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1055
cdn-cachedat
06/29/2023 06:37:45
cdn-pullzone
692289
last-modified
Thu, 01 Dec 2022 09:59:55 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63887b1b-29ad"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
c1107b59f543164870bfb5af5740972c
cdn-requestcountrycode
GE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gtr.min.js
dsp-media.eskimi.com/assets/js/e/ Frame E2C2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 27 Feb 2024 09:17:37 GMT
date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1055
cdn-cachedat
02/27/2023 09:17:37
cdn-pullzone
692289
last-modified
Fri, 24 Feb 2023 12:08:35 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63f8a8c3-19cc"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
46973968db1d989d63a4ebf721b3abf8
cdn-requestcountrycode
GE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ Frame E2C2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96b0ee02bc01f5b6e9caaf04250d6fe703c19ae64e815c1c8e4fd9e56133f11d

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 900C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
2515
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 05:55:50 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 64F2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
56003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 15:04:22 GMT
etag
48472445140208031
expires
Thu, 29 Jun 2023 15:04:22 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 554A 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:45 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230626/r20110914/client/ Frame 554A 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230626/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
91402109a7033f76c025a6092755ca387371a2ae90fbe95b3f000ed3b0eee932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
31783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13600
x-xss-protection
0
server
cafe
etag
10056473676346363193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:48:02 GMT
pixel
cm.g.doubleclick.net/ Frame 8A22
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Y3MGFiMzg2YzgyYjZkZDU3MjkzM2JkMjIzNjljMDhiYTYxMDYwZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Y3MGFiMzg2YzgyYjZkZDU3MjkzM2JkMjIzNjljMDhiYTYxMDYwZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Y3MGFiMzg2YzgyYjZkZDU3MjkzM2JkMjIzNjljMDhiYTYxMDYwZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8A22
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=&expires=30
42 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 8A22
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpHUlgzRjktQy1DRzcz
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL12VxOarGaTfw096ONucVk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpHUlgzRjktQy1DRzcz&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpHUlgzRjktQy1DRzcz&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpHUlgzRjktQy1DRzcz&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8A22 		0
0
setuid
px.ads.linkedin.com/ Frame 8A22
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJGRX3F9-C-CG73
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJGRX3F9-C-CG73
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 80981AF846204799940B8F45B010BB26 Ref B: VIEEDGE3716 Ref C: 2023-06-29T06:37:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX/PvBnbRRyxqfnbzkqHg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJGRX3F9-C-CG73
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8A22
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=I4mxkt1DTOq5LCi6ui4Yng&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I4mxkt1DTOq5LCi6ui4Yng
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I4mxkt1DTOq5LCi6ui4Yng
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GJD6DZDDJZA9EWC4GW4Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I4mxkt1DTOq5LCi6ui4Yng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8A22
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZRCTrYAtF1ZUnB-IbiLSZg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4JQ_XZxE2oIbUAztdFPQpKy1xo4mWXh8ISauMg--~A
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4JQ_XZxE2oIbUAztdFPQpKy1xo4mWXh8ISauMg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 29 Jun 2023 06:37:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4JQ_XZxE2oIbUAztdFPQpKy1xo4mWXh8ISauMg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8A22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOLG3jTKfkpeLQVO6YEjqvA&google_cver=1
42 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOLG3jTKfkpeLQVO6YEjqvA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOLG3jTKfkpeLQVO6YEjqvA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.js
sync.logly.co.jp/sync/ Frame 2319 		491 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.logly.co.jp/sync/sync.js
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.208.201 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-208-201.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0e52dd57f0c22242eab17c36eb3394ce38eca57fd433080fe16f3c01e06232a8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://sync.logly.co.jp/sync/sync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:45 GMT
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
access-control-allow-origin
*
content-type
text/javascript
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
/
cds.taboola.com/ 		0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 9372 		0
0
gtr
dsp-ap.eskimi.com/v2/ Frame E2C2 		731 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-ap.eskimi.com/v2/gtr?&t=1688020665602
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.201.186.35.bc.googleusercontent.com
Software
/
Resource Hash
57d9a4d8aeacb61a4fb1d18cc6cf21bfbc570c0d518b12543343c294713c8a48

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 29 Jun 2023 06:37:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
trv
dsp-trk.eskimi.com/ Frame E2C2 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?bId=1688020662974.14.63b84df1-da87-4e08-9e69-91b74ad19b3f&trve=0&trv=0&src=utr&_=1688020665605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
trv
dsp-trk.eskimi.com/ Frame E2C2 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?bId=1688020662974.14.63b84df1-da87-4e08-9e69-91b74ad19b3f&trve=1&trv=0&src=utr&_=1688020665606
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
integrator.js
adservice.google.com/adsid/ Frame 5A56 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5A56 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1267474636952769&correlator=1842501134247808&eid=31075028&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1688020665675&lmt=1644386353&dlt=1688020663848&idt=1812&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=m47xa4br3p6p&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1561147859.1688020666&ga_sid=1688020666&ga_hid=1927450654&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f304e9334f67aa9619e29844666e1a8eaca4d0bfc36c9994603ec2b46b9ad11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
80f97d1e0b5008bb5bd47127c625a037.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3EEC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://80f97d1e0b5008bb5bd47127c625a037.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:45 GMT
expires
Fri, 28 Jun 2024 06:37:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6351 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6351 		492 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=47582213503327&correlator=3607098015507809&eid=31072019%2C31075693%2C31075743&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1688020665722&lmt=1644386353&dlt=1688020663850&idt=1843&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=qc1sllo7foxg&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=542853872.1688020666&ga_sid=1688020666&ga_hid=172985584&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2a5f647625545bf2db959a54609abc5d5807ea3e1425d320e5b0a2148a6ea573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fece383fe8e3a5293e6b4076ba2f38bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A187 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fece383fe8e3a5293e6b4076ba2f38bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:45 GMT
expires
Fri, 28 Jun 2024 06:37:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 64F2 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELnT2dKPqd8LV7RysHNZ__M&google_cver=1&google_push=AaAOQGF1xzSLFvMswlgkM2sT6kILFbyZSJnfQuit_2-7zYxQVwhfjslPu7mo0-KIn4WPrajo9o0mSo3aLQ8Ps3asmRe6cAvC9Z8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adxcookie
match.adsby.bidtheatre.com/ Frame 64F2 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 64F2 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEBoeXdWFZskERo7m82IDFYI&google_cver=1&google_push=AaAOQGFpgH4ffqbJDkk1hEQzNQANc_YiomELlIR8PuvKtRiRW1XBEd5LNzj9VMdCmDEjwEAxKHUQ8AyoPLsAHVfVKT0M9yOj7g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
185917
expires
Thu, 29 Jun 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 64F2
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAaAOQGGr_e_QrcBNaSNo1zC5jULXZAblw2zoL1SyI1__z9IhK7AhweJzG-E41Uoh_hNl7Cxb8sl4alCDYG...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AaAOQGGr_e_QrcBNaSNo1zC5jULXZAblw2zoL1SyI1__z9IhK7AhweJzG-E41Uoh_hNl7Cxb8sl4alCDYG8exgIxwgZpb6d1Z2Y&google_hm=f4a111a0-c7f4-4455-975...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AaAOQGGr_e_QrcBNaSNo1zC5jULXZAblw2zoL1SyI1__z9IhK7AhweJzG-E41Uoh_hNl7Cxb8sl4alCDYG8exgIxwgZpb6d1Z2Y&google_hm=f4a111a0-c7f4-4455-975e-a3b937298ca0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-192
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AaAOQGGr_e_QrcBNaSNo1zC5jULXZAblw2zoL1SyI1__z9IhK7AhweJzG-E41Uoh_hNl7Cxb8sl4alCDYG8exgIxwgZpb6d1Z2Y&google_hm=f4a111a0-c7f4-4455-975e-a3b937298ca0
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 64F2
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEPGMCgeBkM6kJfYbCXUfZjc&google_cver=1&google_push=AaAOQGHDMPdReKTp_mhmAbV-5R51h0KPn35co2Xu6ZGklQElHUA933m_DoXZ0Z8ntO0pXuxlZWHbWpIGbg7MFjtiBjhc6q...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPGMCgeBkM6kJfYbCXUfZjc&google_cver=1&google_push=AaAOQGHDMPdReKTp_mhmAbV-5R51h0KPn35co2Xu6ZGklQElHUA933m_DoXZ0Z8ntO0pXuxlZWHbWpIGbg7MFjti...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=glUi44qARN-9ALKlzzl6pg&google_push=AaAOQGHDMPdReKTp_mhmAbV-5R51h0KPn35co2Xu6ZGklQElHUA933m_DoXZ0Z8ntO0pXuxlZWHbWpIGbg7MFjt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=glUi44qARN-9ALKlzzl6pg&google_push=AaAOQGHDMPdReKTp_mhmAbV-5R51h0KPn35co2Xu6ZGklQElHUA933m_DoXZ0Z8ntO0pXuxlZWHbWpIGbg7MFjtiBjhc6qDR_p4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=glUi44qARN-9ALKlzzl6pg&google_push=AaAOQGHDMPdReKTp_mhmAbV-5R51h0KPn35co2Xu6ZGklQElHUA933m_DoXZ0Z8ntO0pXuxlZWHbWpIGbg7MFjtiBjhc6qDR_p4
access-control-allow-origin
*
date
Thu, 29 Jun 2023 06:37:47 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 64F2
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEEaqq1JRSWAC5W3WJxRvDz4&google_cver=1&google_push=AaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8IDnvGpk
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-fa18s85VI9ZMs_t91x9YXbzY6pV_ft5apjP_YMsIPg&google_push=AaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8...
  • https://cm.g.doubleclick.net/pixel?google_hm=wK9galH7jPw8U2TpgDdk&google_push=AaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8IDnvGpk&google_nid=inmobi_n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=wK9galH7jPw8U2TpgDdk&google_push=AaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8IDnvGpk&google_nid=inmobi_new_eb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 29 Jun 2023 06:37:48 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=wK9galH7jPw8U2TpgDdk&google_push=AaAOQGEi3d492nD90VsJ37dfvrARZrv8iHm_HvPbnN9b5lz9Cfw6htsXL9I3or8o0vS-iHssOt0c0-4LV-_V60lSSdV8IDnvGpk&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
224
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 64F2
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESELU8DqZeokVBA6LVd75dIRg&google_cver=1&google_push=AaAOQGEtxwF6SinnDPqI2SgmYFuRAqMylEenTXjBHexFfMmF58nypsoHk6RZ9T83eqlXoUH7o1IMp80GEOqRLaLHrvVAXyCG2yCf
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGEtxwF6SinnDPqI2SgmYFuRAqMylEenTXjBHexFfMmF58nypsoHk6RZ9T83eqlXoUH7o1IMp80GEOqRLaLHrvVAXyCG2yCf&google_hm=cd9c4fdd07a636...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGEtxwF6SinnDPqI2SgmYFuRAqMylEenTXjBHexFfMmF58nypsoHk6RZ9T83eqlXoUH7o1IMp80GEOqRLaLHrvVAXyCG2yCf&google_hm=cd9c4fdd07a636c4fe3c8da4793d2463
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGEtxwF6SinnDPqI2SgmYFuRAqMylEenTXjBHexFfMmF58nypsoHk6RZ9T83eqlXoUH7o1IMp80GEOqRLaLHrvVAXyCG2yCf&google_hm=cd9c4fdd07a636c4fe3c8da4793d2463
date
Thu, 29 Jun 2023 06:37:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 64F2 		0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lh8lT_qazdNxyoc3mpOacbNlSCGSrRDfE2Kwu1N03yWT0BcvEUxYk7pv9IAzsfbbhkwkII9gs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 900C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:46 GMT
expires
Thu, 29 Jun 2023 06:37:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 554A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29b8d2a57ce3c936b1bf8b35bc28dff4695373f9522852c4e55d885faabb9ecf

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5A56 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
231fc093ad945f988a7e83093953a30c405836cd5d7b25d411ed87267e5a4b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11399
x-xss-protection
0
set
sync.im-apps.net/imid/ Frame 2319 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?cid=6858&tid=lid&uid=PwP4qxe1rbN8aM5fQQfjMqE9SQ8
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://sync.logly.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:46 GMT
Cache-Control
private, max-age=3000
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
aw.dw.impact-ad.jp/c/mapr/ Frame 2319
Redirect Chain
  • https://aw.dw.impact-ad.jp/c/map/?oid=26eb996a1a9c6758&cid=PwP4qxe1rbN8aM5fQQfjMqE9SQ8&sp=dsd
  • https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=PwP4qxe1rbN8aM5fQQfjMqE9SQ8&sp=dsd
43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aw.dw.impact-ad.jp/c/mapr/?oid=26eb996a1a9c6758&cid=PwP4qxe1rbN8aM5fQQfjMqE9SQ8&sp=dsd
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Server
35.186.254.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.254.186.35.bc.googleusercontent.com
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://sync.logly.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains;
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif

Redirect headers

date
Thu, 29 Jun 2023 06:37:46 GMT
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains;
content-type
text/plain; charset=utf-8
location
/c/mapr/?oid=26eb996a1a9c6758&cid=PwP4qxe1rbN8aM5fQQfjMqE9SQ8&sp=dsd
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pubmatic.gif
sync.logly.co.jp/rtb/ Frame 2319
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=162474&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162474%26pr%3Dhttps%253A%252F%252Fsync.logly.co.jp%252Frtb%252Fpubmatic.gif%253Fbu...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=162474&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162474%26pr%3Dhttps%253A%252F%252Fsync.logly.co.jp%252Frtb%252Fpubmatic.gif%253Fbu...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDBDNTk0RjQtQzdCRC00ODM0LTk3QkYtQTU2RUE3RDA0RTY0&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=162474&pr=https%3A%2F%2Fsync.logly.co.jp%2Frtb%2Fpubmatic.gif%3Fbuyeruid%3D40C594F4-C7BD-4834-97BF-A56EA7D04E64
  • https://sync.logly.co.jp/rtb/pubmatic.gif?buyeruid=40C594F4-C7BD-4834-97BF-A56EA7D04E64
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.logly.co.jp/rtb/pubmatic.gif?buyeruid=40C594F4-C7BD-4834-97BF-A56EA7D04E64
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Server
175.41.208.201 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-208-201.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://sync.logly.co.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:56 GMT
server
nginx
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
access-control-allow-origin
*
content-type
image/gif
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept

Redirect headers

location
https://sync.logly.co.jp/rtb/pubmatic.gif?buyeruid=40C594F4-C7BD-4834-97BF-A56EA7D04E64
date
Thu, 29 Jun 2023 06:37:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6351 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1d0f347498e3bd2dca0e0fc8cdb38f2e9604c36a8a928bedd236b5858834d7f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11159
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5A56 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 06:37:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E2C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOoycz6xNpUtnkqVFZwqkkHShx5HMmbj48F0MeuWGKgSlE7w_pxSxlndiYzxdKxn2ODlED7Xh8v0C3FDU2PWoni2u78zqaoKzmqAzFvYXCjfmBRuvLiTbIlmdSAzox6Uh-Dp2sONLGK7p0992QkYAjQJPqWncXHH12jUq3T83SUvmayViS2zgqaCnwu-ArM_DFh5cBUJ4QufTMWYr_7uN-K1WP--ufKKeyQo_WxZW7RkVtm1tpFzdMuO2sknfcAPslz0F6my_JMSRgFlGUSDnicR8f6tJXbwIrpOYvoLsACRGojEP5uDsH_QlkORGthHX7To4&sai=AMfl-YSTlZLOMfFGkn-gTGy3ZqdRTu7qrD9C1x1sP7fzAqjhBW4vZ1loIB4Wdsar59MUz9rcAT6awg5fWdRHMF-6z5xjc2T9xn0hu6-vQb758y3ls-cFyftPmltMubh1jMY9uIGETQ6-DhxODMf7IBc&sig=Cg0ArKJSzEOokiAnqJBhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Jun 2023 06:37:46 GMT
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame AB0D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1688020664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688020663455&bpp=27&bdt=1531&idt=1208&shv=r20230626&mjsv=m202306200101&ptt=5&saldr=sa&cookie=ID%3D74535a6aa46919d7%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_Mb_vVuZ6uWRjYrdZbUc3_TlbdifEg&gpic=UID%3D00000c34c7d21ad5%3AT%3D1688020663%3ART%3D1688020663%3AS%3DALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q&correlator=2987796207432&frm=23&ife=1&pv=2&ga_vid=1614580128.1688020663&ga_sid=1688020665&ga_hid=19319258&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2812333880&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C31075534%2C42532315%2C44788441&oid=2&pvsid=2153882318268240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.74vqcsj85d3x&fsb=1&dtd=1428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
71795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:41:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6351 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 06:37:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A90E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
28744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 22:38:42 GMT
expires
Thu, 27 Jun 2024 22:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C2C4 		783 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
ef88a08ab82f53b08c346d044ad9d46a7920c65637c4f0fc003e24a4cee89b66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3EdZQTWBUQm3AlVG5qdIkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-3EdZQTWBUQm3AlVG5qdIkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:46 GMT
expires
Thu, 29 Jun 2023 06:37:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame 		0
0
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		108 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
bc9d7b8f3b26f222cc2a74a0ff76412e754c4ecc375dffc67c506706787ca039

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 29 Jul 2023 06:37:46 GMT
sync
eb2.3lift.com/ Frame A433
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
8774af427d8cd79256f4aa3454fe1ba4f33cef59478e3ef9c1ea8aecfd1d3537

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Thu, 29 Jun 2023 06:37:46 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 29 Jun 2023 06:37:46 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame FB27 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
355
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7dec29c2faa52dc5-TBS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:49 GMT
expires
Thu, 29 Jun 2023 10:37:49 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 3927 		666 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7b6c4066415a89edc8b723b1ed6f55ebdadbdcd235d173409e74803178969436

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
418
content-type
text/html
date
Thu, 29 Jun 2023 06:37:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 30E0 		0
0
usync.html
eus.rubiconproject.com/ Frame EAD3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Jun 2023 06:37:46 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 785A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1688020663029
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
61e4ceaea9badec73164d218ee6e1f2b0632289c1bc1745aef3ceb6deaaf4f43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1378
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 15BB 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8c2fd98c082a5b9c87321aecc26c5cff59b92eec9d751da9d04b18a0db681f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11962
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:50 GMT
expires
Sat, 01 Jul 2023 06:37:50 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 90F4 		0
0
/
csync.smilewanted.com/ Frame 8664 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7dec29acdb0b2dcd-TBS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:46 GMT
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame EAD3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8af3518ce1943c3dc09cbfb280463e74cc924bc45bdedc5fe61848f72c29e2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 02:46:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72568
Connection
keep-alive
Content-Length
10113
Expires
Fri, 30 Jun 2023 02:47:14 GMT
/
onetag-sys.com/match/ Frame 785A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 29 Jun 2023 06:37:46 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x15 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Jun 2023 06:37:45 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 785A 		0
0
/
onetag-sys.com/match/ Frame 785A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7226639094620937395
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7226639094620937395
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 29 Jun 2023 06:37:46 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e8f62de1-7f45-4f98-b135-0d6cfb185e50
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7226639094620937395
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 785A 		42 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=QrDdEMIgIGZ6sNJ0YH0_N8XIkDJCzKQAPsRmu3qjaoI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 785A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQXfSSjiMyXkJ1_KOxsOKwNW-4TNqjD8bQ
170 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQXfSSjiMyXkJ1_KOxsOKwNW-4TNqjD8bQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQXfSSjiMyXkJ1_KOxsOKwNW-4TNqjD8bQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 785A 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:45 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 785A 		0
0
ecm3
s.amazon-adsystem.com/ Frame 785A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=66tcrXkPBYRReG93tdN2_zKscMfa-UC4MkIywvno9oE
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=66tcrXkPBYRReG93tdN2_zKscMfa-UC4MkIywvno9oE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V4VT9G97Z15X8W5T9RGE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=66tcrXkPBYRReG93tdN2_zKscMfa-UC4MkIywvno9oE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 785A 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:54 GMT
content-length
0
/
onetag-sys.com/match/ Frame 785A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOCcdkRWeIYQRaqcAvVX7Lg&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOCcdkRWeIYQRaqcAvVX7Lg&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOCcdkRWeIYQRaqcAvVX7Lg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 785A 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 785A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 785A 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1688020663029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.169.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-169-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 3927
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7aec649d-26b8-4c00-9efc-873fef46c2c7
43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7aec649d-26b8-4c00-9efc-873fef46c2c7
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 29 Jun 2023 06:37:46 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x7 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7aec649d-26b8-4c00-9efc-873fef46c2c7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Jun 2023 06:37:45 GMT
sd
us-u.openx.net/w/1.0/ Frame 3927
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3HyIFth-00XHeoVG33mcS9t6gRPHeYhHjCxqKG6k
43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3HyIFth-00XHeoVG33mcS9t6gRPHeYhHjCxqKG6k
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3HyIFth-00XHeoVG33mcS9t6gRPHeYhHjCxqKG6k
date
Thu, 29 Jun 2023 06:37:46 GMT
cache-control
private, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 3927
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5397954210711331650
43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5397954210711331650
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5397954210711331650
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 3927
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=af25378a-a0d3-73d6-fcc9-caafc1289c84&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8334b4be-2d19-4991-ac01-0a3d6f7ad157&ttd_puid=af25378a-a0d3-73d6-fcc9-caafc1289c84&gdpr=0&gdpr_consent=
43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8334b4be-2d19-4991-ac01-0a3d6f7ad157&ttd_puid=af25378a-a0d3-73d6-fcc9-caafc1289c84&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8334b4be-2d19-4991-ac01-0a3d6f7ad157&ttd_puid=af25378a-a0d3-73d6-fcc9-caafc1289c84&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 3927 		170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODM0YWU0NDAtNjlhNC0yZDcyLWU5MjktOTAxNjBiY2E1MmU0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3927
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBakrHeL68TwwPCzzGTy8q8&google_cver=1
43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBakrHeL68TwwPCzzGTy8q8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBakrHeL68TwwPCzzGTy8q8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4EA3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
28744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 22:38:42 GMT
expires
Thu, 27 Jun 2024 22:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1A03 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
31e359caef3b70f38635048eae6f52070280f4334bd0e6727e697010a1087e87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UeMvNcFOnrB78FVx-WlOiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-UeMvNcFOnrB78FVx-WlOiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:46 GMT
expires
Thu, 29 Jun 2023 06:37:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame C2C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306260101&jk=1267474636952769&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 8664 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
147239
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7dec29aebd252dcd-TBS
expires
Thu, 31 Dec 2037 23:55:55 GMT
trv
dsp-trk.eskimi.com/ Frame E2C2 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/trv?bId=1688020662974.14.63b84df1-da87-4e08-9e69-91b74ad19b3f&trve=1&trv=1&src=utr&_=1688020666630
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame A90E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
71795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:41:11 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame A856 		0
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7dec29b02e782dcd-TBS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:46 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 30C4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
c070934e16d8f31707477f428367df3f9841858cc53162e063ca45bb61658f35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1416
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
G5TtuLZHNEpGQ9SbQhiZ-QHm
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame 4761
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/G5TtuLZHNEpGQ9SbQhiZ-QHm
0
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/sovrn/G5TtuLZHNEpGQ9SbQhiZ-QHm
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7dec29b5ab7a2dcd-TBS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 29 Jun 2023 06:37:47 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/sovrn/G5TtuLZHNEpGQ9SbQhiZ-QHm
X-Sovrn-Pod
ad_ap6ams1
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 6297
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7226639094620937395&gdpr=0&gdpr_consent=
95 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7226639094620937395&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

content-type
image/png
date
Thu, 29 Jun 2023 06:35:09 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

AN-X-Request-Uuid
5540c987-b4bc-49ea-bda9-169c16546cd9
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Jun 2023 06:37:47 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7226639094620937395&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.23.4
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 00CB 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:14:00 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
1427
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Fri, 30 Jun 2023 06:14:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 554A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstN1JBffuBdeWCXvP_ZtEXIyBNB3m2NYcHPNVJzLzcwTUv_NAEO57-9orDhnSOOL4YmulqFwtsZCmEvHHJRBGCpMuWE5p64VJRurJOQzD2q51fLogwwpMya1nadqCTZD-wBjL_uxd0BIA&sai=AMfl-YRaxM3vCCXBSeFYiNEr6P9Lw_nJcYh69eSWTrnTZGfb9637CkAqweBLz-Zxxbk3VlLyjI7EnLc_SB5VEFAmmniPGz1NZaBIwgABSkmgUElClmA8VsEpILaYmCQ&sig=Cg0ArKJSzDFa815g4dHkEAE&cid=CAQSOwBygQiDmVavCnMeYzyQCPu81LzYfB7FT63T0mNYQicw0qyVY6loCK3SzjHUAjJr90I-6UPjpjo9hnNyGAE&id=lidar2&mcvt=1016&p=0,0,280,336&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=758607166&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688020664890&rpt=1019&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame A697
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1688020670770
  • https://ad.turn.com/r/cs?pid=45&rndcb=4988247721
  • https://sync.1rx.io/usersync/turn/8108881939374098481?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
61 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
61
content-type
image/gif
date
Thu, 29 Jun 2023 06:37:52 GMT
expires
Thu, 29 Jun 2023 06:37:52 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E

Redirect headers

content-type
text/html
date
Thu, 29 Jun 2023 06:37:52 GMT
etag
RXaed7b2241c384fdbac1cc0cad5a9f06c003
location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
sodar
pagead2.googlesyndication.com/pagead/ Frame 1A03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=47582213503327&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ab6a5d61-cd9d-53b4-a51b-9da6c186bb1d
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame C982
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/ab6a5d61-cd9d-53b4-a51b-9da6c186bb1d
0
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/ab6a5d61-cd9d-53b4-a51b-9da6c186bb1d
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7dec29b66c032dcd-TBS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:48 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/ab6a5d61-cd9d-53b4-a51b-9da6c186bb1d
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame 4EA3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
71796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:41:11 GMT
generate_204
tpc.googlesyndication.com/ Frame A90E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uA8BIA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ceb28cf0387e35a6af56b7a3feffc40df8ee82739a8dffd76349b9dce6553318
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 8BC6
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ceb28cf0387e35a6af56b7a3feffc40df8ee82739a8dffd76349b9dce6553318
0
777 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ceb28cf0387e35a6af56b7a3feffc40df8ee82739a8dffd76349b9dce6553318
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7dec29bbf9482dcd-TBS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:48 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 29 Jun 2023 06:37:48 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ceb28cf0387e35a6af56b7a3feffc40df8ee82739a8dffd76349b9dce6553318
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 30C4 		0
0
pixel
cm.g.doubleclick.net/ Frame 30C4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQXfSvnxc0H0hBWpQtYhvw4mUmk8g0ahaw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQXfSvnxc0H0hBWpQtYhvw4mUmk8g0ahaw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiQXfSvnxc0H0hBWpQtYhvw4mUmk8g0ahaw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 30C4 		0
0
ecm3
s.amazon-adsystem.com/ Frame 30C4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WLsdGjM-1RK-4NxwMP5xxJg8r5_RaGNVArGMbPHAlLo
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WLsdGjM-1RK-4NxwMP5xxJg8r5_RaGNVArGMbPHAlLo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4F2FY2MXG323BW6N89J1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WLsdGjM-1RK-4NxwMP5xxJg8r5_RaGNVArGMbPHAlLo
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 30C4 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:53 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 30C4 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 30C4 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.169.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-169-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
/
onetag-sys.com/match/ Frame 30C4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 29 Jun 2023 06:37:47 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=7aec649d-26b8-4c00-9efc-873fef46c2c7&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Jun 2023 06:37:46 GMT
/
onetag-sys.com/match/ Frame 30C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7226639094620937395
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7226639094620937395
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 29 Jun 2023 06:37:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
539fa112-d45f-4c8b-a398-558d88091944
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7226639094620937395
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 30C4 		42 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=66tcrXkPBYRReG93tdN2_zKscMfa-UC4MkIywvno9oE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 30C4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:46 GMT
content-length
0
/
onetag-sys.com/match/ Frame 30C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOCcdkRWeIYQRaqcAvVX7Lg&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOCcdkRWeIYQRaqcAvVX7Lg&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOCcdkRWeIYQRaqcAvVX7Lg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 30C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
66tcrXkPBYRReG93tdN2_zKscMfa-UC4MkIywvno9oE
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 30C4 		0
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/66tcrXkPBYRReG93tdN2_zKscMfa-UC4MkIywvno9oE?gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
7dec29b16f8b2dcd-TBS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
xuid
eb2.3lift.com/ Frame A433
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=8334b4be-2d19-4991-ac01-0a3d6f7ad157&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame A433
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU3MTkzMTgxNTI2NzE0ODA2MTU1MA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A433
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEELReGdZLeBbEmUEMepSEik&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEELReGdZLeBbEmUEMepSEik&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEELReGdZLeBbEmUEMepSEik&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A433
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU3MTkzMTgxNTI2NzE0ODA2MTU1MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU3MTkzMTgxNTI2NzE0ODA2MTU1MA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU3MTkzMTgxNTI2NzE0ODA2MTU1MA%3D%3D
date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame A433 		0
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4571931815267148061550&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 883B8105A2254E9FB8B47AEF2815DB1E Ref B: VIEEDGE3716 Ref C: 2023-06-29T06:37:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX/PvBnbNabaw4gjzJfUQ==
xuid
eb2.3lift.com/ Frame A433
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4571931815267148061550&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b6abfa5b-3dc8-4743-bfd3-43b6cc936a80&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 29 Jun 2023 06:37:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=2409&xuid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 29 Jun 2023 06:37:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
c.gif
c.bing.com/ Frame A433 		42 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4571931815267148061550&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:53 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 861100D378B2434BA881CB0CDB075D6E Ref B: VIEEDGE3412 Ref C: 2023-06-29T06:37:54Z
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame A433
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4571931815267148061550?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CcXzjZ9E2oQV6uX..zZCi8Xopn7F3O9yW.xiXq1yUw--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CcXzjZ9E2oQV6uX..zZCi8Xopn7F3O9yW.xiXq1yUw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 29 Jun 2023 06:37:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CcXzjZ9E2oQV6uX..zZCi8Xopn7F3O9yW.xiXq1yUw--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame A433
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=dWag9UwpasalZFgXaaHq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MRLWCZZZKV3XA...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=dWag9UwpasalZFgXaaHq
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=dWag9UwpasalZFgXaaHq
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 29 Jun 2023 06:37:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:50 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=dWag9UwpasalZFgXaaHq
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame A433
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7226639094620937395&dongle=4d58&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7226639094620937395&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 29 Jun 2023 06:37:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
131c5bf5-9836-4c2b-a718-b81d76eece44
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7226639094620937395&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E2C2 		43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539901412&val=e53c1806-0ec4-4f9d-ab10-22fa7531615c&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
a4p.adpartner.pro/ssp/ Frame E2C2 		43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=27&user_id=e53c1806-0ec4-4f9d-ab10-22fa7531615c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:53 GMT
last-modified
Thu, 29 Jun 2023 06:37:53 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
pixel
cm.g.doubleclick.net/ Frame E2C2 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=e53c1806-0ec4-4f9d-ab10-22fa7531615c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E2C2 		42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=e53c1806-0ec4-4f9d-ab10-22fa7531615c&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
csync.loopme.me/ Frame E2C2 		0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=2157&gdpr=0&gdpr_consent=&uid=e53c1806-0ec4-4f9d-ab10-22fa7531615c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.143.153 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
153.143.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:54 GMT
server
_
sync
x.bidswitch.net/ Frame E2C2 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=364&user_id=e53c1806-0ec4-4f9d-ab10-22fa7531615c&expires=30&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.169.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-169-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
/
s-cs.rmp.rakuten.com/ Frame E2C2 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-cs.rmp.rakuten.com/?d=23&uid=e53c1806-0ec4-4f9d-ab10-22fa7531615c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.81.95.34.bc.googleusercontent.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
cookie
cm.adform.net/ Frame F2F2 		0
0
32075d85e80837ee35cd521c807fef
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 5F21
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/32075d85e80837ee35cd521c807fef?gdpr_consent=&gdpr=0
0
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/32075d85e80837ee35cd521c807fef?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7dec29b60bcf2dcd-TBS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 29 Jun 2023 06:37:47 GMT
Expires
Thu, 29 Jun 2023 06:37:47 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/32075d85e80837ee35cd521c807fef?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1688020667653067-560
activeview
pagead2.googlesyndication.com/pcs/ Frame E2C2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRC9oushvTJJcImNaQU54jvmjFHOr42LQqNk56az5DNQ-RqBi4CQHkFxf9mvDuHpseQ4qw3OK2NDnwPr1iJd2aiueG3uqcrFaH3aU4hVmgN3hcTDdG&sig=Cg0ArKJSzMO8a8DOoHtCEAE&id=lidar2&mcvt=1002&p=1110,485,1160,785&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230628&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688020664418&rpt=1736&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/universal/ Frame E667 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.66.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-66-159.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

date
Thu, 29 Jun 2023 06:37:48 GMT
generate_204
tpc.googlesyndication.com/ Frame 4EA3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eb4PUw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
da8808dc4d5c09e0946f5975cdb3afd57bbdff0c879f50a4d810515d64618b50
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame DB95
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/da8808dc4d5c09e0946f5975cdb3afd57bbdff0c879f50a4d810515d64618b50
0
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/da8808dc4d5c09e0946f5975cdb3afd57bbdff0c879f50a4d810515d64618b50
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7dec29bd5a6a2dcd-TBS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 29 Jun 2023 06:37:48 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/da8808dc4d5c09e0946f5975cdb3afd57bbdff0c879f50a4d810515d64618b50
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 00CB
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vz5Y0G%2FJVp9qdxAzIqmhRg0VNg%2Bz%2Fk0gcH4u7lLvqxJSzp0Hz128xzDTwWsBGnVp99OdCV5Ovct7g7oyv6Pm%2FJmfB8teeaUF5YbMB0qE0e46FAoW42JrSnQF%2FfYT6KIw3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7dec29bdaa8e2dc9-TBS

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5A56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306260101&jk=1267474636952769&bg=!v7ylvOjNAAYQ3eRoMN07ADkAdvg8WhYV5IOkXOutz9idGd5RDnjtG3dCH8GvLAY60L236Pv33Ic5n48l7Y4IAuBaW2hRMIoGVyICAAABIVIAAAAIaAEHCgBX0sHS_hZ9kG9jiQUJygGqjfD9LnMBB86c1gesBBUquJ9c6jfVgWDQNsYPraqyiqGXCk9pcxElKhF_YkwksB--nrHvYP6OAFg833KiSk2Jkd00yyjDbQnPmQKxhvt0heHi30j6QxrKG2MIBzdUvRfpeN4J1Eofr-34drzGYEeZG1D_0OAJmxFp8yXhTCzGkAuNWI-VBb9eUe9q3OnWTZJphACeyBG0I8tsceP0hq0lLFnHVhbgj5zCRbIoS_HvFfNg9346AWT1GT_GV_8f0mKFPhs7Ee5ijhpvU0Wq0wd1qtLAUrpRK_yH5RjQFfh5hBtoOLlcH6NZI1_OiVjdik1TXY7QS6QSRKRCpDNHYjRlP6k_x__4HUB0hIZpMrCScDxF0tD2NGlPjCBs-xzf39t06qi5yDwzhw5LYCN7-qYqqPtvG6TRZ1d56CiSjM8TdbdxHdprMW-DmUDhhIUMxpU1DpFBq8drrboV5uALlcPEE5CMoJfk87OD-SWSdz8k0oR7C0JJjA-7g8mVZLHh-XPIwy60GlU_ROG0uaCvPdXbskYTH1-lpcfm3SCUse-71ly6pxKp_55qo2CTGhnL55j-8AiuO5IOWPs7ICAHhIAb1vD5ACPV3NAXIBMHzcahZlS1GpkIHs8MrAoB2LPv6cm4v9Pr4c7SzahXVfMEwOYcIrZbAdfv2cVcH_6lr64ccHU1ynIdRlqyZZLNcVpVEboG1cLfe3O_wtlnPjhTv6i1GcsEc_QoapAKNpMMf01fzUaIN7JzXDpiyJo7-JSR9pLVfi6yhcCyoXLU6dUHhepT2IPM14BiWT2qqNMlAYpMuzvhbADpBGjbC5gtJJvE5d6L4aoe24w630RsE6MijaVQQslc4zLeCUm5eAPCxESmbAaeYqtHnDjkXATqFB_dbfHCOhIYKwaroTRQvNB27Og4yyk3Wm6tzmdNNX0JomuC1Jj8aaMtbknhYZBw1upuNlsrLuqIizht_c97har4HSc4YKwJTLQZhhs_bT5HdLsHDKLO1Ae9TKLRVEUJZaQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6351 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=47582213503327&bg=!s7ClsOTNAAYQ3eRoMN07ADkAdvg8Wn6rMftJXURoEWi20l4JLY9QNuI7GV9YyKiRTquAbD0P6YpzHnTc8AoDMNB_Tj1tNxFro5oCAAAAd1IAAAADaAEHmQKoQF61qLtNqULq7tueLOacsAlN-oBR4a_15K4lFHsk6w90U_fEXx1nAlybpUuMeZtH4tPC66m75aaCPFQB7BaFPnAOJuh-zo3ru8IL3x2fbyfepcYHYlm-2Y7xB_DrAf7t2lP2jHqSnmeAT9ZP8L74Ijp5Jc42Ku5qeN_TEn1FWveX14FwnchabfOgd0uRBzO21ZYJDPQg0p8zWlfAp-FxO-qeJPCBfvR6x9FaLJQQAOryLHr0kYV7qloWHgw_UunDvEwkbtHEDJMk5sf3fEqmsD0cyGL1IntIAPOShX5GfgtpY_VQsgP_SxOZ2Z1LJeb5F8oBtea5eldM5AtsKRn1yBhyLL9WKR7WxbmpRbd7kbpfB2Z9I11Gj12oNbegK1dcwA4cIxtPYKsctXaO_hhkEQGdQ2_j8fAubeUp22sfSJQZttszdMF-vtb2M5SGUV2YFbUdV0YicCd2-D9SqZ2tjA_KO3OWWtyPVN75Wcfe1GDVd8ZzKx1YTQep9XRfswQvmJUodjV_LQkyoeAytvwXDNK8d087jmP1aCiCoyia59W8VTzLfa74j2cbzj_octPKMg0IIbz5NOoGeHUB2GpxqB6GB2QR5cB_eG3MULViTWLDI8Ia-jM2dVV1JxFpTopMRgN7i33BA2PthnNUwtT3YACRR7UiZwLRtq0Cy529UQTdHnx2HZooYK7vNyc0rixQYFLjiDdLclZms84OOzozbMk5ETX1dgvMgihU2FtieqYa7Lq6yOrxIHWYIg-QD0GP21pmrAcJeC4F88SahlCt0IKAs1nRXv4d5TruPKqnQ0way6J6bjDQuNi9X3r1tr6o-H52wQMdbR0mY-uJB-rqFJD3c8zuYaY35M4WwHW5-y-9WEuqEYNNlSu3a1QS_gq2F7cp9uW2hNo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1688020668377&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1529&pt=1115329249&tz=0&viewable=true&ddast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=inout2_vB!nonrv_vA!nrlc_vA!ufm_vG!ul3292_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b6177d9f24a8117b1da88e96d2582acdafe1c3432c5b419f3b338edb7e2c20d4

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:48 GMT
content-encoding
gzip
server
nginx
machineid
1435
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je36s0&_p=9125&cid=1614580128.1688020663&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1688020663&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html&dt=%E3%80%8A%E9%AC%BC%E6%BB%85%E3%80%8B%E7%A0%B44%E5%84%84%E9%99%B3%E7%AB%B9%E5%8D%87%E7%88%B2%E5%A5%B3%E5%85%92%E8%BF%BD%E7%89%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=12
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 31D5 		684 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNVx_NOdZfNRAlDUrwNfIFZk9Hz9hbFbi9bb9bs0sygpSQoU_qunubjcJwH1FwbDJ1TWZgujS2uZl2ZMeJ5_o2KEFLCNEy5vpI_L5TaezxSWA7ZvqtE
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4121 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4121 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AEFrfWZ3IA3CFmr0TmLJN99HK_2RCE_QmriC15fzAzGOm7ceL2kZDht0burHuYoiQ9fnGBJVDfcqXv2GemB6mGEidR-nuExQO0GdsEvxXj1swlLJQ
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4121 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2897436191271481402&x=38&ct=119
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
adx.g.doubleclick.net/pagead/ Frame 4121
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.071/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RC10vYtiadZIPTOs-KlgTKp57wAdja8__FwqIafhpYRrcr93wUQASCD__eYfYI0CyAEJqQJcAregGkayPqgDAcgDmwSqBNwB...
  • https://adx.g.doubleclick.net/pagead/adview?ai=C10vYtiadZIPTOs-KlgTKp57wAdja8_FwqIafhpYRrcr93wUQASCD_eYfYI0CyAEJqQJcAregGkayPqgDAcgDmwSqBNwBT9Azx6ik_bYx8JueW_WrT-jQlLo-WcxIC1LCBIAtjlWl6yZtTgV7b5imZ...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.g.doubleclick.net/pagead/adview?ai=C10vYtiadZIPTOs-KlgTKp57wAdja8_FwqIafhpYRrcr93wUQASCD_eYfYI0CyAEJqQJcAregGkayPqgDAcgDmwSqBNwBT9Azx6ik_bYx8JueW_WrT-jQlLo-WcxIC1LCBIAtjlWl6yZtTgV7b5imZXaV0yeU8xOdY97PA6UvxvsNtVHAcT60N1UaFGVkS8UdiJuZSI1uyoMT8MoupfU2O56uPkEL1mJwQ7n6FmHKOllu2kecJCWqnzkjQe99LoOALpdzDZXjtK5jv9-H7Y4aNKJvciOw4yUmfRQN09DUuXFQ24ubb2Simng3H_ax1HsVdlxVCxF4KbPAEZXUQRgZuFIHNinksu1TE5sG6wdEOwj35mbErd30q3h09lUKDkSbrMAE1bvyp60E4AQDiAWs4_yrS5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGd4AHre2s5QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDdqgQYhqrA7AHSCBQIgGEQARhfMgKKAjoCgEBIvf3BOvIIGWJpZGRlci1tZWRpYW5ldF84Q1VQRVBLSTmACgTICwGwE57L1RPIE4i7_OID2BMK2BQB0BUBgBcBshcICgYIABIAGADoFwU&sigh=m_hVcoE_rZA&uach_m=[UACH]&pr=38:0.071&cid=CAQSMgBygQiDYoP9H17zLT12MvoFBBz1TJt743n_o7FWgqB8mFXO3gjaXyoA9mTToyEtuCrwGAE
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location
https://adx.g.doubleclick.net/pagead/adview?ai=C10vYtiadZIPTOs-KlgTKp57wAdja8_FwqIafhpYRrcr93wUQASCD_eYfYI0CyAEJqQJcAregGkayPqgDAcgDmwSqBNwBT9Azx6ik_bYx8JueW_WrT-jQlLo-WcxIC1LCBIAtjlWl6yZtTgV7b5imZXaV0yeU8xOdY97PA6UvxvsNtVHAcT60N1UaFGVkS8UdiJuZSI1uyoMT8MoupfU2O56uPkEL1mJwQ7n6FmHKOllu2kecJCWqnzkjQe99LoOALpdzDZXjtK5jv9-H7Y4aNKJvciOw4yUmfRQN09DUuXFQ24ubb2Simng3H_ax1HsVdlxVCxF4KbPAEZXUQRgZuFIHNinksu1TE5sG6wdEOwj35mbErd30q3h09lUKDkSbrMAE1bvyp60E4AQDiAWs4_yrS5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGd4AHre2s5QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDdqgQYhqrA7AHSCBQIgGEQARhfMgKKAjoCgEBIvf3BOvIIGWJpZGRlci1tZWRpYW5ldF84Q1VQRVBLSTmACgTICwGwE57L1RPIE4i7_OID2BMK2BQB0BUBgBcBshcICgYIABIAGADoFwU&sigh=m_hVcoE_rZA&uach_m=[UACH]&pr=38:0.071&cid=CAQSMgBygQiDYoP9H17zLT12MvoFBBz1TJt743n_o7FWgqB8mFXO3gjaXyoA9mTToyEtuCrwGAE
Date
Thu, 29 Jun 2023 06:37:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
cksync.php
contextual.media.net/ Frame 4121
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=medianet&dsp_id=16&imp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&google_hm=Y2E3MTA1YWQtYTc4MS00OWU0LThhMWItNWYxY2U1NDRhMGRm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFkPIwhZUQ4veshJnGlwAMk&google_cver=1&ssp=medianet&bsw_param=ca7105ad-a781-49e4-8a1b-5f1ce544a0df
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=
61 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 29 Jun 2023 06:37:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7AF2 		511 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNUa14qlA30NWm2SLYt4UbrahoZaXNApMnijCXEmCHcRCdVltoI8R8cFvQTv7EauHEZgSyBdKOXaPdvLHvHrBgV8go28gyw52pdAEo6F0Wm5ekPU24A
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
b9c77b52464985c96557e8d7c3030b01e75ca95174764105a9251401f74e08d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AD74 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD74 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNrOkWcEFw-X4mQ7XzZjFrYiJAfzOGB0LlTn_PJnZMMUHwzZ_S7ResEK3oEbNnmE2wKXll068fq9Wjakf9jBzMgY1qWXfhJxcIHzUtccJuWZiH2FM
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD74 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8147634137851644875&x=38&ct=119
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
adx.g.doubleclick.net/pagead/ Frame AD74
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.071/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RCCtLatiadZMrgOsqrkdUP1uyysAHY2vPxcKiGn4aWEa3K__d8FEAEgg__3mH2CNAsgBCakC192DYntMsj6oAwHIA5sEqgTc...
  • https://adx.g.doubleclick.net/pagead/adview?ai=CCtLatiadZMrgOsqrkdUP1uyysAHY2vPxcKiGn4aWEa3K_d8FEAEgg_3mH2CNAsgBCakC192DYntMsj6oAwHIA5sEqgTcAU_QAmK41CpgPJOTNG9Ob5jojsGULnv9c2m7veY86pRyxk4Sjcu1ymrBh...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.g.doubleclick.net/pagead/adview?ai=CCtLatiadZMrgOsqrkdUP1uyysAHY2vPxcKiGn4aWEa3K_d8FEAEgg_3mH2CNAsgBCakC192DYntMsj6oAwHIA5sEqgTcAU_QAmK41CpgPJOTNG9Ob5jojsGULnv9c2m7veY86pRyxk4Sjcu1ymrBhshmNRuamB07_dssc9_Zb6ATsXFOZoyef57hfX-Ns4nN7y-UwLDPFRbFgfh8MrLwMo14mJZIdv8W1jbtY7Op50AQui5T6_LMYbWZiMZT6w_RhSYDEGyPPTYb82k8DFd8_6lBrgYXvecMprHXzA-jIX0exf28PO5fypNnPKd5UvoMV5SMr2PbIUAdP4jm_6VrroZz2oasLIby8Y0ELGiTOPEHtYClpmW-DNcBBPtoJ6sLMO7ABNW78qetBOAEA4gFrOP8q0uSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBneAB63trOUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ3aoEGIaqwOwB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBliaWRkZXItbWVkaWFuZXRfOENVUEVQS0k5gAoEyAsBsBOey9UTyBOIu_ziA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcF&sigh=v_iW7vKxX6Q&uach_m=[UACH]&pr=38:0.071&cid=CAQSMgBygQiDH7vUjeYpZ6sz5OfriVeR4yfOPO1x9jNORME2XgLjae-ixSe-ytV7yegxxXtRGAE
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location
https://adx.g.doubleclick.net/pagead/adview?ai=CCtLatiadZMrgOsqrkdUP1uyysAHY2vPxcKiGn4aWEa3K_d8FEAEgg_3mH2CNAsgBCakC192DYntMsj6oAwHIA5sEqgTcAU_QAmK41CpgPJOTNG9Ob5jojsGULnv9c2m7veY86pRyxk4Sjcu1ymrBhshmNRuamB07_dssc9_Zb6ATsXFOZoyef57hfX-Ns4nN7y-UwLDPFRbFgfh8MrLwMo14mJZIdv8W1jbtY7Op50AQui5T6_LMYbWZiMZT6w_RhSYDEGyPPTYb82k8DFd8_6lBrgYXvecMprHXzA-jIX0exf28PO5fypNnPKd5UvoMV5SMr2PbIUAdP4jm_6VrroZz2oasLIby8Y0ELGiTOPEHtYClpmW-DNcBBPtoJ6sLMO7ABNW78qetBOAEA4gFrOP8q0uSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBneAB63trOUDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ3aoEGIaqwOwB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBliaWRkZXItbWVkaWFuZXRfOENVUEVQS0k5gAoEyAsBsBOey9UTyBOIu_ziA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcF&sigh=v_iW7vKxX6Q&uach_m=[UACH]&pr=38:0.071&cid=CAQSMgBygQiDH7vUjeYpZ6sz5OfriVeR4yfOPO1x9jNORME2XgLjae-ixSe-ytV7yegxxXtRGAE
Date
Thu, 29 Jun 2023 06:37:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
cksync.php
contextual.media.net/ Frame AD74
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=medianet&dsp_id=16&imp=1
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=medianet&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=medianet&gdpr=0&user_id=SBJeqkwQBflTFFP6SxdK908UV69TF177GEKyNJ8G
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=&gdpr_pd=
61 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca7105ad-a781-49e4-8a1b-5f1ce544a0df&gdpr=0&gdpr_consent=&gdpr_pd=
date
Thu, 29 Jun 2023 06:37:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 00CB 		975 B
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4048
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32COe2IY%2FZtonU%2BRsVNAWFBevGEyUXUCRKbGoYLNSPy9mAQe6PnTwlP3eTBPghMWgJlWg1%2Fz6oe%2BCQY4DC60EPICz4cAWetIpQDUIv%2Fy8SbZTic94ohzo5vyV6CwN32SzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7dec29bf0be12dc9-TBS
ad_request
ads.aralego.com/ Frame 00CB 		661 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.010709111041299346&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:50 GMT
x-width
300
x-height
250
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.holmesmind.com
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-sspid
10487bdc-548d-30fb-824e-d65474e74d22
x-adtype
html
connection
close
content-length
661
cs
cs.lkqd.net/ Frame 31D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECaKiKYsNKofsDV0eL4A3aA&gdpr=0&google_cver=1
43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECaKiKYsNKofsDV0eL4A3aA&gdpr=0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNVx_NOdZfNRAlDUrwNfIFZk9Hz9hbFbi9bb9bs0sygpSQoU_qunubjcJwH1FwbDJ1TWZgujS2uZl2ZMeJ5_o2KEFLCNEy5vpI_L5TaezxSWA7ZvqtE
Protocol
H2
Server
146.20.132.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECaKiKYsNKofsDV0eL4A3aA&gdpr=0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31D5
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=ZUFIT0o0ci1DZ2c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=ZUFIT0o0ci1DZ2c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNVx_NOdZfNRAlDUrwNfIFZk9Hz9hbFbi9bb9bs0sygpSQoU_qunubjcJwH1FwbDJ1TWZgujS2uZl2ZMeJ5_o2KEFLCNEy5vpI_L5TaezxSWA7ZvqtE
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 29 Jun 2023 06:37:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=ZUFIT0o0ci1DZ2c
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 31D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1&gdpr=0&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNVx_NOdZfNRAlDUrwNfIFZk9Hz9hbFbi9bb9bs0sygpSQoU_qunubjcJwH1FwbDJ1TWZgujS2uZl2ZMeJ5_o2KEFLCNEy5vpI_L5TaezxSWA7ZvqtE
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1&gdpr=0&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 31D5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ0mvQtWexvIYPdjyyVskAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNVx_NOdZfNRAlDUrwNfIFZk9Hz9hbFbi9bb9bs0sygpSQoU_qunubjcJwH1FwbDJ1TWZgujS2uZl2ZMeJ5_o2KEFLCNEy5vpI_L5TaezxSWA7ZvqtE
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMEnARK5k1C1Gv0cyQSgCLw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7AF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGxOQI-I2kX2APDwKhbYHUY&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGxOQI-I2kX2APDwKhbYHUY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNUa14qlA30NWm2SLYt4UbrahoZaXNApMnijCXEmCHcRCdVltoI8R8cFvQTv7EauHEZgSyBdKOXaPdvLHvHrBgV8go28gyw52pdAEo6F0Wm5ekPU24A
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:49 GMT
AN-X-Request-Uuid
5a7f8f13-3dbe-4c87-9b93-2b6c32933753
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGxOQI-I2kX2APDwKhbYHUY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7AF2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNjYzOTA5NDYyMDkzNzM5NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNjYzOTA5NDYyMDkzNzM5NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNUa14qlA30NWm2SLYt4UbrahoZaXNApMnijCXEmCHcRCdVltoI8R8cFvQTv7EauHEZgSyBdKOXaPdvLHvHrBgV8go28gyw52pdAEo6F0Wm5ekPU24A
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Jun 2023 06:37:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
01796f51-66cd-4ef6-be2a-8ec3c185ac4d
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNjYzOTA5NDYyMDkzNzM5NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7AF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOLG3jTKfkpeLQVO6YEjqvA&google_cver=1
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOLG3jTKfkpeLQVO6YEjqvA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNUa14qlA30NWm2SLYt4UbrahoZaXNApMnijCXEmCHcRCdVltoI8R8cFvQTv7EauHEZgSyBdKOXaPdvLHvHrBgV8go28gyw52pdAEo6F0Wm5ekPU24A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOLG3jTKfkpeLQVO6YEjqvA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7AF2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Y3MGFiMzg2YzgyYjZkZDU3MjkzM2JkMjIzNjljMDhiYTYxMDYwZg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Y3MGFiMzg2YzgyYjZkZDU3MjkzM2JkMjIzNjljMDhiYTYxMDYwZg&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrexvQDEN-ZvIwEGIaqwOwBMAE&v=APEucNUa14qlA30NWm2SLYt4UbrahoZaXNApMnijCXEmCHcRCdVltoI8R8cFvQTv7EauHEZgSyBdKOXaPdvLHvHrBgV8go28gyw52pdAEo6F0Wm5ekPU24A
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2Y3MGFiMzg2YzgyYjZkZDU3MjkzM2JkMjIzNjljMDhiYTYxMDYwZg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4121 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4047225437169&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4121 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4047225437169&version=m202301230201&ct=119&x=38&cor=2897436191271481300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4121 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWfgXYy-Y22jcm9TMOuQ7iocAryCuG7YtoB77PI9vyX6Q-4UmlD0ez8kZ9Wp93KwoYhUdlr9Gfj8rHmFEEDOdTu-2KHQtfj-eOO7bAjK6MKd4PEQb7ZqwYwl1Nv6rPZ71UqnOXc_IW7al0cWlSFdwkLLjYidentDnArDQncmYZbdjLnj0&cry=1&dbm_d=AKAmf-C9Epjs_K-lRdo7cklKeVWBkdYNZHP4Yb-PB_x34uqllfPYnAm4Bw-nryJdr59pwHh3f6F5XVkEkcgBypQbiBBLlnVDWvu5Nb0BKfl9yWWZs1wO4un_AwSot_VB6CXDxYwo5nDhzLuyHnjGJlgMUz57qVXyTzzadOje6nqo5SP3mm9FfT1z6yEQ22SzAN7UDCvVukiHvpesjC2ugioypF6c9qb_reAyFfUz1Nwnmx4dHmz1x9wzarIRSNvYymi_qTusjYKFKRTt7EIZnIR6ScY98NKdU0Rtv6tIaQDp2r6U_FPYAl-4StzCFYvpYicOqhBoZRxrIXm6TdWdFDcRr25iaHScNaCveFrmattfIq5_5k-AgM3vP3W_ZdKGJHdH_stYN34mjTL84fGKkMYCkVaD1-Ix5hRIltC3aBRLqhBSc-KhPV286Rcf5J5796KGUY7SHd-naWRHSoUOg0stbXMP90TXIfcuKDqE57E10O0TghcGctmSN6LpbzF7dAOReU65tV0J9sAXftafSvM_6CLs_r6Lf52Rp0g_AV5WQ3EGN_TqDGqmyCVldfIP5zF5KClvEJaWJClSdNEOxiub4jXkJ0gW_1fmgignvMN-HzNaoU3yrrbrpjc4L_egeOwlWcOLHXhg8DkqMJRfzLBjjy0O2-3IuolKZcb_hcNeXcnGPjbdz25csvgNo5pS3kiu4UKAZSg43N4u_UXQBCxjUsvkYNQl_Yl3b5BtWdHYLMMbhJjaACT8_j5jM_wSuG_j2AT9TizzRG3H4Awt7gwZeervsNnhY4xAhP2G23ijaR2yUxkCp5PMsA5QXDuEHhSUjObvOprGosuRLJG9rJuFLVYGRxeSDnqWZ1XK8cP1XpImATsEAyxBdnTWvZ0BDUnQYiSRcOo-NNzETT6K9yNYd4ggaKaJMO6U9eGH0J9c5FIEpFOoEs63eQ4w6WDEoxxBml2FVYDqKd_MsOLlXJZf2gF1Q65QI1MWqQ22nBbdxGNuiVklWPXS4ryqC67xza-K18dgQqzkaKYjR5Q8TH8aIigdr9pjVsdtI3b6YeAo03H2qelie2TDNRjGQAdpLVMsMKXX3NF3dvHAicwyBW707dCXQ23iILNpPgG_vagL3ZmM0T6EWi6tgoZeIHTbv76rgz3uWYc1Ub18HNVb3-VXtFFbGW0V8Y4OVskR93nug6JrFtB4Mz4JC755HkmCl1ZiBbAJ4-Mxc1Rwq3KaGmQdNhJbKEx5vd36om1--52ElFl_Xi3g7RX7k3xLLCai8vS2KKs486HEiH6HaeVxTJSJyLGDsnXl4kXUstB-rl-Vm2UNYELBxt2Kx1lKXod_6vgzSZTKkV2WywiPS6ZQesR5mZZSi7YbXN6_aB4h8B-5PsbLgXVZZn1AvNTOPC8QGJeaHi3zb5JYH9PjSS1rM7aXYQlKhWlggqljbNQoB8-10J9JeeWJAXHRRoVxVFudKG8sPCFvcgKDqiuMM6LT65rxWifkXMgx4F_XX1x2GDjOSi_7XO9s-OpoyZs6H-vw0wwwvBiZqoAtrHRenuvP69vOqOdpIRmblGa4NeXKrGlf2MltSbVuX5MRS4alAWIeLt9WXkU84h-_lDDryKk11ZpmPw2P5bS0bbUReq7zqQOUR3CqHTF9ZJmkP7leMCxZnouM9qLFUb_aeAlQmAmBo3IIE3CYw_dm78rKyl3DUNUxCk4wHJ7-Bd1tPNTUUPdByQDLjPHKZmPtcozM3Gn8Wc7miK8AY2qHboiqqytCt4x1QGRA27RTTOSzq0C3JRLj0B7CXGxaKwW00FVolyZFOlPmDzNgL9E8uczsqGej_DDXrLp7wj1Q5QuihjBDHTIkfiJe6MIZX6FfioxCehcdYZy5LneFB5iiVIAGPQw5RJvXnbtPt4umvVSenRSMNGVOio7g8Munp-D3IeheJ3JrUE9d14tHAPqgd_fxl-MWskRGx1OEIyYYW-skIdmmUoj_YW8tScrzIdqz6LpdeURuMpWwfByISB97cAgHzzqGa8VgKABiJISzsFCoEVxGSV7yGm5CdgLXgOpCVf92IGIrxGlGRJov5a2XRVVzH51sJZYXPwm9qeZ9cYG0NlCM5r3pa3K95V8NU0XgwIjiklp6fqMwFRTOGEdtdYxVVZg4IlVod3HLC64rvIppGXdxRb0DdSBIhjNuLApO3gdY1HGWrBzTzlGU5SFxn3URfqMCJqQbNx5s18jsl-s4Q5txltyONX9Uis_yDz5TTvRqndqk6tkcHz34n8vte5tKJzeELe1m9_RAXFSG4wEDBZ_W1Wqxum8uC1Rju1Z1GmT20nA8QsLj_kQn2mtOwjLxCiA0vEHSjb1ez5e8uiB5vc5founo3O-veFu5_SX_hxoVlAmhYPsXKSB1SvCY6VBtdH10uQNPlVFvJkhGjnt_cSm8zHkfrSblvKucsi6HNY0GSZNCFiVDHm_2SCfciCj5y4M0Lpsi4-FdSG4c7FVxuE6fyP_ZfVG5KWWMjdkBbU2Z-urQ-VDM7yMXcCaAAXi4pMjPjngeGy-cN0eclDE0twYBrr6M-3RVXUUAl7673Xf_h0CTEW042upRhRFqAptANgWbv9gFqMdZxsTXQxbNbrXUoQ_0RMND-BOPgvmmhSLZsXpE0Vhn4n0GBpAqoszWTA0QBifXmur3DG31MSUfZJywIZh5PaJThlkHj_fDamgN8P_L0Wv5YgIilR1Kr2zuIBkb6PSKZ7P34z0Y3iBC2ebGxMyFQFAwfjEtz3_ugN0Frh0kAw9SZzhAooZkGyRrSrt6sPJwX0zT60EP_pxPFaOtcg0K-CPyLopNyKDaI9SoaFucgLwfzzvGeN_YJtMLZaVorLGOSRTf6c3oaENQMRmwDwJUmZcGSgqasXVdgZEoo1WJlvntfuDUfvW6eBqeew5E1Eb7zXQymXW_42QiGS6yPexjGBR-jHlgFZUHwgd8tr9rS45G1wp4C9XesLbOtZ_BFxnJQDyHXPxILU3-3RbR0cpCaBiePT3zqqCdej0fliIFBu8UyKwrxKHJRk-Vq_5kdEo6qBnO86p7yZk_442gdmivSEECAQ3_0-Nybfa04HkA5Yf6I2CAo3RjJPjhX5nBjdQNDvKdL_xs-uoVe_IM-wSYFLBN0rY3xtlmMyJ3eybe6koKJJhTWYMRiAQiI26ieTisk5U-jXR3V8XiCuBVkyd8TJwe7R7dVfRPBRv-vpgWo9-7cwHQINlu4fepfaYkrzhnODCI1IZQ4mieg6ywoXz3cP4HWGCCvpNVuxLZ_tT88VQFl6R01H6fr8re1x6TG5uT8UXv75LHMWqqK3V3vVQCuX-wpPH1o8t6dA0tsDxQ7g9K3NE3AOwtUKJGo3F6u5Z7C43P-GpiyU7oHHPQ73TYEUyF1IgNtewMa9bwcNwe_bAH760ay-40pg&cid=CAQSMgBygQiDYoP9H17zLT12MvoFBBz1TJt743n_o7FWgqB8mFXO3gjaXyoA9mTToyEtuCrwGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=2897436191271481300&adk=3249947758&idt=192&cac=0&dtd=149
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
64a9fc5c284e1dbbe10b002ea706bceee69efdaaa4f8df7d48df8e103505f228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36551
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD74 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5223937950896&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD74 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5223937950896&version=m202301230201&ct=119&x=38&cor=8147634137851645000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AD74 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLiMdUIp937RtZxtULZO_cqQ0z9lMb8fsi8mll91cTMb_zLxu8rXqCpoWl0qqGxQkCpd8wlB6XmfvEyp4zTKUWWgr2WJb0bqpdhl9vt4hm7hoA74TgBbSLT_mKKdAKYYJQVaF7Y1PpjeZdKSEiO5PHCBfm9ZWNht4_xX14mcDZ8r9_KMM&cry=1&dbm_d=AKAmf-B8L7N4O8PN5tw-MpknC86hsz4C7mL2ephnG60F4lQ295xCIRk7h34XHqWt3JecYt0d9FEn1EAKYgXq08dRf2vwwYbEhQ2Eyh-rAjdhD2UnQWuCW9AJ9gB2cLBgXIVdtpH_07dZkny9P8gnFVKTGl1hbyL1iYzAzQnYlot-aPrn3QWOSTzClQSByu7qkgjYjO_y2cCo0XszWkkmDXwbvPaOLO4ZTprY5AuLx-RmxQm4Z7cxV8HvUfU_KNZQcQDggMasLNDF11Nb0_cHKGEbk26wwzmrQsh5JsmFx6GqOrnicbaXsJAJCW7arcopbayAcjkdZQt-La1ucbeQuzu70zXPQwKbdZKv-CaV0cLfCPxAsm5CXiEaw31uk9QZQ0hDREOiG85VFaPcPqOmlG3yt9N342g3e-gjI0xkV1vNOks6s_I0Z9kiUDkSMADhYab1csEjV2BOVsxtn8nCi5lLh7AF7cN5F07CaLpXNrcYRXra4HkZPIHIpsmmTNSRs0-J330FpXGy7CyOIjSbP4mnrUNr9xttc0tnaHmUMK3LQDR3P6B9zF5ksKEr6PUv5-XbKpYtMt9X_r7bv0PqM5jZvLtxv2LEw5FepXt1HjP59GujcxsqaPA-mdiKGRzgqcoetCA2hYiybueD7GOWBhJMmNc-uZnc7Yimx23NfWXH7D1XB0Df1AAsTIbZDiCGUTFN-T0AmN4FT7-IVu9XXk7lPGMb1oXb1DQ4sYKJmpOIhdR3ByX79UIRaE0PUdyt-3l9rv1BrdS9u_1kB7_rL3qxAHoRXLEPV2W-KwfO7Cj282hNyM6nrahBf54R5TsJupT1cK33Z_SQuLc9kW7Ql4FxZv8cXYrObM0bvdhVuDjVC3_m8uqBQlx3YJif8VM1A2liRTcuFpFy9SNINnc1MNXT08cNJjpgBDu8cYTNeQVRo4WPXP9gWo4uz19777n76q3AY_ADHJWU502MA5ToaSctPBgn7hFaI1Z6pNcSQD50iGBAIcltaRL58qe1KDJgteOM35-f7eDRNxUYH-bLNPXCbty2ibjCFtn0537Yz5pkmHdzaTGySh0CP0SWg5P7uNqek9fTsWBcSYsZY1cK07PNQ0Zbhxu3S_6GiEB9gy7EgDoWlN8ypE4ZCkNydyBGmvlS-XOSzaMkwaWxBAB8zra7KtbUAJgufggWdU9aa9dXozfZ_7_LaYJauIRrQJjE5bEeBiahQfMG2aMaCtyq7TpzEEp-z2ib1V_gkqbDvvW1JTsZ6O9iSP9EBWE09dAEjloKrpw3lyrFgIv15TpjYVqSDgbfd0BRBgjap9SSwK3J5iP_l7NwMlveqVLTxWy7IAklLuxCnh8gXkvJVJNR0dDddyp2-3VFx4B2ZPa0vnMixqk35hUpZ-FUW9ak1Ef-PwnqGJwE0MKVMQl1fdu_UYBMGhztMIczZCVsB8Ml5CU_XL7S3WLzR89xDhzGpc1u-uwlI-NaKDcaazC7HRpvg7Bi5bg3xEp4Vw6gVs009WnaX9iZYashJiLBH1pOYoiK_DeVTmGzbFtS8zOqO9rU7kzfpubjUi3EBYy55VQ4yTryLHhNyyzKR3xCP3Qv7q1-KQ-oV1IkN8f27j14qXXB8-qydn-uojtFYo3-po7TLpG25UZKIrUylOV8dVrCoQJZnkx1KabZ2y4JAamAsumKuDYXFmYfe19sTLLaQIqhyvxGJTnMf2S78x18ZcKFPX2Y-bTSRo-O72l9W6VjggUuT7czawsfTWU43OndsEcgPBlfEcPf8i6uuj-gwwAROdiynMkXMGr8Zj28bCO8PXlhUJ9qAQsLIoTf-W4jUoMZ32bhxH7R5XJtdOwfceDXCda9pV1POGoQONCBTXeFrxuwZwjPORpmF_iqQrj0CWCXTMATdr1vNtkDajpUDWfsTdX83fNchjAL1lM3kGqLe_-S54Btcej-TzIqJGaffwpiktMJu71njf9Jb69B9xNCxN0JULS5DYpW6Pxf7gPK4ya0SbIDZMaMq934JHmJj0ySWs4y0VilReV_LFCAPaywPfOHJ1-LAwiO8c-ekm-aeWN-zclGj7WkVWYdSG_JXRUYodAaJUMxLhka04yV2nyg49kq0yGP7zLHK_MUwNmgTDMDQYEFBl6O_DF629SDevVpQWw296_oVkfhz8jZtLjR2v7_oNqiaTPK6w1Wm1eS_Bjq8Dxuwuj3wJbvF4c3CO8hkqNUYsw8Z_FCb1ZbV2Lyod0_y0MWWADxhGtltdCtNqSv5G1IYlI6JF4LM2jG-pcxVUnIpcrg2jF0R81UQiA2gaMckzGNZ4cRWGmj-J_k8-ppMEXvvMYueFiAzSGkhiZZBNiwlGpwBLevMuZsxvRFBLvj2y7ilOCpVT5Rk8s66r3QlvvlAUReVEjClNqrQJhlsXe3R2Nw4D65i6t2o1lY3F_YI0U2fOYwiIXlUt-nf_E5VLVuQ6v1_BlCSOcGfozx10wpliZiYT8O2k07cEFnxHpklyPu7v18c_yOP-hRU6WTxFgBkOax4Gy25aXahbWIdCht3lk20oUGPhWjaxCqt3cYsrEAJdY6kEfzaMYnShGTk3LRAYNtWUg7HqfDJUGXq4iAQXcB6q3onG2OJCCeFvQDbogPNSP1akGZGXKHorZjkU3usy-bMTjlCCZXFADHwuyJpu3A0yMPdiyk6N9bJWOHBRG-bXx7WAVvIxydML2OKOZqTz2IdG2dVSHJ_nUVurapXcncY9hdADyUgRh3sVl1abDvXFuZogRYOdxcE-ycv8LSNY5UIzqSb1C4jPNq0uP7bg93ebav4W-so8HKE0r7Cpjtq9WZGKMaJSHGs6uVxJa53ajdTjoxGyKtMXzNncDtnW516yDxcu8DOUqsZAisfOmFuArJoIEdcigdx5LSZVuvvQ3maFxbUxFlN5yPy_NMSR6nHDc9wSgoA_FvBQtU3Cec_2sUY6pQ7uubg4vzXvXVwq4-aadtBO5obO1U3IjraL8JmsDaa3uEaRb_NX0T_xhbp2PavoC3vggJ-zofujixumvc0dfITqN94lk84rQ3_hpYP52QXU2HhnfokU_kuXQmkFpfLYoZdYrr-QUDN4nMrjf34fCHJ8hqAxTkuljtp5uzKb7_i1JbCUpUvl65bmgpMGd4QHS8ZFCR2AcTyqeIojDtiS2_VT-j3OBniTIf9xqO4XIPM23__4UtGngVAzug133mVDB6FF8sm3teK2rbjC2lPcUUI5ws0TQwj3WH8LW23hnRqnaiSxUVasP-XGrxKCxLkt-2eJ7XFQLg6FgnCNYS_MTKDZYzi01pp5rbuuA2FGogIoFBrUhg9kvFMkKDRWnz9qYKd2u11AQYA0rQvCo5LJIidNLiCotY8rMbCIVh7crKxALMOHDZrFhvnnKkk30NQQolukzdKSFnpkYcDmXaiXiBsQ&cid=CAQSMgBygQiDH7vUjeYpZ6sz5OfriVeR4yfOPO1x9jNORME2XgLjae-ixSe-ytV7yegxxXtRGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=8147634137851645000&adk=4056037400&idt=290&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ed03d04fd66e38e7c474ad1d6aa5bf12bc5e12d40ce995dd7c77bace38715ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36649
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4121 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Origin
https://mnadshield-a.akamaihd.net
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 13:52:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230626/r20110914/elements/html/ Frame 4121 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230626/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWfgXYy-Y22jcm9TMOuQ7iocAryCuG7YtoB77PI9vyX6Q-4UmlD0ez8kZ9Wp93KwoYhUdlr9Gfj8rHmFEEDOdTu-2KHQtfj-eOO7bAjK6MKd4PEQb7ZqwYwl1Nv6rPZ71UqnOXc_IW7al0cWlSFdwkLLjYidentDnArDQncmYZbdjLnj0&cry=1&dbm_d=AKAmf-C9Epjs_K-lRdo7cklKeVWBkdYNZHP4Yb-PB_x34uqllfPYnAm4Bw-nryJdr59pwHh3f6F5XVkEkcgBypQbiBBLlnVDWvu5Nb0BKfl9yWWZs1wO4un_AwSot_VB6CXDxYwo5nDhzLuyHnjGJlgMUz57qVXyTzzadOje6nqo5SP3mm9FfT1z6yEQ22SzAN7UDCvVukiHvpesjC2ugioypF6c9qb_reAyFfUz1Nwnmx4dHmz1x9wzarIRSNvYymi_qTusjYKFKRTt7EIZnIR6ScY98NKdU0Rtv6tIaQDp2r6U_FPYAl-4StzCFYvpYicOqhBoZRxrIXm6TdWdFDcRr25iaHScNaCveFrmattfIq5_5k-AgM3vP3W_ZdKGJHdH_stYN34mjTL84fGKkMYCkVaD1-Ix5hRIltC3aBRLqhBSc-KhPV286Rcf5J5796KGUY7SHd-naWRHSoUOg0stbXMP90TXIfcuKDqE57E10O0TghcGctmSN6LpbzF7dAOReU65tV0J9sAXftafSvM_6CLs_r6Lf52Rp0g_AV5WQ3EGN_TqDGqmyCVldfIP5zF5KClvEJaWJClSdNEOxiub4jXkJ0gW_1fmgignvMN-HzNaoU3yrrbrpjc4L_egeOwlWcOLHXhg8DkqMJRfzLBjjy0O2-3IuolKZcb_hcNeXcnGPjbdz25csvgNo5pS3kiu4UKAZSg43N4u_UXQBCxjUsvkYNQl_Yl3b5BtWdHYLMMbhJjaACT8_j5jM_wSuG_j2AT9TizzRG3H4Awt7gwZeervsNnhY4xAhP2G23ijaR2yUxkCp5PMsA5QXDuEHhSUjObvOprGosuRLJG9rJuFLVYGRxeSDnqWZ1XK8cP1XpImATsEAyxBdnTWvZ0BDUnQYiSRcOo-NNzETT6K9yNYd4ggaKaJMO6U9eGH0J9c5FIEpFOoEs63eQ4w6WDEoxxBml2FVYDqKd_MsOLlXJZf2gF1Q65QI1MWqQ22nBbdxGNuiVklWPXS4ryqC67xza-K18dgQqzkaKYjR5Q8TH8aIigdr9pjVsdtI3b6YeAo03H2qelie2TDNRjGQAdpLVMsMKXX3NF3dvHAicwyBW707dCXQ23iILNpPgG_vagL3ZmM0T6EWi6tgoZeIHTbv76rgz3uWYc1Ub18HNVb3-VXtFFbGW0V8Y4OVskR93nug6JrFtB4Mz4JC755HkmCl1ZiBbAJ4-Mxc1Rwq3KaGmQdNhJbKEx5vd36om1--52ElFl_Xi3g7RX7k3xLLCai8vS2KKs486HEiH6HaeVxTJSJyLGDsnXl4kXUstB-rl-Vm2UNYELBxt2Kx1lKXod_6vgzSZTKkV2WywiPS6ZQesR5mZZSi7YbXN6_aB4h8B-5PsbLgXVZZn1AvNTOPC8QGJeaHi3zb5JYH9PjSS1rM7aXYQlKhWlggqljbNQoB8-10J9JeeWJAXHRRoVxVFudKG8sPCFvcgKDqiuMM6LT65rxWifkXMgx4F_XX1x2GDjOSi_7XO9s-OpoyZs6H-vw0wwwvBiZqoAtrHRenuvP69vOqOdpIRmblGa4NeXKrGlf2MltSbVuX5MRS4alAWIeLt9WXkU84h-_lDDryKk11ZpmPw2P5bS0bbUReq7zqQOUR3CqHTF9ZJmkP7leMCxZnouM9qLFUb_aeAlQmAmBo3IIE3CYw_dm78rKyl3DUNUxCk4wHJ7-Bd1tPNTUUPdByQDLjPHKZmPtcozM3Gn8Wc7miK8AY2qHboiqqytCt4x1QGRA27RTTOSzq0C3JRLj0B7CXGxaKwW00FVolyZFOlPmDzNgL9E8uczsqGej_DDXrLp7wj1Q5QuihjBDHTIkfiJe6MIZX6FfioxCehcdYZy5LneFB5iiVIAGPQw5RJvXnbtPt4umvVSenRSMNGVOio7g8Munp-D3IeheJ3JrUE9d14tHAPqgd_fxl-MWskRGx1OEIyYYW-skIdmmUoj_YW8tScrzIdqz6LpdeURuMpWwfByISB97cAgHzzqGa8VgKABiJISzsFCoEVxGSV7yGm5CdgLXgOpCVf92IGIrxGlGRJov5a2XRVVzH51sJZYXPwm9qeZ9cYG0NlCM5r3pa3K95V8NU0XgwIjiklp6fqMwFRTOGEdtdYxVVZg4IlVod3HLC64rvIppGXdxRb0DdSBIhjNuLApO3gdY1HGWrBzTzlGU5SFxn3URfqMCJqQbNx5s18jsl-s4Q5txltyONX9Uis_yDz5TTvRqndqk6tkcHz34n8vte5tKJzeELe1m9_RAXFSG4wEDBZ_W1Wqxum8uC1Rju1Z1GmT20nA8QsLj_kQn2mtOwjLxCiA0vEHSjb1ez5e8uiB5vc5founo3O-veFu5_SX_hxoVlAmhYPsXKSB1SvCY6VBtdH10uQNPlVFvJkhGjnt_cSm8zHkfrSblvKucsi6HNY0GSZNCFiVDHm_2SCfciCj5y4M0Lpsi4-FdSG4c7FVxuE6fyP_ZfVG5KWWMjdkBbU2Z-urQ-VDM7yMXcCaAAXi4pMjPjngeGy-cN0eclDE0twYBrr6M-3RVXUUAl7673Xf_h0CTEW042upRhRFqAptANgWbv9gFqMdZxsTXQxbNbrXUoQ_0RMND-BOPgvmmhSLZsXpE0Vhn4n0GBpAqoszWTA0QBifXmur3DG31MSUfZJywIZh5PaJThlkHj_fDamgN8P_L0Wv5YgIilR1Kr2zuIBkb6PSKZ7P34z0Y3iBC2ebGxMyFQFAwfjEtz3_ugN0Frh0kAw9SZzhAooZkGyRrSrt6sPJwX0zT60EP_pxPFaOtcg0K-CPyLopNyKDaI9SoaFucgLwfzzvGeN_YJtMLZaVorLGOSRTf6c3oaENQMRmwDwJUmZcGSgqasXVdgZEoo1WJlvntfuDUfvW6eBqeew5E1Eb7zXQymXW_42QiGS6yPexjGBR-jHlgFZUHwgd8tr9rS45G1wp4C9XesLbOtZ_BFxnJQDyHXPxILU3-3RbR0cpCaBiePT3zqqCdej0fliIFBu8UyKwrxKHJRk-Vq_5kdEo6qBnO86p7yZk_442gdmivSEECAQ3_0-Nybfa04HkA5Yf6I2CAo3RjJPjhX5nBjdQNDvKdL_xs-uoVe_IM-wSYFLBN0rY3xtlmMyJ3eybe6koKJJhTWYMRiAQiI26ieTisk5U-jXR3V8XiCuBVkyd8TJwe7R7dVfRPBRv-vpgWo9-7cwHQINlu4fepfaYkrzhnODCI1IZQ4mieg6ywoXz3cP4HWGCCvpNVuxLZ_tT88VQFl6R01H6fr8re1x6TG5uT8UXv75LHMWqqK3V3vVQCuX-wpPH1o8t6dA0tsDxQ7g9K3NE3AOwtUKJGo3F6u5Z7C43P-GpiyU7oHHPQ73TYEUyF1IgNtewMa9bwcNwe_bAH760ay-40pg&cid=CAQSMgBygQiDYoP9H17zLT12MvoFBBz1TJt743n_o7FWgqB8mFXO3gjaXyoA9mTToyEtuCrwGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=2897436191271481300&adk=3249947758&idt=192&cac=0&dtd=149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:36:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230626/r20110914/ Frame 4121 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230626/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWfgXYy-Y22jcm9TMOuQ7iocAryCuG7YtoB77PI9vyX6Q-4UmlD0ez8kZ9Wp93KwoYhUdlr9Gfj8rHmFEEDOdTu-2KHQtfj-eOO7bAjK6MKd4PEQb7ZqwYwl1Nv6rPZ71UqnOXc_IW7al0cWlSFdwkLLjYidentDnArDQncmYZbdjLnj0&cry=1&dbm_d=AKAmf-C9Epjs_K-lRdo7cklKeVWBkdYNZHP4Yb-PB_x34uqllfPYnAm4Bw-nryJdr59pwHh3f6F5XVkEkcgBypQbiBBLlnVDWvu5Nb0BKfl9yWWZs1wO4un_AwSot_VB6CXDxYwo5nDhzLuyHnjGJlgMUz57qVXyTzzadOje6nqo5SP3mm9FfT1z6yEQ22SzAN7UDCvVukiHvpesjC2ugioypF6c9qb_reAyFfUz1Nwnmx4dHmz1x9wzarIRSNvYymi_qTusjYKFKRTt7EIZnIR6ScY98NKdU0Rtv6tIaQDp2r6U_FPYAl-4StzCFYvpYicOqhBoZRxrIXm6TdWdFDcRr25iaHScNaCveFrmattfIq5_5k-AgM3vP3W_ZdKGJHdH_stYN34mjTL84fGKkMYCkVaD1-Ix5hRIltC3aBRLqhBSc-KhPV286Rcf5J5796KGUY7SHd-naWRHSoUOg0stbXMP90TXIfcuKDqE57E10O0TghcGctmSN6LpbzF7dAOReU65tV0J9sAXftafSvM_6CLs_r6Lf52Rp0g_AV5WQ3EGN_TqDGqmyCVldfIP5zF5KClvEJaWJClSdNEOxiub4jXkJ0gW_1fmgignvMN-HzNaoU3yrrbrpjc4L_egeOwlWcOLHXhg8DkqMJRfzLBjjy0O2-3IuolKZcb_hcNeXcnGPjbdz25csvgNo5pS3kiu4UKAZSg43N4u_UXQBCxjUsvkYNQl_Yl3b5BtWdHYLMMbhJjaACT8_j5jM_wSuG_j2AT9TizzRG3H4Awt7gwZeervsNnhY4xAhP2G23ijaR2yUxkCp5PMsA5QXDuEHhSUjObvOprGosuRLJG9rJuFLVYGRxeSDnqWZ1XK8cP1XpImATsEAyxBdnTWvZ0BDUnQYiSRcOo-NNzETT6K9yNYd4ggaKaJMO6U9eGH0J9c5FIEpFOoEs63eQ4w6WDEoxxBml2FVYDqKd_MsOLlXJZf2gF1Q65QI1MWqQ22nBbdxGNuiVklWPXS4ryqC67xza-K18dgQqzkaKYjR5Q8TH8aIigdr9pjVsdtI3b6YeAo03H2qelie2TDNRjGQAdpLVMsMKXX3NF3dvHAicwyBW707dCXQ23iILNpPgG_vagL3ZmM0T6EWi6tgoZeIHTbv76rgz3uWYc1Ub18HNVb3-VXtFFbGW0V8Y4OVskR93nug6JrFtB4Mz4JC755HkmCl1ZiBbAJ4-Mxc1Rwq3KaGmQdNhJbKEx5vd36om1--52ElFl_Xi3g7RX7k3xLLCai8vS2KKs486HEiH6HaeVxTJSJyLGDsnXl4kXUstB-rl-Vm2UNYELBxt2Kx1lKXod_6vgzSZTKkV2WywiPS6ZQesR5mZZSi7YbXN6_aB4h8B-5PsbLgXVZZn1AvNTOPC8QGJeaHi3zb5JYH9PjSS1rM7aXYQlKhWlggqljbNQoB8-10J9JeeWJAXHRRoVxVFudKG8sPCFvcgKDqiuMM6LT65rxWifkXMgx4F_XX1x2GDjOSi_7XO9s-OpoyZs6H-vw0wwwvBiZqoAtrHRenuvP69vOqOdpIRmblGa4NeXKrGlf2MltSbVuX5MRS4alAWIeLt9WXkU84h-_lDDryKk11ZpmPw2P5bS0bbUReq7zqQOUR3CqHTF9ZJmkP7leMCxZnouM9qLFUb_aeAlQmAmBo3IIE3CYw_dm78rKyl3DUNUxCk4wHJ7-Bd1tPNTUUPdByQDLjPHKZmPtcozM3Gn8Wc7miK8AY2qHboiqqytCt4x1QGRA27RTTOSzq0C3JRLj0B7CXGxaKwW00FVolyZFOlPmDzNgL9E8uczsqGej_DDXrLp7wj1Q5QuihjBDHTIkfiJe6MIZX6FfioxCehcdYZy5LneFB5iiVIAGPQw5RJvXnbtPt4umvVSenRSMNGVOio7g8Munp-D3IeheJ3JrUE9d14tHAPqgd_fxl-MWskRGx1OEIyYYW-skIdmmUoj_YW8tScrzIdqz6LpdeURuMpWwfByISB97cAgHzzqGa8VgKABiJISzsFCoEVxGSV7yGm5CdgLXgOpCVf92IGIrxGlGRJov5a2XRVVzH51sJZYXPwm9qeZ9cYG0NlCM5r3pa3K95V8NU0XgwIjiklp6fqMwFRTOGEdtdYxVVZg4IlVod3HLC64rvIppGXdxRb0DdSBIhjNuLApO3gdY1HGWrBzTzlGU5SFxn3URfqMCJqQbNx5s18jsl-s4Q5txltyONX9Uis_yDz5TTvRqndqk6tkcHz34n8vte5tKJzeELe1m9_RAXFSG4wEDBZ_W1Wqxum8uC1Rju1Z1GmT20nA8QsLj_kQn2mtOwjLxCiA0vEHSjb1ez5e8uiB5vc5founo3O-veFu5_SX_hxoVlAmhYPsXKSB1SvCY6VBtdH10uQNPlVFvJkhGjnt_cSm8zHkfrSblvKucsi6HNY0GSZNCFiVDHm_2SCfciCj5y4M0Lpsi4-FdSG4c7FVxuE6fyP_ZfVG5KWWMjdkBbU2Z-urQ-VDM7yMXcCaAAXi4pMjPjngeGy-cN0eclDE0twYBrr6M-3RVXUUAl7673Xf_h0CTEW042upRhRFqAptANgWbv9gFqMdZxsTXQxbNbrXUoQ_0RMND-BOPgvmmhSLZsXpE0Vhn4n0GBpAqoszWTA0QBifXmur3DG31MSUfZJywIZh5PaJThlkHj_fDamgN8P_L0Wv5YgIilR1Kr2zuIBkb6PSKZ7P34z0Y3iBC2ebGxMyFQFAwfjEtz3_ugN0Frh0kAw9SZzhAooZkGyRrSrt6sPJwX0zT60EP_pxPFaOtcg0K-CPyLopNyKDaI9SoaFucgLwfzzvGeN_YJtMLZaVorLGOSRTf6c3oaENQMRmwDwJUmZcGSgqasXVdgZEoo1WJlvntfuDUfvW6eBqeew5E1Eb7zXQymXW_42QiGS6yPexjGBR-jHlgFZUHwgd8tr9rS45G1wp4C9XesLbOtZ_BFxnJQDyHXPxILU3-3RbR0cpCaBiePT3zqqCdej0fliIFBu8UyKwrxKHJRk-Vq_5kdEo6qBnO86p7yZk_442gdmivSEECAQ3_0-Nybfa04HkA5Yf6I2CAo3RjJPjhX5nBjdQNDvKdL_xs-uoVe_IM-wSYFLBN0rY3xtlmMyJ3eybe6koKJJhTWYMRiAQiI26ieTisk5U-jXR3V8XiCuBVkyd8TJwe7R7dVfRPBRv-vpgWo9-7cwHQINlu4fepfaYkrzhnODCI1IZQ4mieg6ywoXz3cP4HWGCCvpNVuxLZ_tT88VQFl6R01H6fr8re1x6TG5uT8UXv75LHMWqqK3V3vVQCuX-wpPH1o8t6dA0tsDxQ7g9K3NE3AOwtUKJGo3F6u5Z7C43P-GpiyU7oHHPQ73TYEUyF1IgNtewMa9bwcNwe_bAH760ay-40pg&cid=CAQSMgBygQiDYoP9H17zLT12MvoFBBz1TJt743n_o7FWgqB8mFXO3gjaXyoA9mTToyEtuCrwGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=2897436191271481300&adk=3249947758&idt=192&cac=0&dtd=149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3daf718ede3a0e8d0af3799bbc550dafba281ecfddd6b4fb4651c8af3f8c3fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12839368631357612837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:36:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4121 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
146714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jun 2024 13:52:35 GMT
checksync.php
contextual.media.net/ Frame C7F1 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a33e7a9728b70d914b954e8e2573cc6abf13804e228b7084daab044c9fa51b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11963
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:50 GMT
expires
Sat, 01 Jul 2023 06:37:50 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usermatch
ssum-sec.casalemedia.com/ Frame A6DA 		0
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1DE9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
146409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Jun 2023 13:57:41 GMT
expires
Wed, 26 Jun 2024 13:57:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame AD74 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Origin
https://mnadshield-a.akamaihd.net
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 13:52:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230626/r20110914/elements/html/ Frame AD74 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230626/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLiMdUIp937RtZxtULZO_cqQ0z9lMb8fsi8mll91cTMb_zLxu8rXqCpoWl0qqGxQkCpd8wlB6XmfvEyp4zTKUWWgr2WJb0bqpdhl9vt4hm7hoA74TgBbSLT_mKKdAKYYJQVaF7Y1PpjeZdKSEiO5PHCBfm9ZWNht4_xX14mcDZ8r9_KMM&cry=1&dbm_d=AKAmf-B8L7N4O8PN5tw-MpknC86hsz4C7mL2ephnG60F4lQ295xCIRk7h34XHqWt3JecYt0d9FEn1EAKYgXq08dRf2vwwYbEhQ2Eyh-rAjdhD2UnQWuCW9AJ9gB2cLBgXIVdtpH_07dZkny9P8gnFVKTGl1hbyL1iYzAzQnYlot-aPrn3QWOSTzClQSByu7qkgjYjO_y2cCo0XszWkkmDXwbvPaOLO4ZTprY5AuLx-RmxQm4Z7cxV8HvUfU_KNZQcQDggMasLNDF11Nb0_cHKGEbk26wwzmrQsh5JsmFx6GqOrnicbaXsJAJCW7arcopbayAcjkdZQt-La1ucbeQuzu70zXPQwKbdZKv-CaV0cLfCPxAsm5CXiEaw31uk9QZQ0hDREOiG85VFaPcPqOmlG3yt9N342g3e-gjI0xkV1vNOks6s_I0Z9kiUDkSMADhYab1csEjV2BOVsxtn8nCi5lLh7AF7cN5F07CaLpXNrcYRXra4HkZPIHIpsmmTNSRs0-J330FpXGy7CyOIjSbP4mnrUNr9xttc0tnaHmUMK3LQDR3P6B9zF5ksKEr6PUv5-XbKpYtMt9X_r7bv0PqM5jZvLtxv2LEw5FepXt1HjP59GujcxsqaPA-mdiKGRzgqcoetCA2hYiybueD7GOWBhJMmNc-uZnc7Yimx23NfWXH7D1XB0Df1AAsTIbZDiCGUTFN-T0AmN4FT7-IVu9XXk7lPGMb1oXb1DQ4sYKJmpOIhdR3ByX79UIRaE0PUdyt-3l9rv1BrdS9u_1kB7_rL3qxAHoRXLEPV2W-KwfO7Cj282hNyM6nrahBf54R5TsJupT1cK33Z_SQuLc9kW7Ql4FxZv8cXYrObM0bvdhVuDjVC3_m8uqBQlx3YJif8VM1A2liRTcuFpFy9SNINnc1MNXT08cNJjpgBDu8cYTNeQVRo4WPXP9gWo4uz19777n76q3AY_ADHJWU502MA5ToaSctPBgn7hFaI1Z6pNcSQD50iGBAIcltaRL58qe1KDJgteOM35-f7eDRNxUYH-bLNPXCbty2ibjCFtn0537Yz5pkmHdzaTGySh0CP0SWg5P7uNqek9fTsWBcSYsZY1cK07PNQ0Zbhxu3S_6GiEB9gy7EgDoWlN8ypE4ZCkNydyBGmvlS-XOSzaMkwaWxBAB8zra7KtbUAJgufggWdU9aa9dXozfZ_7_LaYJauIRrQJjE5bEeBiahQfMG2aMaCtyq7TpzEEp-z2ib1V_gkqbDvvW1JTsZ6O9iSP9EBWE09dAEjloKrpw3lyrFgIv15TpjYVqSDgbfd0BRBgjap9SSwK3J5iP_l7NwMlveqVLTxWy7IAklLuxCnh8gXkvJVJNR0dDddyp2-3VFx4B2ZPa0vnMixqk35hUpZ-FUW9ak1Ef-PwnqGJwE0MKVMQl1fdu_UYBMGhztMIczZCVsB8Ml5CU_XL7S3WLzR89xDhzGpc1u-uwlI-NaKDcaazC7HRpvg7Bi5bg3xEp4Vw6gVs009WnaX9iZYashJiLBH1pOYoiK_DeVTmGzbFtS8zOqO9rU7kzfpubjUi3EBYy55VQ4yTryLHhNyyzKR3xCP3Qv7q1-KQ-oV1IkN8f27j14qXXB8-qydn-uojtFYo3-po7TLpG25UZKIrUylOV8dVrCoQJZnkx1KabZ2y4JAamAsumKuDYXFmYfe19sTLLaQIqhyvxGJTnMf2S78x18ZcKFPX2Y-bTSRo-O72l9W6VjggUuT7czawsfTWU43OndsEcgPBlfEcPf8i6uuj-gwwAROdiynMkXMGr8Zj28bCO8PXlhUJ9qAQsLIoTf-W4jUoMZ32bhxH7R5XJtdOwfceDXCda9pV1POGoQONCBTXeFrxuwZwjPORpmF_iqQrj0CWCXTMATdr1vNtkDajpUDWfsTdX83fNchjAL1lM3kGqLe_-S54Btcej-TzIqJGaffwpiktMJu71njf9Jb69B9xNCxN0JULS5DYpW6Pxf7gPK4ya0SbIDZMaMq934JHmJj0ySWs4y0VilReV_LFCAPaywPfOHJ1-LAwiO8c-ekm-aeWN-zclGj7WkVWYdSG_JXRUYodAaJUMxLhka04yV2nyg49kq0yGP7zLHK_MUwNmgTDMDQYEFBl6O_DF629SDevVpQWw296_oVkfhz8jZtLjR2v7_oNqiaTPK6w1Wm1eS_Bjq8Dxuwuj3wJbvF4c3CO8hkqNUYsw8Z_FCb1ZbV2Lyod0_y0MWWADxhGtltdCtNqSv5G1IYlI6JF4LM2jG-pcxVUnIpcrg2jF0R81UQiA2gaMckzGNZ4cRWGmj-J_k8-ppMEXvvMYueFiAzSGkhiZZBNiwlGpwBLevMuZsxvRFBLvj2y7ilOCpVT5Rk8s66r3QlvvlAUReVEjClNqrQJhlsXe3R2Nw4D65i6t2o1lY3F_YI0U2fOYwiIXlUt-nf_E5VLVuQ6v1_BlCSOcGfozx10wpliZiYT8O2k07cEFnxHpklyPu7v18c_yOP-hRU6WTxFgBkOax4Gy25aXahbWIdCht3lk20oUGPhWjaxCqt3cYsrEAJdY6kEfzaMYnShGTk3LRAYNtWUg7HqfDJUGXq4iAQXcB6q3onG2OJCCeFvQDbogPNSP1akGZGXKHorZjkU3usy-bMTjlCCZXFADHwuyJpu3A0yMPdiyk6N9bJWOHBRG-bXx7WAVvIxydML2OKOZqTz2IdG2dVSHJ_nUVurapXcncY9hdADyUgRh3sVl1abDvXFuZogRYOdxcE-ycv8LSNY5UIzqSb1C4jPNq0uP7bg93ebav4W-so8HKE0r7Cpjtq9WZGKMaJSHGs6uVxJa53ajdTjoxGyKtMXzNncDtnW516yDxcu8DOUqsZAisfOmFuArJoIEdcigdx5LSZVuvvQ3maFxbUxFlN5yPy_NMSR6nHDc9wSgoA_FvBQtU3Cec_2sUY6pQ7uubg4vzXvXVwq4-aadtBO5obO1U3IjraL8JmsDaa3uEaRb_NX0T_xhbp2PavoC3vggJ-zofujixumvc0dfITqN94lk84rQ3_hpYP52QXU2HhnfokU_kuXQmkFpfLYoZdYrr-QUDN4nMrjf34fCHJ8hqAxTkuljtp5uzKb7_i1JbCUpUvl65bmgpMGd4QHS8ZFCR2AcTyqeIojDtiS2_VT-j3OBniTIf9xqO4XIPM23__4UtGngVAzug133mVDB6FF8sm3teK2rbjC2lPcUUI5ws0TQwj3WH8LW23hnRqnaiSxUVasP-XGrxKCxLkt-2eJ7XFQLg6FgnCNYS_MTKDZYzi01pp5rbuuA2FGogIoFBrUhg9kvFMkKDRWnz9qYKd2u11AQYA0rQvCo5LJIidNLiCotY8rMbCIVh7crKxALMOHDZrFhvnnKkk30NQQolukzdKSFnpkYcDmXaiXiBsQ&cid=CAQSMgBygQiDH7vUjeYpZ6sz5OfriVeR4yfOPO1x9jNORME2XgLjae-ixSe-ytV7yegxxXtRGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=8147634137851645000&adk=4056037400&idt=290&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:36:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230626/r20110914/ Frame AD74 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230626/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLiMdUIp937RtZxtULZO_cqQ0z9lMb8fsi8mll91cTMb_zLxu8rXqCpoWl0qqGxQkCpd8wlB6XmfvEyp4zTKUWWgr2WJb0bqpdhl9vt4hm7hoA74TgBbSLT_mKKdAKYYJQVaF7Y1PpjeZdKSEiO5PHCBfm9ZWNht4_xX14mcDZ8r9_KMM&cry=1&dbm_d=AKAmf-B8L7N4O8PN5tw-MpknC86hsz4C7mL2ephnG60F4lQ295xCIRk7h34XHqWt3JecYt0d9FEn1EAKYgXq08dRf2vwwYbEhQ2Eyh-rAjdhD2UnQWuCW9AJ9gB2cLBgXIVdtpH_07dZkny9P8gnFVKTGl1hbyL1iYzAzQnYlot-aPrn3QWOSTzClQSByu7qkgjYjO_y2cCo0XszWkkmDXwbvPaOLO4ZTprY5AuLx-RmxQm4Z7cxV8HvUfU_KNZQcQDggMasLNDF11Nb0_cHKGEbk26wwzmrQsh5JsmFx6GqOrnicbaXsJAJCW7arcopbayAcjkdZQt-La1ucbeQuzu70zXPQwKbdZKv-CaV0cLfCPxAsm5CXiEaw31uk9QZQ0hDREOiG85VFaPcPqOmlG3yt9N342g3e-gjI0xkV1vNOks6s_I0Z9kiUDkSMADhYab1csEjV2BOVsxtn8nCi5lLh7AF7cN5F07CaLpXNrcYRXra4HkZPIHIpsmmTNSRs0-J330FpXGy7CyOIjSbP4mnrUNr9xttc0tnaHmUMK3LQDR3P6B9zF5ksKEr6PUv5-XbKpYtMt9X_r7bv0PqM5jZvLtxv2LEw5FepXt1HjP59GujcxsqaPA-mdiKGRzgqcoetCA2hYiybueD7GOWBhJMmNc-uZnc7Yimx23NfWXH7D1XB0Df1AAsTIbZDiCGUTFN-T0AmN4FT7-IVu9XXk7lPGMb1oXb1DQ4sYKJmpOIhdR3ByX79UIRaE0PUdyt-3l9rv1BrdS9u_1kB7_rL3qxAHoRXLEPV2W-KwfO7Cj282hNyM6nrahBf54R5TsJupT1cK33Z_SQuLc9kW7Ql4FxZv8cXYrObM0bvdhVuDjVC3_m8uqBQlx3YJif8VM1A2liRTcuFpFy9SNINnc1MNXT08cNJjpgBDu8cYTNeQVRo4WPXP9gWo4uz19777n76q3AY_ADHJWU502MA5ToaSctPBgn7hFaI1Z6pNcSQD50iGBAIcltaRL58qe1KDJgteOM35-f7eDRNxUYH-bLNPXCbty2ibjCFtn0537Yz5pkmHdzaTGySh0CP0SWg5P7uNqek9fTsWBcSYsZY1cK07PNQ0Zbhxu3S_6GiEB9gy7EgDoWlN8ypE4ZCkNydyBGmvlS-XOSzaMkwaWxBAB8zra7KtbUAJgufggWdU9aa9dXozfZ_7_LaYJauIRrQJjE5bEeBiahQfMG2aMaCtyq7TpzEEp-z2ib1V_gkqbDvvW1JTsZ6O9iSP9EBWE09dAEjloKrpw3lyrFgIv15TpjYVqSDgbfd0BRBgjap9SSwK3J5iP_l7NwMlveqVLTxWy7IAklLuxCnh8gXkvJVJNR0dDddyp2-3VFx4B2ZPa0vnMixqk35hUpZ-FUW9ak1Ef-PwnqGJwE0MKVMQl1fdu_UYBMGhztMIczZCVsB8Ml5CU_XL7S3WLzR89xDhzGpc1u-uwlI-NaKDcaazC7HRpvg7Bi5bg3xEp4Vw6gVs009WnaX9iZYashJiLBH1pOYoiK_DeVTmGzbFtS8zOqO9rU7kzfpubjUi3EBYy55VQ4yTryLHhNyyzKR3xCP3Qv7q1-KQ-oV1IkN8f27j14qXXB8-qydn-uojtFYo3-po7TLpG25UZKIrUylOV8dVrCoQJZnkx1KabZ2y4JAamAsumKuDYXFmYfe19sTLLaQIqhyvxGJTnMf2S78x18ZcKFPX2Y-bTSRo-O72l9W6VjggUuT7czawsfTWU43OndsEcgPBlfEcPf8i6uuj-gwwAROdiynMkXMGr8Zj28bCO8PXlhUJ9qAQsLIoTf-W4jUoMZ32bhxH7R5XJtdOwfceDXCda9pV1POGoQONCBTXeFrxuwZwjPORpmF_iqQrj0CWCXTMATdr1vNtkDajpUDWfsTdX83fNchjAL1lM3kGqLe_-S54Btcej-TzIqJGaffwpiktMJu71njf9Jb69B9xNCxN0JULS5DYpW6Pxf7gPK4ya0SbIDZMaMq934JHmJj0ySWs4y0VilReV_LFCAPaywPfOHJ1-LAwiO8c-ekm-aeWN-zclGj7WkVWYdSG_JXRUYodAaJUMxLhka04yV2nyg49kq0yGP7zLHK_MUwNmgTDMDQYEFBl6O_DF629SDevVpQWw296_oVkfhz8jZtLjR2v7_oNqiaTPK6w1Wm1eS_Bjq8Dxuwuj3wJbvF4c3CO8hkqNUYsw8Z_FCb1ZbV2Lyod0_y0MWWADxhGtltdCtNqSv5G1IYlI6JF4LM2jG-pcxVUnIpcrg2jF0R81UQiA2gaMckzGNZ4cRWGmj-J_k8-ppMEXvvMYueFiAzSGkhiZZBNiwlGpwBLevMuZsxvRFBLvj2y7ilOCpVT5Rk8s66r3QlvvlAUReVEjClNqrQJhlsXe3R2Nw4D65i6t2o1lY3F_YI0U2fOYwiIXlUt-nf_E5VLVuQ6v1_BlCSOcGfozx10wpliZiYT8O2k07cEFnxHpklyPu7v18c_yOP-hRU6WTxFgBkOax4Gy25aXahbWIdCht3lk20oUGPhWjaxCqt3cYsrEAJdY6kEfzaMYnShGTk3LRAYNtWUg7HqfDJUGXq4iAQXcB6q3onG2OJCCeFvQDbogPNSP1akGZGXKHorZjkU3usy-bMTjlCCZXFADHwuyJpu3A0yMPdiyk6N9bJWOHBRG-bXx7WAVvIxydML2OKOZqTz2IdG2dVSHJ_nUVurapXcncY9hdADyUgRh3sVl1abDvXFuZogRYOdxcE-ycv8LSNY5UIzqSb1C4jPNq0uP7bg93ebav4W-so8HKE0r7Cpjtq9WZGKMaJSHGs6uVxJa53ajdTjoxGyKtMXzNncDtnW516yDxcu8DOUqsZAisfOmFuArJoIEdcigdx5LSZVuvvQ3maFxbUxFlN5yPy_NMSR6nHDc9wSgoA_FvBQtU3Cec_2sUY6pQ7uubg4vzXvXVwq4-aadtBO5obO1U3IjraL8JmsDaa3uEaRb_NX0T_xhbp2PavoC3vggJ-zofujixumvc0dfITqN94lk84rQ3_hpYP52QXU2HhnfokU_kuXQmkFpfLYoZdYrr-QUDN4nMrjf34fCHJ8hqAxTkuljtp5uzKb7_i1JbCUpUvl65bmgpMGd4QHS8ZFCR2AcTyqeIojDtiS2_VT-j3OBniTIf9xqO4XIPM23__4UtGngVAzug133mVDB6FF8sm3teK2rbjC2lPcUUI5ws0TQwj3WH8LW23hnRqnaiSxUVasP-XGrxKCxLkt-2eJ7XFQLg6FgnCNYS_MTKDZYzi01pp5rbuuA2FGogIoFBrUhg9kvFMkKDRWnz9qYKd2u11AQYA0rQvCo5LJIidNLiCotY8rMbCIVh7crKxALMOHDZrFhvnnKkk30NQQolukzdKSFnpkYcDmXaiXiBsQ&cid=CAQSMgBygQiDH7vUjeYpZ6sz5OfriVeR4yfOPO1x9jNORME2XgLjae-ixSe-ytV7yegxxXtRGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=8147634137851645000&adk=4056037400&idt=290&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3daf718ede3a0e8d0af3799bbc550dafba281ecfddd6b4fb4651c8af3f8c3fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 21:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12839368631357612837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jul 2023 21:36:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AD74 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
146715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jun 2024 13:52:35 GMT
checksync.php
contextual.media.net/ Frame E4FB 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a33e7a9728b70d914b954e8e2573cc6abf13804e228b7084daab044c9fa51b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11963
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 06:37:50 GMT
expires
Sat, 01 Jul 2023 06:37:50 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame 1DE9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
71799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:41:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2162 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e388628e4ffc8efdf44fd6338facdab55cef802527e7a4f6d8e49ae0c617db1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25860
x-xss-protection
0
server
cafe
etag
271 / 19537 / m202306260101 / config-hash: 7472368790766015396
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:50 GMT
sync
gum.criteo.com/ Frame C7F1 		88 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c7c7c51f684c077f6df0742f931bbb7e7f1b85b850f6a06b85206b9295129259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
981439
expires
60
usync.html
eus.rubiconproject.com/ Frame 272B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Jun 2023 06:37:50 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 29 Jun 2023 06:37:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame B09B
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Drkt%26refUrl%3D%26vid%3D802067035333102227042625230...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206703533310222704262523000V10&ovsid=5144588525469845757
235 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206703533310222704262523000V10&ovsid=5144588525469845757
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Thu, 29 Jun 2023 06:37:51 GMT
expires
Thu, 29 Jun 2023 06:37:51 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 29 Jun 2023 06:37:50 GMT
Location
https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206703533310222704262523000V10&ovsid=5144588525469845757
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame C7F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dapx%26refUrl%3D%26vid%3D80206703533310222704262523000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=apx&refUrl=&vid=80206703533310222704262523000V10&ovsid=7226639094620937395
61 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=apx&refUrl=&vid=80206703533310222704262523000V10&ovsid=7226639094620937395
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ab9655e9-e31e-43ae-84e8-55952eefaaa6
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=apx&refUrl=&vid=80206703533310222704262523000V10&ovsid=7226639094620937395
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame C7F1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3310222704262523...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=opx&refUrl=&vid=80206703533310222704262523000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=opx&refUrl=&vid=80206703533310222704262523000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262523000V10&type=opx&refUrl=&vid=80206703533310222704262523000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame C7F1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dmma%26refUrl%3D%26vid%3D802067035333102227042625...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=mma&refUrl=&vid=80206703533310222704262523000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
61 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=mma&refUrl=&vid=80206703533310222704262523000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x12 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=mma&refUrl=&vid=80206703533310222704262523000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Jun 2023 06:37:49 GMT
cksync.php
contextual.media.net/ Frame C7F1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206703533310222704...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206703533310...
  • https://ad.turn.com/r/cs?pid=45&rndcb=121897633
  • https://sync.1rx.io/usersync/turn/8613285097639594033?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
61 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:52 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
date
Thu, 29 Jun 2023 06:37:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXaed7b2241c384fdbac1cc0cad5a9f06c003
content-type
text/html
cksync
cs.media.net/ Frame C7F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzMxMDIyMjcwNDI2MjUyMzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
61 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C7F1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206703533310222704262...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262523000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206703533310222...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=dxu&refUrl=&vid=80206703533310222704262523000V10&ovsid=c5x33qow1QeLhS5
61 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=dxu&refUrl=&vid=80206703533310222704262523000V10&ovsid=c5x33qow1QeLhS5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:53 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262523000V10&type=dxu&refUrl=&vid=80206703533310222704262523000V10&ovsid=c5x33qow1QeLhS5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C7F1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
61 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1210313
content-length
0
expires
Thu, 29 Jun 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C7F1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=dWag9UwpasalZFgXaaHq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=802067035333102227042625...
60 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206703533310222704262523000V10&vsid=3310222704262523000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:51 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:51 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206703533310222704262523000V10&vsid=3310222704262523000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame C7F1
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3310222704262523000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3310222704262523000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=7cb5138a-a4b4-4a6e-af62-319634a85fa2&cs=1
61 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=7cb5138a-a4b4-4a6e-af62-319634a85fa2&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:52 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=7cb5138a-a4b4-4a6e-af62-319634a85fa2&cs=1
Date
Thu, 29 Jun 2023 06:37:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame C7F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
61 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
52154.gif
idsync.rlcdn.com/ Frame C7F1
Redirect Chain
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262523000V10
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262523000V10&_li_chk=true&previous_uuid=227d4c8be810464594d291f975832c66
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=227d4c8b-e810-4645-94d2-91f975832c66
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a3410a52-6f0d-4655-8b49-a311a5aa9655%3A1688020673.9161553&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da3410a52-6f0d-4655-8b49-a311a5a...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210825728788286&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da3410a52-6f0d-4655-8b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a3410a52-6f0d-4655-8b49-a311a5aa9655%3A1688020673.9161553&_=1688020673.9202669
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdhMzQxMGE1Mi02ZjBkLTQ2NTUtOGI0OS1hMzExYTVhYTk2NTU6MTY4ODAyMDY3My45MTYxNTUzEAAaDQjDzfSkBhIFCOgHEABCAEoA
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7226639094620937395
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7226639094620937395
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Date
Thu, 29 Jun 2023 06:37:55 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6c2f86ef-5648-4a2a-b1c1-cf1f9d28800e
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7226639094620937395
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame 15BB 		88 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eeb18ee239f5483fffc8ff1b42f8e309324149ff229dd1700ae5f93131260ce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
831962
expires
60
usync.html
eus.rubiconproject.com/ Frame DB24
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Jun 2023 06:37:50 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 29 Jun 2023 06:37:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 1B8B
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Drkt%26refUrl%3D%26vid%3D802067040633102227042625230...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206704063310222704262523000V10&ovsid=5134455419784315997
235 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206704063310222704262523000V10&ovsid=5134455419784315997
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Thu, 29 Jun 2023 06:37:51 GMT
expires
Thu, 29 Jun 2023 06:37:51 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 29 Jun 2023 06:37:51 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=rkt&refUrl=&vid=80206704063310222704262523000V10&ovsid=5134455419784315997
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame 15BB
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
61 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
553754
content-length
0
expires
Thu, 29 Jun 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 15BB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3310222704262523000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3310222704262523000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5a5f7648-15f1-4a9c-9c9f-27746a1d8f78&cs=1
61 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=5a5f7648-15f1-4a9c-9c9f-27746a1d8f78&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:52 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=5a5f7648-15f1-4a9c-9c9f-27746a1d8f78&cs=1
Date
Thu, 29 Jun 2023 06:37:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame 15BB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
61 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
sync
live.rezync.com/ Frame 15BB
Redirect Chain
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262523000V10
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262523000V10&_li_chk=true&previous_uuid=e5e780eeba604dba9e560e02c249b7e7
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e5e780ee-ba60-4dba-9e56-0e02c249b7e7
0
0
cksync.php
contextual.media.net/ Frame 15BB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dapx%26refUrl%3D%26vid%3D80206704063310222704262523000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=apx&refUrl=&vid=80206704063310222704262523000V10&ovsid=7226639094620937395
61 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=apx&refUrl=&vid=80206704063310222704262523000V10&ovsid=7226639094620937395
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0b4e5d50-38c6-47c5-bbfb-2015c04cb087
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=apx&refUrl=&vid=80206704063310222704262523000V10&ovsid=7226639094620937395
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 15BB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3310222704262523...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=opx&refUrl=&vid=80206704063310222704262523000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=opx&refUrl=&vid=80206704063310222704262523000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3310222704262523000V10&type=opx&refUrl=&vid=80206704063310222704262523000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 15BB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dmma%26refUrl%3D%26vid%3D802067040633102227042625...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=mma&refUrl=&vid=80206704063310222704262523000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
61 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=mma&refUrl=&vid=80206704063310222704262523000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=mma&refUrl=&vid=80206704063310222704262523000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Jun 2023 06:37:49 GMT
cksync.php
contextual.media.net/ Frame 15BB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704063310222704...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704063310...
  • https://ad.turn.com/r/cs?pid=45&rndcb=842198302
  • https://sync.1rx.io/usersync/turn/8180939533412026417?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
61 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:53 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
date
Thu, 29 Jun 2023 06:37:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXaed7b2241c384fdbac1cc0cad5a9f06c003
content-type
text/html
cksync
cs.media.net/ Frame 15BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzMxMDIyMjcwNDI2MjUyMzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
61 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 15BB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206704063310222704262...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3310222704262523000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206704063310222...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=dxu&refUrl=&vid=80206704063310222704262523000V10&ovsid=qK68vac51QeLhS5
61 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=dxu&refUrl=&vid=80206704063310222704262523000V10&ovsid=qK68vac51QeLhS5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:53 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3310222704262523000V10&type=dxu&refUrl=&vid=80206704063310222704262523000V10&ovsid=qK68vac51QeLhS5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 15BB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=dWag9UwpasalZFgXaaHq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=802067040633102227042625...
60 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206704063310222704262523000V10&vsid=3310222704262523000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:51 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:51 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206704063310222704262523000V10&vsid=3310222704262523000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4A9A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
146409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Jun 2023 13:57:41 GMT
expires
Wed, 26 Jun 2024 13:57:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
gum.criteo.com/ Frame E4FB 		88 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7649b0ab1c566645bc2522f52566c194a5aa2eed5a107ca4791adf8b8f5aca7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
794805
expires
60
usync.html
eus.rubiconproject.com/ Frame A01D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Jun 2023 06:37:50 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 29 Jun 2023 06:37:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 7D5D
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Drkt%26refUrl%3D%26vid%3D802067048033102227042625820...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=rkt&refUrl=&vid=80206704803310222704262582000V10&ovsid=5141210825728788286
235 B
661 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=rkt&refUrl=&vid=80206704803310222704262582000V10&ovsid=5141210825728788286
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Thu, 29 Jun 2023 06:37:51 GMT
expires
Thu, 29 Jun 2023 06:37:51 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 29 Jun 2023 06:37:51 GMT
Location
https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=rkt&refUrl=&vid=80206704803310222704262582000V10&ovsid=5141210825728788286
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame E4FB
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
61 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=14a19c98-44a2-4160-baa3-5a98e76a42de
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
612226
content-length
0
expires
Thu, 29 Jun 2023 00:00:00 GMT
cksync
cs.media.net/ Frame E4FB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
61 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8334b4be-2d19-4991-ac01-0a3d6f7ad157
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame E4FB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dapx%26refUrl%3D%26vid%3D80206704803310222704262582000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=apx&refUrl=&vid=80206704803310222704262582000V10&ovsid=7226639094620937395
61 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=apx&refUrl=&vid=80206704803310222704262582000V10&ovsid=7226639094620937395
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:51 GMT

Redirect headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.129; 91.239.206.129; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b8cac4fa-6299-4de2-879a-744a7f314ab2
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=apx&refUrl=&vid=80206704803310222704262582000V10&ovsid=7226639094620937395
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame E4FB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3310222704262582...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=opx&refUrl=&vid=80206704803310222704262582000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=opx&refUrl=&vid=80206704803310222704262582000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=9&vsid=3310222704262582000V10&type=opx&refUrl=&vid=80206704803310222704262582000V10&ovsid=67095e15-0bd3-4936-9f86-b4c173c70e58
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame E4FB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dmma%26refUrl%3D%26vid%3D802067048033102227042625...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=mma&refUrl=&vid=80206704803310222704262582000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
61 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=mma&refUrl=&vid=80206704803310222704262582000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=mma&refUrl=&vid=80206704803310222704262582000V10&ovsid=7aec649d-26b8-4c00-9efc-873fef46c2c7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Jun 2023 06:37:49 GMT
cksync.php
contextual.media.net/ Frame E4FB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704803310222704...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%26refUrl%3D%26vid%3D80206704803310...
  • https://ad.turn.com/r/cs?pid=45&rndcb=5740290157
  • https://sync.1rx.io/usersync/turn/8541227503601666097?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
61 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:52 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=r1&refUrl=&vid=80206704803310222704262582000V10&ovsid=RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003
date
Thu, 29 Jun 2023 06:37:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXaed7b2241c384fdbac1cc0cad5a9f06c003
content-type
text/html
cksync
cs.media.net/ Frame E4FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzMxMDIyMjcwNDI2MjU4MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
61 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESED_k-O-xjJM8-wjiJKd2zHE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame E4FB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206704803310222704262...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3310222704262582000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80206704803310222...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=dxu&refUrl=&vid=80206704803310222704262582000V10&ovsid=TDXTRvvq1QeLhS5
61 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=dxu&refUrl=&vid=80206704803310222704262582000V10&ovsid=TDXTRvvq1QeLhS5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:53 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3310222704262582000V10&type=dxu&refUrl=&vid=80206704803310222704262582000V10&ovsid=TDXTRvvq1QeLhS5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame E4FB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=dWag9UwpasalZFgXaaHq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEK5QWOOKVO5YGC43BNRNEMZ2YMFQUQ...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=802067048033102227042625...
60 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206704803310222704262582000V10&vsid=3310222704262582000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:51 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Jun 2023 06:37:51 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=dWag9UwpasalZFgXaaHqhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=80206704803310222704262582000V10&vsid=3310222704262582000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame E4FB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3310222704262582000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3310222704262582000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5a5f7648-15f1-4a9c-9c9f-27746a1d8f78&cs=1
61 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=5a5f7648-15f1-4a9c-9c9f-27746a1d8f78&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:52 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=5a5f7648-15f1-4a9c-9c9f-27746a1d8f78&cs=1
Date
Thu, 29 Jun 2023 06:37:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
362358.gif
idsync.rlcdn.com/ Frame E4FB
Redirect Chain
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262582000V10
  • https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3310222704262582000V10&_li_chk=true&previous_uuid=bd042a6e1282492787decc530c452b30
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bd042a6e-1282-4927-87de-cc530c452b30
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ad759909-9d7a-4c8a-af23-9e6f4fba6c87%3A1688020674.228011&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dad759909-9d7a-4c8a-af23-9e6f4fba...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210825728788286&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dad759909-9d7a-4c8a-af...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ad759909-9d7a-4c8a-af23-9e6f4fba6c87%3A1688020674.228011&_=1688020674.2310212
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHL0b_M6tE2P0x6kBLLVV4M&google_cver=1
42 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHL0b_M6tE2P0x6kBLLVV4M&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHL0b_M6tE2P0x6kBLLVV4M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
c21lg-d.media.net/ Frame C7F1 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=3h50Bh9QeYtiQ3-FdoN4paZCYWPyGwlE&cs=15&vsid=3310222704262582000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 29 Jun 2023 06:37:50 GMT
content-length
35
content-type
image/gif
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/ Frame 2162 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a9262e4f0004178b2eb384213e53dd3e0c71eb13584d3f6b6dba57437014c1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
71290
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127813
x-xss-protection
0
server
cafe
etag
18191761431352456992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 27 Jun 2024 10:49:40 GMT
log
c21lg-d.media.net/ Frame 15BB 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=6No8bmqm6tFisweEmHPcGobp3L5zLMG4&cs=15&vsid=3310222704262582000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 29 Jun 2023 06:37:50 GMT
content-length
35
content-type
image/gif
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame 4A9A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
71799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:41:11 GMT
usync.js
eus.rubiconproject.com/ Frame 272B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8af3518ce1943c3dc09cbfb280463e74cc924bc45bdedc5fe61848f72c29e2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 02:46:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72564
Connection
keep-alive
Content-Length
10113
Expires
Fri, 30 Jun 2023 02:47:14 GMT
log
c21lg-d.media.net/ Frame E4FB 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=aFyKuY0QhNUKFMmocdHcfHYSLFKQycCr&cs=15&vsid=3310222704262582000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 29 Jun 2023 06:37:50 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 29 Jun 2023 06:37:50 GMT
content-length
35
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame DB24 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8af3518ce1943c3dc09cbfb280463e74cc924bc45bdedc5fe61848f72c29e2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 02:46:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72564
Connection
keep-alive
Content-Length
10113
Expires
Fri, 30 Jun 2023 02:47:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4121 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:50 GMT
index.html
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		98 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
7c4d149e9c773956008a645f8b8d95cbd9ee85b2c57e0f4428712a9b2a4d2f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
548497
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21728
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 22:16:14 GMT
expires
Fri, 21 Jun 2024 22:16:14 GMT
last-modified
Wed, 31 May 2023 08:59:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdy6_S52Fd_I5MWUjmhxBmm7h8tM122k2-Gww0kkLqHgliiuse8PS04xyx1HlMunEhx177FB-NQM2UiqsiZfS-DfGYENjGAWdaqW8wwMmgXXD0eebl_CCvmcfAtyxWxlEr6RMU-VeIsDcjOkkt1mseAQg&sai=AMfl-YQWvwzTCawZvJ7ifDa1I_vafvf7Bglc-m7iRGgLzc6HM8NGp6zJ2LA1RBNqcg_Zye7007ZJCwVF3fUuBkMzyRlMstZzxWAc5SeGuBfI8jOEIFowxPjuDT609ogwhBTyLSMx&sig=Cg0ArKJSzOP_y2wT6QrKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1090&cbvp=1&cstd=1077&cisv=r20230626.12383&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Jun 2023 06:37:51 GMT
usync.js
eus.rubiconproject.com/ Frame A01D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8af3518ce1943c3dc09cbfb280463e74cc924bc45bdedc5fe61848f72c29e2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Jun 2023 06:37:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 02:46:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72563
Connection
keep-alive
Content-Length
10113
Expires
Fri, 30 Jun 2023 02:47:14 GMT
integrator.js
adservice.google.com/adsid/ Frame 2162 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2162 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4093523805951771&correlator=1466602090582618&eid=31072019%2C31074949%2C31075341&output=ldjh&gdfp_req=1&vrg=202306260101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1688020670888&lmt=1688020670&dlt=1688020669253&idt=1606&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=wa3pkd2o2e5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=2086046491.1688020671&ga_sid=1688020671&ga_hid=2141894986&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
5b5d513afeb77dfbae2548acb32129141c2ad4d7faa00172a87a59682aa8436e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11996
x-xss-protection
0
google-lineitem-id
6336189971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437415221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2162 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5686fd2ad0669f2a4078562248148d4b4b6153ec6a2b6838c9736638c1c59345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11299
x-xss-protection
0
container.html
cbee8b3275ba2d0f5b03b26778f5362d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5067 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cbee8b3275ba2d0f5b03b26778f5362d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:51 GMT
expires
Fri, 28 Jun 2024 06:37:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD74 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:51 GMT
index.html
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		98 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
7c4d149e9c773956008a645f8b8d95cbd9ee85b2c57e0f4428712a9b2a4d2f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mnadshield-a.akamaihd.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
548497
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21728
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 22:16:14 GMT
expires
Fri, 21 Jun 2024 22:16:14 GMT
last-modified
Wed, 31 May 2023 08:59:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AD74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrADg0b6n2B1w-OFAzHtQArHhOJPDb9fUiFHFCykAn6U3WPHlawj9BZkuLu6HVg-9PrqMzI576TAIwyM4nKgtjAYYAtlHvtrqH5Liz4JVnMbG1OoR-Glwp8tPoNEUTCrBFW_m7mWEZeb3bbXaw5AjKJIA&sai=AMfl-YS5mvvumAeMhLhXVjwxYj5w1fuj7GwGeytZjD5k91nvW1SEjiGQa2TsByfHf6e3c3TUdagC4-nsy04vfV7UdGAvFHPpTMzhramcHX3Bsg3whRfmcyORaKL8OHqhg4o4LoqK&sig=Cg0ArKJSzPYTBrGO47FPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=734&cbvp=1&cstd=726&cisv=r20230626.34082&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Jun 2023 06:37:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EBDC 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230626&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js?bust=31075534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
819644384f980783bcb3937890b1e456f701d0b6c217d02696eacd610b16587d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11332
x-xss-protection
0
cksync.php
contextual.media.net/ Frame DB24
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LJGRX3F9-C-CG73
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LJGRX3F9-C-CG73
61 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LJGRX3F9-C-CG73
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 06:37:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 29 Jun 2023 06:37:51 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LJGRX3F9-C-CG73
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2162 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 06:37:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1830 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230626&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c23d4345b09a7394cd5e3bfd02833bf338dcd88426233ce9e789f6eed3f53857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11266
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 14B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQJgS2yQEJ1KnqTOB_1tBZ1dFfuZ6LzmnqDFb-eyoy9ST7vu4q9IiPw5r9aPQG54SaHI3W1eIRSM19N4Q8Idg1PGw6SQgUhHtYVJe-dYVtw_NGZytaZ2q4P_qMXe90e066J_DTeIfTSrFaRsC3iXoISxlRjzAJBomkdbnn44BhSmY-plpUUwRtnyBGLZmMSLCOeoSMWFcIfTkF_I9TSL1IdeIFk57y-jgj97mHEECwyww86GDuOTLmXq40OUqnqUQDz_DjVR3LNvX6KJqIELwpsbdkWwIiNwte2mZZYXpD6tnNAoqC2VjpGBiT3f7NiVM5uFSsKatlFV5v&sai=AMfl-YQKQh-6OKpXn2gd-3LGozcz-S94FtB-OpSo00T87cPCoHUj-SbipipEN7hjr0WcwDnbsVNpl78bnEYqL4sc_lVdC1RSLOLb3-smmw&sig=Cg0ArKJSzFFZxiVqFwx0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 14B8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:14:00 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
1431
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Fri, 30 Jun 2023 06:14:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 14B8 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 06:37:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EBDC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js?bust=31075534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 06:37:51 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame C297 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 04:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Jun 2023 04:31:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DE9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Btmf-vSadZMjcHpXP3gOqw6SwCgAAAAA4AeAEAg&bg=!ERKlEkbNAAYQ3eRoMN07ADkAdvg8WplQKKBg_sIRJtoSBZujt_fTlgiH8lCYWz35qIHAKTVTuqYhXYiHKgIzXUsA65BEtKdShI4CAAACFFIAAAAFaAEHCgA2vDrQPPARwf14o9VG3JidR9amITWEre8069jI-GtwlnoO_BMt1Bp3rSEUnLSLnNkqjG6oWDg3mQLxqGOcqFphNDEDYFpZcKy9DPjHBcE9tOSqhFbqeSgcZUqTwii7iWpa9YC93vdtBAFlbmcpNEuJ7E7gF1wKZkVLYZanml9wFXuHcWFNH7Yp3YdDA1N9BQ45f4lbaXZ0-soNZpUJgnlfqGNtKfwXUegl6wQe58RBXsXoBvJomDWR4JJCfNjcc_B0Yuqi3czrnsWzO-J0yZE84U9IEf3CuM-9X0_6GlaZ42qRLSxRFNiCOVXcxFydws3gEtOZZijnN4W1KjKgUzeojy_QI-sQFtrs_RE4NA-FUN_Ion-PBQ2XKf-3sbMUSiExw4zCSXApVZe6qjFlULb1FNPad5tw0rysxqDFJtY3QHpr9MSjXRsnYcccJQmiq-9ygecqxHnGsJX4sBEDScBM5Gd--9AzINgayddEZhDOQcfAfVvChItuayJGZ3aMpWQwMaAB21hC2CROYrxp7-U4mEMZqTPjQ9z7i4znn88-G_GsxgQePhg4IlCLVBQfcDGug8Bd9TZY-hZuuJxhSQjlmFM1Xofp6arnWdJgjJeg0YemPvr5VcEUQVrQ0RgqxZYR_6ApkjodccPJndxK4UofuLsqDlnDpVw1QnkVLNjhkz7PqsWYC7oiOd6RhaK6jnr7byLivoQt99qTiIlpoNrYm5xeeoF3MdJqKYhbPEIphUm7qo2aMyfEPkLMgdJQX2lD-mhUx1pFF0LV9QMJGV5C_-fWspDcDJCiSJYcf5A7Ll57jnz9ePG7Bl81Hc38pPHAeAprIt7mG7GeUF5CA0tJ0FWQ3ALjCHggzM01SvKOutio_Kl5sgEAGud4jhLCUTTERUieQXSZGPsJYlHqnRnIkU4NQCI62BTwqEDWEzv1ShSxiPlOlseLJ_SuheA-e1IhXF--N63R6nKIH4KxJ-VGJ5S6Sm3PKQg7y-xqgePkx-U54EEo8BLebi4SiVN4b8-5JkkaRrfEiX6qllbp0KZbDytc8TGUjJbgGPnOLTr1i1UeRQM6r6gL252x
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame DB4B 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 04:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Jun 2023 04:31:52 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1688020671400&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1529&pt=1115329249&tz=0&viewable=true&ddast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=inout2_vB!nonrv_vA!nrlc_vA!ufm_vG!ul3292_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
90d27b697fffc9803d02eac178bb8f15b59e3f135b765a04b3f138a64e39e961

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
gzip
server
nginx
machineid
1480
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3690 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
28749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 22:38:42 GMT
expires
Thu, 27 Jun 2024 22:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9F50 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
12b2c65413374b627bf16ff283b79e66ef87cc3fe3b130bada8d7ec0f22817f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oUE8Mwx4j402h3HFujzJvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-oUE8Mwx4j402h3HFujzJvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:51 GMT
expires
Thu, 29 Jun 2023 06:37:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A9A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjqP7vSadZLTZIKT_3wOLv5mICwAAAAA4AeAEAg&bg=!8_Cl8KTNAAYQ3eRoMN07ADkAdvg8WjhKjvMwvddyEHCi8xTcZhPpouEO-CqW-Dwt7RX6QE47ZaJ-ebVWYTtMBLK7l9ePWgtun-ECAAABmlIAAAAFaAEHmQLtrc_mHgUJL6xR4e934PbHnMO9soLKFuKhVquarJr9jTMbE7WGSKlRmPYr7K-bEVFyxlll5_wka9a4KgiwsYshrz5pfsAKdBCqdxMLqbmxtJ7MAzWwvZmG9u6C4WeMjXUemHM9wa7SN1kSVmoS3AH5I7rLW_4xtJVFGpWXj_MYeWQXI97Boii5MEMHwukfejFhhrTQwxU-mzvA1f4G-8ZKpuISmrJlR-6C1W9lD_WWhAeizWg0TYv7VH23uOcF90Nli4YkocCtZe4mnrwua32347LbeyPYC2juY26ujHT6EayUzV0r_CGws4Lb7M9By0PzBFQ0NJ4ra1yTjxxHsyMJzZo1qCt1XCi5O7m5Qd9sVtrt4nrmTQF2_qTL_sYIdZgaLGfWdl23rVjD3CG-PspYs6VTWdawITqeYleb5-TiIDyJFUDU-tj_RO2avgbdMmVul0EVNzbGIbZETsDZ5n4ZlodKqwS-3ZytkttWtvOz72jpojOj1VnBVMKAtclKLivif2kAOqrCCm6k1FbS0ugJHdHRE9FDeVxKycrA7KHGWJXIlzPOiPCTncKxl3hszTh5uTwbpNL0zCeOgTOrs2oQhc8Q9M1gVkb1RnhgdIbW60Oc4VqZTRebeRqrwsvJCmNbQHfFJlrKbwvRwjzvbPxRfkxDRfDGuLc2WzRLHY3lRYl8_p9EX-zlxh78pQp-yEP6FI7v80dms4F6IhW8W4RBF13b-vEAUtgCqYilTgRV_l-oTYPmaAcEUWyWPPzRnSG-3AFIfu_MhWR7vZsfR4H1CRfmJSyWQf5yu0sNVGcbtA3lUgGA-8X4iijQ6GbY_IkC6uE8aRYpfnGgo2PMdOF394hAm-d2uv8-bvjeidtpBYqnudoLjt19gTt8kvr0MaLwW2WYws8ZSaf_u6JfDX_sP9VI2lfjTz9z5fCvxJoULU8ox7aA88z8iWgM3UC994czvR0SBzJidJKLh9RSBQiC9vsmc_Wm2WfpJVaD0Ac
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1830 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 06:37:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AD74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrADg0b6n2B1w-OFAzHtQArHhOJPDb9fUiFHFCykAn6U3WPHlawj9BZkuLu6HVg-9PrqMzI576TAIwyM4nKgtjAYYAtlHvtrqH5Liz4JVnMbG1OoR-Glwp8tPoNEUTCrBFW_m7mWEZeb3bbXaw5AjKJIA&sai=AMfl-YS5mvvumAeMhLhXVjwxYj5w1fuj7GwGeytZjD5k91nvW1SEjiGQa2TsByfHf6e3c3TUdagC4-nsy04vfV7UdGAvFHPpTMzhramcHX3Bsg3whRfmcyORaKL8OHqhg4o4LoqK&sig=Cg0ArKJSzPYTBrGO47FPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1370&vt=11&dtpt=636&dett=3&cstd=726&cisv=r20230626.34082&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Jun 2023 06:37:51 GMT
native.js
s.yimg.com/dy/ads/ Frame 14B8 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 Dublin, Ireland, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
DR98XKG8HFVTNE4P
age
567
x-amz-server-side-encryption
AES256
x-amz-id-2
EHDju+3Osof+x8kuXeU6QKl9IFExHTz6RHqxDicBT+sYeSgr6zyg0I8F4Q4l7ai/C6q59DZHL2M=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
truncated
/ Frame 14B8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c39ac8c8bf0fbe2234d7cc3bbab10608febe32b0fabcfa58e6e36121a47e07e0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gamar.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/gamar.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
11fd7546c8ba12c1b5f2d6e13a7f5ff0834d829edc2df16be9680a4632b2769f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 03:34:31 GMT
x-content-type-options
nosniff
age
356600
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1142
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jun 2024 03:34:31 GMT
Vector_Smart_Object.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/Vector_Smart_Object.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
f56fbc6a44b35acd0993ee6ec9a0bcd1083b35e2f774546caee81107161e00d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 15:46:00 GMT
x-content-type-options
nosniff
age
485511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2142
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 15:46:00 GMT
airch.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/airch.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
46b558016e37ae7d8b84a01dbeda768aee656c4e5ffc010ebe39c8357006c7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 15:40:22 GMT
x-content-type-options
nosniff
age
485849
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2193
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 15:40:22 GMT
____.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/____.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
c9cdac73f7459edce1e1594f8a9bfb387cec069e1c12f8ed3a38ff776e86d5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 00:26:48 GMT
x-content-type-options
nosniff
age
454263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6426
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Jun 2024 00:26:48 GMT
toor.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/toor.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
edfc0e86d5e0da8714183bb85e99f551cbd042d638c552d16b0b6c71a54462a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 17:15:35 GMT
x-content-type-options
nosniff
age
480136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4867
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 17:15:35 GMT
dinn.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/dinn.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
cda574a46092eb86a6182ac12bef52cda5ceb18595cb303d6f35255ba44faa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 19:25:55 GMT
x-content-type-options
nosniff
age
472316
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6318
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 19:25:55 GMT
lig.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		774 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/lig.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
f88f70ad2e18f1576a0053d352ff6153735051af5b8f832a2d05dcc2f5f998d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 19:30:50 GMT
x-content-type-options
nosniff
age
472021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
774
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 19:30:50 GMT
caa.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/caa.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
84f4d91671555f6da46336067c6a26a214906ae80aa17c05764c7c0b79c2ed33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 20:06:53 GMT
x-content-type-options
nosniff
age
469858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9763
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 20:06:53 GMT
bg.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame DB4B 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/bg.png
Requested by
Host: mnadshield-a.akamaihd.net
URL: https://mnadshield-a.akamaihd.net/creativewrapper/0-0-1/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
330a20be6b783f20124f90663f9427a59594b7abaeec87a09e24d9efeca5b73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 01:47:28 GMT
x-content-type-options
nosniff
age
449423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23984
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Jun 2024 01:47:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2362 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
28749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 22:38:42 GMT
expires
Thu, 27 Jun 2024 22:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9335 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
bdb4623199218d3c7e2136e803db7d948087b67ae9380080c6aaf07e4bfd24db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3y9lX12E45pVoX4GLBBAfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-3y9lX12E45pVoX4GLBBAfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:51 GMT
expires
Thu, 29 Jun 2023 06:37:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3AA0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
28749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 22:38:42 GMT
expires
Thu, 27 Jun 2024 22:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 393A 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
ef516c921550c3fc8d569b9c20249a9f62438627f06f53712e7d3d07e2d2b64b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qc9_XWPq2EoC02bMvlTKUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Qc9_XWPq2EoC02bMvlTKUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 06:37:51 GMT
expires
Thu, 29 Jun 2023 06:37:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
googleads4.g.doubleclick.net/pcs/ Frame 4121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdy6_S52Fd_I5MWUjmhxBmm7h8tM122k2-Gww0kkLqHgliiuse8PS04xyx1HlMunEhx177FB-NQM2UiqsiZfS-DfGYENjGAWdaqW8wwMmgXXD0eebl_CCvmcfAtyxWxlEr6RMU-VeIsDcjOkkt1mseAQg&sai=AMfl-YQWvwzTCawZvJ7ifDa1I_vafvf7Bglc-m7iRGgLzc6HM8NGp6zJ2LA1RBNqcg_Zye7007ZJCwVF3fUuBkMzyRlMstZzxWAc5SeGuBfI8jOEIFowxPjuDT609ogwhBTyLSMx&sig=Cg0ArKJSzOP_y2wT6QrKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2042&vt=11&dtpt=952&dett=3&cstd=1077&cisv=r20230626.12383&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Jun 2023 06:37:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9F50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306260101&jk=4093523805951771&rc=
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gamar.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/gamar.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
11fd7546c8ba12c1b5f2d6e13a7f5ff0834d829edc2df16be9680a4632b2769f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 03:34:31 GMT
x-content-type-options
nosniff
age
356600
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1142
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jun 2024 03:34:31 GMT
Vector_Smart_Object.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/Vector_Smart_Object.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
f56fbc6a44b35acd0993ee6ec9a0bcd1083b35e2f774546caee81107161e00d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 15:46:00 GMT
x-content-type-options
nosniff
age
485511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2142
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 15:46:00 GMT
airch.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/airch.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
46b558016e37ae7d8b84a01dbeda768aee656c4e5ffc010ebe39c8357006c7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 15:40:22 GMT
x-content-type-options
nosniff
age
485849
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2193
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 15:40:22 GMT
____.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/____.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
c9cdac73f7459edce1e1594f8a9bfb387cec069e1c12f8ed3a38ff776e86d5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 00:26:48 GMT
x-content-type-options
nosniff
age
454263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6426
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Jun 2024 00:26:48 GMT
toor.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/toor.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
edfc0e86d5e0da8714183bb85e99f551cbd042d638c552d16b0b6c71a54462a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 17:15:35 GMT
x-content-type-options
nosniff
age
480136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4867
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 17:15:35 GMT
dinn.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/dinn.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
cda574a46092eb86a6182ac12bef52cda5ceb18595cb303d6f35255ba44faa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 19:25:55 GMT
x-content-type-options
nosniff
age
472316
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6318
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 19:25:55 GMT
lig.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		774 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/lig.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
f88f70ad2e18f1576a0053d352ff6153735051af5b8f832a2d05dcc2f5f998d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 19:30:50 GMT
x-content-type-options
nosniff
age
472021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
774
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 19:30:50 GMT
caa.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/caa.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
84f4d91671555f6da46336067c6a26a214906ae80aa17c05764c7c0b79c2ed33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 20:06:53 GMT
x-content-type-options
nosniff
age
469858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9763
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Jun 2024 20:06:53 GMT
bg.png
s0.2mdn.net/sadbundle/5649308643527491584/ Frame C297 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5649308643527491584/bg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
330a20be6b783f20124f90663f9427a59594b7abaeec87a09e24d9efeca5b73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5649308643527491584/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 01:47:28 GMT
x-content-type-options
nosniff
age
449423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23984
x-xss-protection
0
last-modified
Wed, 31 May 2023 08:59:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Jun 2024 01:47:28 GMT
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame 3690 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
71800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:41:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 393A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230626&jk=2012173857900614&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9335 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230626&jk=2153882318268240&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame 2362 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
71801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:41:11 GMT
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame 3AA0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
71801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:41:11 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4121 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnHd_bvovzAUNLhw83Y-3AMUF6FuOylLZiY4Adhs4IUWlOXXkSgKFSvo1UqaF64-N2SJaXxKU5jMLxVwmqL1D85_i8hJnFmbs&sig=Cg0ArKJSzLV_xHSlX2AGEAE&id=lidar2&mcvt=1064&p=0,0,50,320&mtos=1064,1064,1064,1064,1064&tos=1064,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=3249947758&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688020665293&rpt=6060&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AD74 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjydOPFHg4hZKe7O03RAGbNyWirBlGQmaa3YTZIS9WOaXbOuQ5NPcWBQ_Vj5lOUJ_jobFq2M2KmkExKEdmBh9aboQtBVDPqK4&sig=Cg0ArKJSzLJgWRxfig1NEAE&id=lidar2&mcvt=1132&p=0,0,50,320&mtos=1132,1132,1132,1132,1132&tos=1132,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=4056037400&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688020665303&rpt=6178&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 3690 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5bDipw
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2362 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?aaqxPg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3AA0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hRhFuA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 2162 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306260101&jk=4093523805951771&bg=!hoWlhdHNAAYQ3eRoMN07ADkAdvg8WhOf6mTUoC-s4xgIAL5dohw9UxdPoLTfbdRfuz2UwaR_nzxSdveedLz82JIPLMHP8nbn0PMCAAAC3lIAAAAEaAEHmQLisX101SYlgUVLV9dA4EC0HnAUctetDCxN5BrYBGSK8DH7Colh_jFEbtRrHB0sAIj2xmSsS-0yreOjDkqghREKprUjnKiv7NPzQoaqxRozFYVxAAvjCw6GUJ-IdpJcXZAj93XYLvnXoZinQ1Ue6JIhNXldKYzdeSsVyPWDjclFMasC6WlRwtJ3W6evok2_3pANbqu1HTpnQqWhjdThGzRyJ-1n3Wic8hexrNCvT6GHBMvKZGp3uO6ul0RwsVh7mb3kBLNy80tJoCnqc9uMmsynMYFn2hFfDCSCMrzaScm6J9qAbil4chGV7ZXo9MB3EJI36QqJL5EcRxz4czLOuRx_BJGIztC65z1O19D73C7ilPlXcv949oElMaqrqpwRZilMw763BJzXhdZuv_VHh2f3v2qaiUKLgE-gzJeTENqFh2qwGEVmwICYYIDOI6Zn3m3lMk8rbJZ2-R22O_X1R8vXnK-FY0lCLy9TrRATGPHrWgDR5igVws6YmijBicL53B4DosOAkCAHZlJugM7-SiAZ03m4MqOd2tlSR_fTwYPCeTbWrvCoipO2TMo-Xdj3wzQeX0c6Bn2yHG7qZI73u2XyeYV7XiASlnc9oY59JraYVd8SuaEWKZpwZkJZKe1XX9GJNqoH6tgs0KqNQs26ih_094bei4Jru_FqDM-Djww7sKhJs655eJVeu7U-ts3lzC5uOhv3FyFtgekB3X-9oIKhqAqX91cUgYtEgrAfMXQUfcvtI8husBQRjdaQ6G8OOOp-pak88EqZpaYmR6G4JlYEbt8CIBSvO8ddPff_vgLdj1XvC5yHes1N-nmhWzTlGPbjIbCaZSHrv4Fp77JyP0XB-sKo8Btdd9Xiki79Dl6MprAQd6tK5lVZFNTDwYYEXgFBmwG6aeL5rTdszj-tHatp12j8Q11gJrqlt6LHM2bMpBXTSrgOOqemJTohdx2b3flmGtc6pyh9i7qWCkV-zixD1W5C
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
hblg.media.net/ Frame DF94 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAAAAAAAAAAAxQ_ARAMDZiOWFiNzUyNjhjNGFlMzliMWEwYjBhYjg4MjdlYzL84aHUAZYDBEdFDGJnMy5jbxI4Q1VQRVBLSTlsQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhDDMyMHg1MApldV9iZQQyMwxQUkVCSUQSOFBSVzIzSEc1BDE2AGxBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWECMDxydGItY29tbW9uLTZjOTc5YjZkNTktbGpiNXEuQkUKMHwxfDIABgAwZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMl8xRjIwMjMwNjI4MjIwNl9nZW4tdmJsdF9wcmViaWRfdGVzdF8yJmdlbi12Ymx0X3ByZWJpZF9hbGx2JE1FRElBLk5FVCBFWENIQU5HRQICYg&evttyp=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:53 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 29 Jun 2023 06:37:53 GMT
log
hblg.media.net/ Frame E7E2 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAAAAAAAAAAAxQ_ARAYWViNjA5NGFiNmI1NDJmZGIwYjEzNjQ0MzJiMDQ3ZjT84aHUAZYDBEdFDGJnMy5jbxI4Q1VQRVBLSTl4U1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlDDMyMHg1MApldV9iZQQyMwxQUkVCSUQSOFBSVzIzSEc1BDE2AHhTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUCMDxydGItY29tbW9uLTZjOTc5YjZkNTktbGpiNXEuQkUKMHwxfDIABgAwZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMl8xRjIwMjMwNjI4MjIwNl9nZW4tdmJsdF9wcmViaWRfdGVzdF8yJmdlbi12Ymx0X3ByZWJpZF9hbGx2JE1FRElBLk5FVCBFWENIQU5HRQICYg&evttyp=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:53 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 29 Jun 2023 06:37:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EBDC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230626&jk=2153882318268240&bg=!nZ6lnsrNAAYQ3eRoMN07ADkAdvg8WpbR4MfRFrqWzgchlnXgk2ay4Upg0YVjvO3eVrww-ZMK7WSddsth6k3KV5_xkII9NvUH_IkCAAACxVIAAAAHaAEHmQKsBLeLWGHkcpdk7ED8d0gagyguYxr1BML_qPEnb6-P1ky8R5P4YW2O1iAkkQ4tUUaa11uvHZM4fB4ISFmd5mhlCTtJMAVyzbC6raVeSleEK8V82VgyJWN935tclnh5UEFFthpCtA2ew6UdZTpGap3cFm_P4OqbyF2QR2BK3pyrCVvM_gx_GFn6tQEzppG6h0v_lLXiG-rWqYNZLnzcrBk1g5085OIWTwT1ezRUS-woK8nGH9Nyd8GERfpPsGnNnxRJKKJPf3FIF2Ws5U7-EeccHjldaPpVocVun2LeiFyMkhJ6TSdGSjuaoPOfVkJKIRIwVNCT26ZgdBXJluZSAnEz4SK0HKIGKEWaHe89eweitgcv2urqpzkHZqQowrPTLTsw0D-9NFW__7Qobz-QjzMLiVfr6bVR1b3oPyb_QA5LOBQ93BcDkfgN2C2foez-cFCdnuYrcY1UnNgI-DgLXYEhV-m8NhNnJ0Z6aIBVuyVHwe-NYV5jA0k3NYEKwrV0CMReHs5qHgaHK02236m8uXNayYBoouuClWi1l3i9ZrKtX0cPKhovc6e8K-1kYPXWt0V4HU6H9EZ0skhKogM-PPlBTE_j6x6Lu2bf5J0ZA21YF-sTnbxk97ZFLnkKIWZmg0D5FqZ1OxkfzMCyDGWNd0IVABUnq0MKQrd30ui-WavFI78UJUT2rkQOQyGChYET63Ak9tjKNQTCO9V-QvhY4ksKcMn49k20T_JwraD8wtwJwcEPulIjxmi83UnhBoKIC8ghUoYEPWmZm6ihlAhTHKE9WzZtXvYt7eJPwDLSDGfGsOLy_Ah_HAQUUYHdPscCRMTulkyOhIL_EGAq_HA08IoxHxxRikyHT7f5ihw8bTAlnuMzHr06-LFBOAtxFbG2vcX5PWBYXgO_a1C_13lX
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1830 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230626&jk=2012173857900614&bg=!q6ilqPzNAAYQ3eRoMN07ADkAdvg8Wo0ldYY0cmRV9pF9kL4i1TjiscqMdpoIgPUINsdBPAmOO7WlH2FNAQNKm-jLJxvNfDl3vOACAAACgFIAAAAFaAEHCgBhiyUi9_Gs7y0Of6iLpRXE1rnUnzX4LnrZidOLuSQegaH3rEWEUgJul-R3BIlUph4ioKAe1XpWLf0ngyT9SatBeAed-3Y35wLDZoBJLeVwl4rodL-hNTuSw6n25zgnR7C5KpkCoYcsk1NoRaDLiPh2J3VBDGxc5KEtvEXuczpSuk52hn1TVnKNxCX7ATRezSgt-W2E4HqmQVZc80eDIN5GrYdPochi7SsumT4k1g4Kr7ylqvdeHiHii75Bt6ikWQCJPEkWkJQx3Xh9WO8SpPD9iq-BOT4CcdXDKQJc2aQXs5K_gKQJFNK0XUuerfkLkD0mUDAWm5QiQu92Nw1H5S-eyjLX8Lhs6_YmbcjlAY0y0pZ4KIVBaLatEPYF6CMNRaZnSjKYJBGcJ7PJLALsGng8trLEdSU8nhT3pIgxGkjTuUJLj-0BKb5njUxmLnc1mU4BimMeE4wia0zv9rdalYMccr7pfaaMQ1jGKBiGRNIIgTyhte5mD884Tn-IkphhUqT-J3P4DAYVHzoMwWX7bArM3p-Lgpa5G_sDUdhS56jj9hFpLBzgF0fjdsSp-yjW6Nih1Dufv03AoZ6dfA3CABGhxiDhDV8gGhpBobsFJtISFHZvdT5d1DvNAeAk94Ma2wulcmIpYW_hHS3DAAtWySoiTMy07JZ-6J2eNF2veCKhP6WgXkGfdBizMjxlCamcvkF6UKyaBu9YdmzGEncH3UwBjS0W6cErI4AqdrSZ6auuhZYmNZ2Hi0qXzCcwDHwDbFfDZdqVBT4lu-9XbZeO41owb2Wun0smrYn1BCEaNiD-p9ft6iBQOYv6XzgwePU1Oh2RmGvt8sGG7-ywD_5bKi8nJ-gfVL-xnHSdvDri4u8M3EkMlku7EfVnxUcN8e2wUfdrYPGHXXL9ASxXy9SSUmDYdlc59PZjHjDfoB35WppeF2sBsD38cm9VUzv5qu00sqWgwbuH4uLT0MKFdnhSyIUcPGc15yCqQOVhuXM_cvu0aWy01vVpdrFEJlbq5zr5F7rg3yhZ2sY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 14B8 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o1.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
b79a8dec9a3482016c0a2631f627aa886c148e5611ee9ede5a1424771255320b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Thu, 29 Jun 2023 06:37:54 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
34
x-xss-protection
1; mode=block
x-request-id
994fe538-3f4b-40c1-8ef2-dc3a07051350
b
geo.yahoo.com/ Frame 14B8 		43 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
media-router-brb71.prod.media.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:54 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1688020674402&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1529&pt=1115329249&tz=0&viewable=true&ddast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=inout2_vB!nonrv_vA!nrlc_vA!ufm_vG!ul3292_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d0d8c5870c037d7e6c4aaf18b392303cf389ee5bf99acdfd0c1a0f7be634eb40

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:54 GMT
content-encoding
gzip
server
nginx
machineid
1463
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642
s.yimg.com/ys/ Frame 14B8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ys/SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642?cb=ygscb
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 Dublin, Ireland, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 13:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
46Q7T93734HAHVHA
age
579959
x-amz-server-side-encryption
AES256
content-length
822
x-amz-id-2
Ezsarq7LonJIRYOXOVwatx8yx1Cl0HrjAgA4qtP2UPK85wpe6QhQid2NFeYIRm7T6c1lLKN9JXc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 04:05:54 GMT
server
ATS
etag
"fa2aa91ba592d1ae8a4853ad8af8677c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, stale-while-revalidate=30, max-age=2592000
accept-ranges
bytes
cae2a2404fbe87c25bb889a1c7d2e833.jpeg
s.yimg.com/lo/api/res/1.2/Y6mCh0hUYeE1YgnHZXBPTw--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ Frame 14B8 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/Y6mCh0hUYeE1YgnHZXBPTw--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/cae2a2404fbe87c25bb889a1c7d2e833.jpeg
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 Dublin, Ireland, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
d7a182b729e8854f423e607e0fbc4bc0bd34c9e2ad93dcf79af35beb1c17b30d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 05:36:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
age
3698
cld_latency
2
edge-cache-tag
313744808371007161624288528274902007611,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
x-cache
HIT
cache-tag
313744808371007161624288528274902007611,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
expiration
expiry-date="Tue, 26 Dec 2023 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits
1
content-length
22411
x-xss-protection
1; mode=block
cld_by
cache-iad-kjyo7100117-IAD
x-served-by
cache-iad-kjyo7100117-IAD
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Jun 2023 04:33:57 GMT
server
ATS
x-timer
S1688016977.281002,VS0,VE2
etag
"4eb6847c9c3c8596494f66792bd46dee"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
gemini.png
s.yimg.com/cv/apiv2/adbuilder/ Frame 14B8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/adbuilder/gemini.png
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 Dublin, Ireland, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 18:51:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
AEM13FNER3X1A42D
age
906360
x-amz-server-side-encryption
AES256
content-length
3328
x-amz-id-2
2GUxt3OtB98PXK4upeq9fH12eemQAmMhA/ZjcTGaVv9Zinr7CvC31lCcZkD/MH0/aMnBdDaDN1o=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Mar 2019 01:45:46 GMT
server
ATS
etag
"99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
truncated
/ Frame 14B8 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 14B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMSw4F6fT05HBv2GKQzg2Rh50tYSIdRI2N8GYDqg-mdAYCGTo7k00a5Pb5QoFSbMcfO9-uYmeDqVAhRHT9GbQPa_qyLp9Cz1rhMgPuDZxzQg3Yu7Kf2OQcAGOnPmUQOhcEmfDPNDbPF3RmuM2NhiJEam3paXsn_bknINeBRJiOXLOB8gXmIIVAIAvUNHvA7xIzt9SUdO0rQ5l-pyimQAEsC8hMwKj8QebZm9np5hij53_EEM3SDyCNFuaGStxzXbV7ud1F_a-OyPewrSOnkYIV3k_DK_dpzZTt-UfBUbRz12Cs_VJOmJYPVhsdsVv98hgXrT-NG3y1P5DEZJs&sai=AMfl-YS2Pyl-XJjY8XdIWijftcbsA-GOOP9FyiFnKZsZcUr9s_e1kDHnv2sJeZeUKZbfyTOkHGbVJ0akyTubiD-QdotlZnFGqkYEeyEJOA&sig=Cg0ArKJSzC3Fzh3NtDIqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Jun 2023 06:37:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD74 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5223937950896&version=m202301230201&ct=119&x=38&cor=8147634137851645000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1688020677402&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=6&pv=1529&pt=1115329249&tz=0&viewable=true&ddast=V8q7kCLAacCbtCiuJdRxE4E3aFFMW7jioAAABgYID-AIl5bC7XcGJzKzyTzVo0823WwpXJsxZMBoOZc-FYzoYzIyAxj83lGk5sboVnslmLZr7NWrgyedaCyWAwcy4cy9lwZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZLaDodPte9Xvf73SU-z1zj9yv8OtfTrXa63IK_W7R8ujVGl90tPbremqPL7nPrXk633PVWWd7So-vpFjwddrvQ9DbbAQAAAMCD____fwgAAAAAEQAAAAAkAAAAAFAIqPBvQeACAAAAAIb___9_DQBPHA7o4jQ7PU9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAwGPID1HT0ppCrj2RgsYijAAAAABsvTsHHpmkE1Qsqvz___dbAbgCABCQWPBNo51Fd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJsKPaYRmotjV_AICAKz5BQQAYKNuAADeBMAJOgStGAxWJyBmBwAAAODO____vx4Q2BgGm91yZLKZJpPFbjFxGBeu5XA5ca5sI8tgtT0Y23lSHLcqqn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgcDczbUa-wVoxWY7couHKs1Zuhsu1bLewGTa-zcSyW7hFr4_p4pwtPJ7VFgkGRO1F8rRIJzLbYjiZbSyDkXO3Wu2Gw8HINXJubJPdZrHw2BYWsURzskgnssu-sDEMNrvlyGQzTSaL3WLiMC5cy-Fy4lzZRpbBal_czUybkW-wVkyWI7douPKslZvhci3bLWyGjW8zsewWbtHrY7o4ZwuPZ7VvzIbDwWQwmy32jdlwOJgMZrPFvkNn-K4-Z6OyrJJ8TJrf36Ut2pwGhctg8U7Vq2-0MzuIftOiUyZTKws6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ehBbFAoYongIp0IHma3w_RyS3yejd8ilihNF-lEr_DrXE-32ulyC_5u0fLp1hhddrf06Hprji67z617Od1y11tleUuPrqdb8HTY7ULT22wRSwSni3QiehlPF_UfOeRiLtks55LBbK6YLFcJAAAAAAAAAMASTDLdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmQBWK-____x8HAABARg49AAAA-n1AWQAAAAAAAPwIcjVa7B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=inout2_vB!nonrv_vA!nrlc_vA!ufm_vG!ul3292_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
394ab804d541bd32bb9da509fa9b7e9e3f9ed1d1f7091204a94c601d8f950428

Request headers

Referer
https://www.bg3.co/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:57 GMT
content-encoding
gzip
server
nginx
machineid
1435
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 06:37:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Jun 2023 06:37:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4121 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4047225437169&version=m202301230201&ct=119&x=38&cor=2897436191271481300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://mnadshield-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 06:37:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f05ca160c79abefb746fc6779d785ee6.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/447c673a810ea0905bff087b7d9bdfa3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/0ca0b0a5b7bbb93781d33282563d096b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/9f993b8cc6dfe2f823a1e7ac5a28147e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/2cf00b59f9d399c80649b71b68b4ff27.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/cf01325a4bcc369fb2f2a5114ddcaf62.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202012/11a9409a27bf2e0836bf9500d1a044ef.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/55719207fbe3144146a7926e06c0851b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4286aa1c292d99180dccd2a342dae13f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/57cd0fb05fae168d6ca82913c8fcd294.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/bcbd99758d8c2b04320ff3b5642f3d59.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/bd4d36e6749517fa60f97943487d1741.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ffee80187024dea7a845dbc78a017153.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/af4e28d533759a9d5540006a2b5324da.jpg?w=150&h=100&q=100
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
URL
https://bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
ih.adscale.de
URL
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
cds.taboola.com
URL
https://cds.taboola.com/?uid=87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35&mbl=ZmFsc2U=
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LJGRX3F9-C-CG73
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEC59nDi3bf3TefkJBLEokaM&google_cver=1&google_push=AaAOQGFKjF3cu_7JUIXl77yU_BrywU7zlfU1dFYU4BCj-4_pYlgu00n5uQbtzIpGf1lggAJtbeHXPKbEzl4tiM5ufLpRo2kuIhs
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Domain
live.rezync.com
URL
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e5e780ee-ba60-4dba-9e56-0e02c249b7e7

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 boolean| credentialless object| onbeforetoggle object| onscrollend object| _taboola object| adpushup object| ucfad_async object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| TRC object| _tblConsole undefined| msg object| _comscore function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags number| ampAdSlotIdCounter object| COMSCORE object| ns_p object| _qevents object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries number| ampAdGoogleIfiCounter object| ucf object| request string| paramsString object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo string| nam object| placementData object| ggeac object| google_tag_data object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions object| gaGlobal number| ampAdPageCorrelator object| cmTag function| _lgy_lift_callback_4308934 object| _cm_wfCounters string| lastWfUrl boolean| descriptionPage undefined| google_measure_js_timing object| IMUIDPushed object| IMUIDRequest object| dataLayer function| gtag object| listeningFors number| 3pla function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| IMUID object| google_reactive_ads_global_state object| lift_widget object| google_tag_manager function| onYouTubeIframeAPIReady object| regeneratorRuntime function| webpackHotUpdate function| startCMTagMain string| category object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

161 Cookies

Domain/Path Name / Value
.taboola.com/palmate-bg3co/ Name: taboola_session_id
Value: v2_0c00379ddf422171ba8a5989b9e6d205_87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35_1688020661_1688020662_CNawjgYQ2YJdGIfo_K6QMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB
.3lift.com/sync Name: sync
Value: CgoIoQEQxJT9rpAxCgoI4gEQxJT9rpAxCgoI5gEQxJT9rpAxCgoIhwIQxJT9rpAxCgkICRDElP2ukDEKCQg6EMSU_a6QMQoJCAsQxJT9rpAxCgoIjAIQxJT9rpAxCgkIXxDElP2ukDEKCQgfEMSU_a6QMQ==
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARC1FQ
www.bg3.co/ Name: __AP_SESSION__
Value: fd316143-75eb-4222-985d-f3ce6e6495ca
.scorecardresearch.com/ Name: UID
Value: 1AB6afa040cff09652267961688020661
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 7c8908d3-0954-4c21-a61f-0247a50faf79
.taboola.com/ Name: t_gid
Value: 87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
.aralego.com/ Name: sspid
Value: 10487bdc-548d-30fb-824e-d65474e74d22
.omnitagjs.com/ Name: ayl_visitor
Value: 955f434efb24bc6d8c2efb153869de5a
.openx.net/ Name: i
Value: 7c8908d3-0954-4c21-a61f-0247a50faf79|1688020662
.teads.tv/ Name: tt_viewer
Value: cb1d6534-cf8d-41b8-a16a-0d31d2c0b77e
.rubiconproject.com/ Name: khaos
Value: LJGRX3F9-C-CG73
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwt830pAY4AUABSAEQt830pAYYAA..
.adnxs.com/ Name: uuid2
Value: 7226639094620937395
.quantserve.com/ Name: mc
Value: 649d26b7-24451-9120a-195fd
.logly.co.jp/ Name: uid
Value: PwP4qxe1rbN8aM5fQQfjMqE9SQ8
.bg3.co/ Name: __qca
Value: P0-150647978-1688020662373
.www.bg3.co/ Name: _im_vid
Value: 01H42XYF4TDJ6KMWPZQ6ZR9BCX
.bidswitch.net/ Name: tuuid
Value: ca7105ad-a781-49e4-8a1b-5f1ce544a0df
.bidswitch.net/ Name: c
Value: 1688020663
.bidswitch.net/ Name: tuuid_lu
Value: 1688020663
.yahoo.com/ Name: A3
Value: d=AQABBLcmnWQCEPzpcTMBDXagzo3fIt-LRxEFEgEBAQF4nmSnZAAAAAAA_eMAAA&S=AQAAAn3JbnnbZ34bOdtcTA2xVhM
.adsrvr.org/ Name: TDID
Value: 8334b4be-2d19-4991-ac01-0a3d6f7ad157
.bg3.co/ Name: _ga
Value: GA1.1.1614580128.1688020663
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1688020663.1.0.1688020663.0.0.0
.bg3.co/ Name: __gpi
Value: UID=00000c34c7d21ad5:T=1688020663:RT=1688020663:S=ALNI_MYtNetqHXAwUtZB9NSFHMEOPefi9Q
.mathtag.com/ Name: uuid
Value: 7aec649d-26b8-4c00-9efc-873fef46c2c7
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlw7H1r_1RuLQz9X-N7mADlkaWiX2zvAAlW5LA_2k0J7QhvPskVYjlBiXKigKc
.adform.net/ Name: uid
Value: 5397954210711331650
.creative-serving.com/ Name: tuuid
Value: 4effcf1f-7e8f-42bc-8bb3-b7df3362d775
.creative-serving.com/ Name: c
Value: 1688020665
.creative-serving.com/ Name: tuuid_lu
Value: 1688020665
.smartadserver.com/ Name: pid
Value: 6337346244264160536
.logly.co.jp/ Name: dmps
Value: %7B%221%22%3A%7B%22synced_at%22%3A1688020665%7D%2C%222%22%3A%7B%22synced_at%22%3A1688020665%7D%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.socdm.com/ Name: SOC
Value: ZJ0musCo8X4AACKkg-8AAAAA
.openx.net/ Name: pd
Value: v2|1688020666|gekin0vNiygu
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%228334b4be-2d19-4991-ac01-0a3d6f7ad157%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-05-29T06%3A37%3A46%22%7D
.ads.avads.net/ Name: av-mid
Value: 0f31786a-2de3-459e-a2ac-a5a973c93b36
.3lift.com/ Name: tluid
Value: 4571931815267148061550
.impact-ad.jp/ Name: tuuid
Value: 70caddc7-9baf-4de3-977e-b75286e55750
.ads.avads.net/ Name: av-tp-bsw
Value: 1
.im-apps.net/ Name: imid_secure
Value: G_ds5FlgSBmlxihOVk0p1A
.im-apps.net/ Name: imid_created_secure
Value: 1688020666
.openx.net/ Name: univ_id
Value: 537072971|8334b4be-2d19-4991-ac01-0a3d6f7ad157|1688020666900922
.onetag-sys.com/ Name: OTP
Value: WLsdGjM-1RK-4NxwMP5xxJg8r5_RaGNVArGMbPHAlLo
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: e53c1806-0ec4-4f9d-ab10-22fa7531615c
.eskimi.com/ Name: __eP
Value: 1
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.360yield.com/ Name: tuuid
Value: 825522e3-8a80-44df-bd00-b2a5cf397aa6
.360yield.com/ Name: tuuid_lu
Value: 1688020667
.richaudience.com/ Name: pdid
Value: cb084187-e5af-4108-9815-1zz1688020508
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: ab6a5d61-cd9d-53b4-a51b-9da6c186bb1d
.betweendigital.com/ Name: ss
Value: 1
.lijit.com/ Name: ljt_reader
Value: G5TtuLZHNEpGQ9SbQhiZ-QHm
.contextweb.com/ Name: V
Value: BmPoQYPIgzrg
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1lfd|5Ql.0.87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 51c39496e5e2dd48
.betweendigital.com/ Name: ut
Value: ZJ0muwALnKhL02b_p_BeqXnqMUGblMcwz-Vi7Q==
.lijit.com/ Name: _ljtrtb_42
Value: 87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
.smartadserver.com/ Name: csync
Value: 107:87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35
.richaudience.com/ Name: avcid-apn-uid
Value: 7226639094620937395
.us.ck-ie.com/ Name: CID
Value: 01a163d1c8c582a428bfdeae614a5e92049ef066
.id5-sync.com/ Name: id5
Value: 83cb8f5f-b5e7-76eb-adcb-4368962ce714#1688020668468#2
match.sharethrough.com/ Name: AWSALBCORS
Value: +S70rQAU5FSqXzurzpMKz+xhp/QAvdMeCK3jswDUDDBv9Ke0V3fCqtU9n+rplz7/wmbUQH9SclERj+PIeSJQu0GdtWTg7+Q0Yk8HttIUJI3pjyJaD+QiXwqz/r7O
.zemanta.com/ Name: zuid
Value: dWag9UwpasalZFgXaaHq
.smilewanted.com/ Name: sw_user_params_infos
Value: YNFN%2B%2BJwQwcRZT0NKrmTOxk922e69B8BF2TVp1bUzPiG5pOMssoCCAPssTWRgsrlPs1UzvJ6LcxsxwpIXRKlNpUGTXaNtevX00n%2BL5nz1p2fxaFUq91psDmiH%2FJeg1UrwITyEbqo5kKEhRQMVhudAUKLiUlDXVV3vpgltxpJCrLBVoGFHyggXiyEyDUNqEbDBILaSkQoyUb%2FLEkROXTYnveZx0puN3wMxL3Qv0k9ZOloVCjC1aiTxfBLy%2BKBjzHxwIFoF887rpCT5SSWZ11WBrZj8TZh7VP7nqKF4xYhpWAtL0mNC1tsPQs8vZD3%2FiT01nEB%2F8jhLh03V5YbrpD6o0zu4dxss%2BNm3in4YORps5dQDAPi43y6h9w5jKxKo1pskmT0Gy%2FV2cCOvPymepkdYygJeN92X1l95sKBfQuUt2Hxem2feDYXiBjsNxP4kGuHR8PVWfAqDF7NxBguDJ55UgXGJ5lwuBh26cuXZfYI4ZEJ%2FyAlEpUs4MJupXFMk9ho
.amazon-adsystem.com/ Name: ad-id
Value: AyDN_TZEKEhji9SYPdCtTfM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.criteo.com/ Name: uid
Value: 14a19c98-44a2-4160-baa3-5a98e76a42de
.quantserve.com/ Name: sp
Value: CgsIknESBgi6zfSkBgoMCLmKAxIGCL3N9KQG
.blismedia.com/ Name: b
Value: 649D26BD4ADE5FCDCEBFD7CEBLIS
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilhk$x:B!]tbPl1M>e)ZlrFUfJ+tGXxoiOs$gs^/B0COXXgu=Ab:=?T_kwYvpnsCcDtk3If)y3KL9D3I?+^Kt#6w
.casalemedia.com/ Name: CMPS
Value: 5206
.casalemedia.com/ Name: CMPRO
Value: 5206
.bluekai.com/ Name: bku
Value: ikG99n6Z7VuubTTV
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2991:u=1:x=1:i=1688020669:t=1688107069:v=2:sig=AQEZEYenX1pl1M6MuIQu0VISgOG-Zm6I"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.linkedin.com/ Name: li_sugr
Value: bdc56f51-694f-4a93-a687-6bff5bac8d36
.linkedin.com/ Name: bcookie
Value: "v=2&b6a93bee-2007-4bb3-8cdb-e3bc109a5a5f"
.casalemedia.com/ Name: CMID
Value: ZJ0mvQtWexvIYPdjyyVskQAA
.media.net/ Name: data-bs
Value: ca7105ad-a781-49e4-8a1b-5f1ce544a0df~~1
.mediago.io/ Name: __mguid_
Value: cd9c4fdd07a636c4fe3c8da4793d2463
.media.net/ Name: visitor-id
Value: 3310222704262582000V10
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCID49pasnfw7EAUSFgoHc3Z4OXQ1MBILCNC1l6asnfw7EAUYASABKAIyCwiy9pT0wp38OxAFOAFaBzhtMzN6azRgAg..
.media.net/ Name: data-c
Value: 14a19c98-44a2-4160-baa3-5a98e76a42de~~1
.media.net/ Name: data-c-ts
Value: 1688020670
.media.net/ Name: data-ttd
Value: 8334b4be-2d19-4991-ac01-0a3d6f7ad157~~1
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 3957614a17ac99816ec4962191df004e
.media.net/ Name: data-g
Value: CAESED_k-O-xjJM8-wjiJKd2zHE~~9
.media.net/ Name: data-o
Value: 67095e15-0bd3-4936-9f86-b4c173c70e58~~9
.media.net/ Name: data-mm
Value: 7aec649d-26b8-4c00-9efc-873fef46c2c7~~9
.adx.opera.com/ Name: UID
Value: OPU9065dbe41b5c44dea6160662c0eafaeb
.media.net/ Name: data-a
Value: 7226639094620937395~~9
.bg3.co/ Name: __gads
Value: ID=74535a6aa46919d7-22e0206601e2004e:T=1688020663:RT=1688020671:S=ALNI_MbxJ3kg1gUhRhSAqxbPH6qkenP6vg
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjU3sjC3sDCyMBPiM9QtTIv0dEwNyHEvM_UAAGCqtbolAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjU3sjC3sDCyMBPiM9QtTIv0dEwNyHEvM_UAAGCqtbolAAAA
.sportradarserving.com/ Name: zuuid
Value: b6abfa5b-3dc8-4743-bfd3-43b6cc936a80
.sportradarserving.com/ Name: c
Value: 1688020671
.sportradarserving.com/ Name: zuuid_lu
Value: 1688020671
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1688020671
.media.net/ Name: data-r
Value: LJGRX3F9-C-CG73~~1
.media.net/ Name: data-rk
Value: 5141210825728788286~~9
.turn.com/ Name: uid
Value: 8613285097639594033
.mfadsrvr.com/ Name: c
Value: 1688020671
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003%22%7D
.mfadsrvr.com/ Name: tuuid_lu
Value: 1688020672
.mfadsrvr.com/ Name: tuuid
Value: 7cb5138a-a4b4-4a6e-af62-319634a85fa2
.mfadsrvr.com/ Name: ssh
Value: !taboola,1688020672
.media.net/ Name: data-mf
Value: 5a5f7648-15f1-4a9c-9c9f-27746a1d8f78~~1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003%22%7D
.media.net/ Name: data-r1
Value: RX-aed7b224-1c38-4fdb-ac1c-c0cad5a9f06c-003~~9
.w55c.net/ Name: matchmedianet
Value: 5
.demdex.net/ Name: demdex
Value: 39722627727691159221184553471089160667
.w55c.net/ Name: wfivefivec
Value: TDXTRvvq1QeLhS5
.dpm.demdex.net/ Name: dpm
Value: 39722627727691159221184553471089160667
.media.net/ Name: data-xu
Value: TDXTRvvq1QeLhS5~~9
.rubiconproject.com/ Name: audit
Value: 1|yejqiRNSUpVLM/AQnV31Pv2O2DOIzujTqfCIzd1ysPWGGao+ISL+O8xpoYHgylIvCIOzmsghiDfyUhTWCqUS/GZ/FmxxsEfDfY0V14FIbwPQDQBoK9lhiNzpQ7vzkXQ/
a4p.adpartner.pro/ Name: apuid
Value: 31a699bf-ef02-4e3f-8442-cab985b17749
a4p.adpartner.pro/ Name: buyeruid_27
Value: e53c1806-0ec4-4f9d-ab10-22fa7531615c
.liadm.com/ Name: lidid
Value: bd042a6e-1282-4927-87de-cc530c452b30
.go.sonobi.com/ Name: __uis
Value: f4a111a0-c7f4-4455-975e-a3b937298ca0
.go.sonobi.com/ Name: HAPLB8S
Value: s85192|ZJ0mx
.csync.loopme.me/ Name: viewer_token
Value: 1c57e5bb-776a-459f-b7cb-57ca8eb54948
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1689206400%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 40C594F4-C7BD-4834-97BF-A56EA7D04E64
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIuxWAMAgAwAmsMgc-IMjHbTCRgSwtndTSZ3l3Nc1pWwQGxLQEGZ6QxR3i1JI6UofbTuqOjGqyMjsS3W35Tro9f_sLyzFhf1kAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4ADiAXZDEikklWd3X6jlbyYn5fIim1FUrQ_lj7YehRn-CSJYGW63arDIAe9PVuM5AAAA
.semasio.net/ Name: SEUNCY
Value: 33701AC0B730B3D
.bing.com/ Name: MUID
Value: 2DEADDBAFA9463DB0338CE85FB4D627C
.c.bing.com/ Name: MR
Value: 0
.rezync.com/ Name: zync-uuid
Value: ad759909-9d7a-4c8a-af23-9e6f4fba6c87:1688020674.228011
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOwiAMANC79HsYqEALl1kqlITophnzx2V3d58veQfMH90WWXXdIe_bVycor35pQD5g9N-iT8gQnHfoLGMgZGJGjnBOMHSM_l7nXq8jlUJKNplUSYwvLEYa3k3S2Hx7SCxM2UVmizaSvyGydQ7OP5t6Jdw.ZJ0mwg.r6ZmT-PDJWFFZchWXZcFfBo5Y-s
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZJ0mwwANKxvc6gA2
.pubmatic.com/ Name: pi
Value: 162474:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.rlcdn.com/ Name: rlas3
Value: AApssMbsW6FbiYUg0I7JoV5e/l9eiuKaLLRHmOIBoKo=
.id5-sync.com/ Name: 3pi
Value: 464#1688020668734#771161237#87f43d70-129d-48e3-9389-67af0c73b27a-tuctb96ac35|112#1688020674763#1745056683#33701AC0B730B3D|3#1688020669017#1207118965#7aec649d-26b8-4c00-9efc-873fef46c2c7|19#1688020671163#-686366248#3957614a17ac99816ec4962191df004e|485#1688020673469#-1323249491|264#1688020669508#-1960379044#8334b4be-2d19-4991-ac01-0a3d6f7ad157|136#1688020675680#893632182|285#1688020670031#-620973856#LJGRX3F9-C-CG73
.id5-sync.com/ Name: callback
Value:
.rlcdn.com/ Name: pxrc
Value: CMPN9KQGEgUI6AcQABIGCLbqARAAEgYIuuoBEAA=
.logly.co.jp/ Name: rtbs
Value: %7B%22pubmatic%22%3A%7B%22synced_at%22%3A1688020676%7D%7D
.rmp.rakuten.com/ Name: Rp
Value: 2c4e9ce909d11b2b33345e57061649d26c55ff3ef0d401c5
.lkqd.net/ Name: lkqdidts
Value: 1688020677
.lkqd.net/ Name: sr59
Value: 1|CAESECaKiKYsNKofsDV0eL4A3aA|1688020677
.lkqd.net/ Name: lkqdid
Value: OGY-GiC7emo
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b8ec7ec1-75d3-5001-6f66-c775260404da.Y%2BEgj8zgEpzWyhkuG1BYlX9FP8OCewXnF%2FcAhq5yaTY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AuOx-wXXTUAFvZsd1JgQE2lvvzoE.wycVvDJRGFf7MeJdej2WXbmuUnqxs%2FDIOLDjYJJC9UM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AuOx-wXXTUAFvZsd1JgQE2lvvzoE.wycVvDJRGFf7MeJdej2WXbmuUnqxs%2FDIOLDjYJJC9UM

20 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/cf01325a4bcc369fb2f2a5114ddcaf62.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/447c673a810ea0905bff087b7d9bdfa3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/2cf00b59f9d399c80649b71b68b4ff27.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f05ca160c79abefb746fc6779d785ee6.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/9f993b8cc6dfe2f823a1e7ac5a28147e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/0ca0b0a5b7bbb93781d33282563d096b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202012/11a9409a27bf2e0836bf9500d1a044ef.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/55719207fbe3144146a7926e06c0851b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4286aa1c292d99180dccd2a342dae13f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/bd4d36e6749517fa60f97943487d1741.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ffee80187024dea7a845dbc78a017153.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/bcbd99758d8c2b04320ff3b5642f3d59.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/af4e28d533759a9d5540006a2b5324da.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/57cd0fb05fae168d6ca82913c8fcd294.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
javascript error URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.bg3.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.bg3.co/a/gui-mie-po-4yi-chen-zhu-sheng-wei-nu-er-zhui-pian.html
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.bg3.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cdn.adpushup.com/42753/L2EvZ3VpLW1pZS1wby00eWktY2hlbi16aHUtc2hlbmctd2VpLW51LWVyLXpodWktcGlhbi5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e5e780ee-ba60-4dba-9e56-0e02c249b7e7
Message:
Failed to load resource: the server responded with a status of 504 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

80f97d1e0b5008bb5bd47127c625a037.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.sitemaji.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.avads.net
ads.betweendigital.com
ads.creative-serving.com
ads.servenobid.com
ads.stickyadstv.com
ads.yap.yahoo.com
adservice.google.com
adx.g.doubleclick.net
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
audiencedata.im-apps.net
aw.dw.impact-ad.jp
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
c21lg-d.media.net
cbee8b3275ba2d0f5b03b26778f5362d.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cs.lkqd.net
cs.media.net
csync.loopme.me
csync.smilewanted.com
d-38156135323971525513.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.im-apps.net
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fece383fe8e3a5293e6b4076ba2f38bb.safeframe.googlesyndication.com
fonts.googleapis.com
geo.yahoo.com
ghent-aws-fr.bidswitch.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
l.logly.co.jp
live.rezync.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
match.taboola.com
mnadshield-a.akamaihd.net
nt.compass-fit.jp
onetag-sys.com
ox-delivery-prod-europe-west1.openx.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
public.servenobid.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtd-tm.everesttech.net
rules.quantcount.com
s-cs.rmp.rakuten.com
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.im-apps.net
sync.inmobi.com
sync.logly.co.jp
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
trc.taboola.com
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
vidstatb.taboola.com
warp.media.net
wf.taboola.com
win.eskimi.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
acdn.adnxs.com
bbe37092b4d298f855668903e56f9dc3.safeframe.googlesyndication.com
cds.taboola.com
cm.adform.net
fonts.googleapis.com
gum.criteo.com
id.rlcdn.com
ih.adscale.de
imasdk.googleapis.com
live.rezync.com
match.adsby.bidtheatre.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
prebid.smilewanted.com
public.servenobid.com
ssum-sec.casalemedia.com
static.bg3.co
103.231.174.251
104.18.11.47
104.18.24.185
104.22.69.131
104.26.4.103
108.138.7.45
124.146.215.49
13.107.21.200
13.107.42.14
13.248.245.213
13.32.121.21
130.211.27.62
137.74.6.209
138.199.37.225
141.226.228.48
141.95.33.111
142.250.181.225
142.250.181.226
142.250.184.194
142.250.184.226
142.250.185.131
142.250.185.98
142.250.186.104
142.250.186.129
142.250.186.161
142.250.186.164
142.250.186.166
142.250.186.98
146.20.132.54
147.75.84.158
15.197.193.217
151.101.130.49
151.101.193.44
151.101.65.229
151.101.65.44
162.210.196.208
162.55.236.224
172.217.16.194
172.217.16.206
172.64.102.25
175.41.208.201
178.250.1.3
178.250.7.10
178.250.7.11
178.250.7.13
18.192.88.99
18.194.169.246
18.196.88.24
18.200.232.194
18.66.122.68
18.66.97.31
185.106.33.48
185.255.84.151
185.29.132.245
185.64.190.80
185.80.39.216
185.86.139.102
188.125.72.139
192.96.203.13
193.0.160.130
198.47.127.18
198.47.127.20
198.47.127.205
2.16.202.75
2.16.241.17
2.16.241.8
2.18.160.221
2.19.126.222
2.19.126.69
2.19.70.117
2.23.209.36
20.127.253.7
208.93.169.131
213.19.162.21
216.52.2.30
216.52.2.91
23.21.83.46
23.212.88.20
23.37.63.179
23.52.123.144
23.53.43.80
23.97.225.52
3.121.101.248
3.123.215.66
3.123.57.37
3.127.94.250
3.233.155.232
3.251.46.15
3.65.66.159
3.71.149.231
34.120.139.69
34.120.63.153
34.120.96.193
34.254.104.147
34.95.120.147
34.95.81.88
34.96.105.8
34.98.64.218
35.157.224.17
35.186.201.99
35.186.215.140
35.186.254.217
35.205.207.25
35.208.249.213
35.214.143.153
35.244.159.8
35.244.174.68
37.157.6.241
37.252.173.215
44.194.73.244
46.228.164.11
46.228.174.117
51.89.9.252
52.30.150.15
52.46.155.104
54.250.12.70
54.78.84.139
54.93.94.222
64.233.184.155
65.9.66.64
69.16.175.10
69.166.1.12
69.173.144.138
70.42.32.31
77.243.51.121
8.2.108.194
82.145.213.8
87.248.100.136
87.248.119.251
91.228.74.208
95.101.148.20
96.46.186.57
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00f91b07972124f871fa19c2526437fc493aaadca8b98b984023285f74734616
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02efaa0a75ba4e31a44f968b5dd3ab5a37217a996e6d300b0a9de67ee37982ee
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
047a7ee63b3cbde213a291bdfaa9e521963c4cd49c11dd754685d0e31bb2f2a7
04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0e52dd57f0c22242eab17c36eb3394ce38eca57fd433080fe16f3c01e06232a8
0ef96616448b6a5a85f613193f68ad3f98957f5e2dde7fc4cab40d6c2e417238
11fd7546c8ba12c1b5f2d6e13a7f5ff0834d829edc2df16be9680a4632b2769f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b2c65413374b627bf16ff283b79e66ef87cc3fe3b130bada8d7ec0f22817f3
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
178344d8a56214b7bc40e4cdb926e343768f44325579cf7bafe5cbbc3f68be7c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186c189bda141a04594cc4d7f11b3d772492ca3389ad3f7ef22ec3528caae648
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19da023a09b7f0dec43ee305a3562100fbb5393d36ebc5c37b5f522254556b5a
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d0f347498e3bd2dca0e0fc8cdb38f2e9604c36a8a928bedd236b5858834d7f2
1d8f195c25996880ce6b43ce207fd518afa7d57fd7d913686c818046100800b0
231fc093ad945f988a7e83093953a30c405836cd5d7b25d411ed87267e5a4b54
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26a1969149cc9c163f650bb7fb10d05e9ffa266fe9a906e7af4cc7d612565c4a
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
290a62e833b31b9b78c0634d8e03e414b1f7e539a6efc30eabc31307f56f4242
29b8d2a57ce3c936b1bf8b35bc28dff4695373f9522852c4e55d885faabb9ecf
2a3d7f6fad6fec0a93faa7db5f2d073f05c1d9403b90f86b0e059043a32d4064
2a41c5bc342ba16ef770e490619a4ca606ceb1b87031a583cc5dbfa53bd8dad7
2a5f647625545bf2db959a54609abc5d5807ea3e1425d320e5b0a2148a6ea573
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e72c758e7736e7e076632f78fd3cddd13ec53094ea1436db85f336ede7d93e1
2f0cd5c2a5f6d95ba5e342e533d01a20829e7ecb820943b20d35ee0b7404d81c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e359caef3b70f38635048eae6f52070280f4334bd0e6727e697010a1087e87
330a20be6b783f20124f90663f9427a59594b7abaeec87a09e24d9efeca5b73b
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
35430d71fd8d1b0422a61302eadbd84e1fe895ba1fccc17a9ae7e8250a609ba5
35a6e65d88d481de2f84f9b067fcfa9287efda970bd3e303b3575ae03b12718d
35b77ed26236ad7a9c0ad60b2bf5e1b58167316e42e5a9c90728b59363e38063
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
371a19bb5761b08f01dc6d4b3178da91c826ac30ca8d5eeffee76c703c059a86
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
394ab804d541bd32bb9da509fa9b7e9e3f9ed1d1f7091204a94c601d8f950428
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a7164362bbe2722e1734674631cdf2b08acf542e8c6bbf2d2938454a1793350
3bcd512270a10e883d5babf88ce6465a409413382ad0bcda77b36f11fd386d97
3daf718ede3a0e8d0af3799bbc550dafba281ecfddd6b4fb4651c8af3f8c3fbf
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e17afdc655e6fc22f562ef02dfd2803db8f5cddbf5e2bbb5b560046e913755
41818a7ea7ce1cf3b16f80fc8af5607be73b6cd6c417eda63f8c9ba378490944
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b558016e37ae7d8b84a01dbeda768aee656c4e5ffc010ebe39c8357006c7dc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e549b5c5a5676ae22bfe9a472070469e618386af7e967afd3d6a5ff9e487c61
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
52dc40b4859c845baf3ed1db25e7da40399f47be494cad3883b92f8d02991f49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554e7e7207a6c30ab55e3e15db330f5f85cfe90ca4d4b9948df1f714f42e6a47
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5686fd2ad0669f2a4078562248148d4b4b6153ec6a2b6838c9736638c1c59345
57d9a4d8aeacb61a4fb1d18cc6cf21bfbc570c0d518b12543343c294713c8a48
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5b5d513afeb77dfbae2548acb32129141c2ad4d7faa00172a87a59682aa8436e
5f29ce41863ad9cbef67bf38faa1e5eb7365aa22ce15954e81d573cb73256d61
618324322be1f1efedd5d524cef46c7596c9e1896e03b1abb695e0afeb267ffd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4ceaea9badec73164d218ee6e1f2b0632289c1bc1745aef3ceb6deaaf4f43
64a9fc5c284e1dbbe10b002ea706bceee69efdaaa4f8df7d48df8e103505f228
64ed982ae9833050d92340ca1cb0ce0f39040b94e95741fa1360b135451dcdd5
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
66f54f0349abfe5bc81ac8332ccc1b38fed20407d8a2d7264983e60fc7629983
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d73a4469f6831652802e5de5f5142b77217000aa852f6833ac0e04d99ad1ec4
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
7053e1e13532d1bfe4c971020ebedfede230c3076f0d8de3dd17d04801ff9e22
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73dc667fa4a43981b56fa0127f4632b777b15a495d49555015fc315e57999533
74a695504e55816b4cd7d138f2131758c1fab92a0ac69eeee0c37dd8ada8565a
7649b0ab1c566645bc2522f52566c194a5aa2eed5a107ca4791adf8b8f5aca7f
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7955a616e04f3801e3fff07b410d915a89f19d35ee54940d076387440a9ca409
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b6c4066415a89edc8b723b1ed6f55ebdadbdcd235d173409e74803178969436
7c4d149e9c773956008a645f8b8d95cbd9ee85b2c57e0f4428712a9b2a4d2f15
7eb8d2dd663ac3829525507b64f7b6aeb420ab2b640c2fb6867a6bcf17597a8e
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
819644384f980783bcb3937890b1e456f701d0b6c217d02696eacd610b16587d
81dddce1be81196c89c46e3bd838069039a0fc623fe60d982e9ef656e4812286
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f4d91671555f6da46336067c6a26a214906ae80aa17c05764c7c0b79c2ed33
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
874c6b5d04c199358682192181954d1f747b9a951a7d233beda91ebc056bb093
8774af427d8cd79256f4aa3454fe1ba4f33cef59478e3ef9c1ea8aecfd1d3537
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a819581cd007de0e5f3d654ba0fbf9bb1e8c492d844ab9a6223481ac464cf60
8c2fd98c082a5b9c87321aecc26c5cff59b92eec9d751da9d04b18a0db681f67
90d27b697fffc9803d02eac178bb8f15b59e3f135b765a04b3f138a64e39e961
91402109a7033f76c025a6092755ca387371a2ae90fbe95b3f000ed3b0eee932
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92f5f5d72659cb809049c3fd52551188d65a941cfe8925c1e626b59053aaf045
94b08e43aefd03fa04e1a419699f2825ae24316a026e5316548d59d54419c045
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96b0ee02bc01f5b6e9caaf04250d6fe703c19ae64e815c1c8e4fd9e56133f11d
9822b5b1b2afb77878fb18258fb89cca34b097ae0ed636613a338c5f855b577e
993eff878baaac385889e2599c9b0f03e76b966ab37816f7c71bc3a236190fb1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ceb95ba08e55a14db7d61bc29cd55ba59ba88b512845b865875169fa145737a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a33e7a9728b70d914b954e8e2573cc6abf13804e228b7084daab044c9fa51b2f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a68421f97f1c5e283f909fbeb604fc4cc4c72c0c78a372586a85ac564d872f32
a9262e4f0004178b2eb384213e53dd3e0c71eb13584d3f6b6dba57437014c1b1
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
a9f14af6f91e14e4b41a7f8116602d52683440d11bf4a4330fb2d6b0b1fe4702
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27d317eb23b000799a1ab8e4dd3ac2fa2c6ff5182ce9ad0db5ddff3bf6bc0f0
b6177d9f24a8117b1da88e96d2582acdafe1c3432c5b419f3b338edb7e2c20d4
b6598ee9914f891aacfab8ada6bd6716d299987f07687ffdb138af656972e02a
b79a8dec9a3482016c0a2631f627aa886c148e5611ee9ede5a1424771255320b
b8309a4ac613362e890e4e818e5324efd8e2cd4184d29ff180a35ae42f9b67b3
b98214c949c38421ee9244d06d44a465e4e6f6a98f31dc3dfe84493bb08bc66b
b9c77b52464985c96557e8d7c3030b01e75ca95174764105a9251401f74e08d6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc9d7b8f3b26f222cc2a74a0ff76412e754c4ecc375dffc67c506706787ca039
bca22b8906a0fcf316d42d0a0e41aa2291afce21ba6c8e41b7c5e6e6da0d480c
bdb4623199218d3c7e2136e803db7d948087b67ae9380080c6aaf07e4bfd24db
bf142827230aae290d75739dea52429ee85ce26fa4b0c28bd0641d9ed95dae3f
bfaa1287c89aefb71b298062d721d72cf76a861d08efbc39aeb69fc731a50914
c070934e16d8f31707477f428367df3f9841858cc53162e063ca45bb61658f35
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23d4345b09a7394cd5e3bfd02833bf338dcd88426233ce9e789f6eed3f53857
c245b71d95ab40ca0237f2b2664958f53d31f8f9fd6b46518b6f12fa0af1d622
c33278235a168e54782159e0496e4b12c250ddab171c0761bac140d3886280fb
c39ac8c8bf0fbe2234d7cc3bbab10608febe32b0fabcfa58e6e36121a47e07e0
c66e338a8db51592f578b4a5b3892433aec1ccd78f1c4ed651dcdfa871babc3d
c7c7c51f684c077f6df0742f931bbb7e7f1b85b850f6a06b85206b9295129259
c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a
c9cdac73f7459edce1e1594f8a9bfb387cec069e1c12f8ed3a38ff776e86d5ce
cc0d80482314cf7c3d682e03ab88abd3e6c40ce60edf6b95da915283b030270c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cda574a46092eb86a6182ac12bef52cda5ceb18595cb303d6f35255ba44faa07
cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad
d027f57b08317fe97ab28d2065a255e5b87ebfd969ab6a4d6f82c412c6117f3e
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d04ef1c15c39c2134c2de16c5a203d82aa498b5d9202bbb93ea971559fcb7f4d
d0bb590b8a0d65bf47f57dbd4d01caa5c4de8eed63594d04c2272771a6ac832e
d0d8c5870c037d7e6c4aaf18b392303cf389ee5bf99acdfd0c1a0f7be634eb40
d7a182b729e8854f423e607e0fbc4bc0bd34c9e2ad93dcf79af35beb1c17b30d
d929412ab34490caec24266c10135ee96a1c744ac1096c355cbaa0d2c6e9f1aa
dad6b1d729275da998ffe9046246aed006e6e1279f708d2f42f39cc5e087c9de
dae0446a1cb8c9ad36908d1a8608b372bb1a620aa703a9794927111e365b947b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e388628e4ffc8efdf44fd6338facdab55cef802527e7a4f6d8e49ae0c617db1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45dd19e8d682418f4489a4e9bbc70edf506cda7740c7e279082e6e2765f898c
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ed03d04fd66e38e7c474ad1d6aa5bf12bc5e12d40ce995dd7c77bace38715ed3
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
edfc0e86d5e0da8714183bb85e99f551cbd042d638c552d16b0b6c71a54462a4
eeb18ee239f5483fffc8ff1b42f8e309324149ff229dd1700ae5f93131260ce9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef516c921550c3fc8d569b9c20249a9f62438627f06f53712e7d3d07e2d2b64b
ef88a08ab82f53b08c346d044ad9d46a7920c65637c4f0fc003e24a4cee89b66
f00340624ead5370c90c6c143feaeee7120ce637921e26df9ed73e4c06b3e497
f304e9334f67aa9619e29844666e1a8eaca4d0bfc36c9994603ec2b46b9ad11e
f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350
f56fbc6a44b35acd0993ee6ec9a0bcd1083b35e2f774546caee81107161e00d2
f5cf01600c880fa1866bf461c3d9b749e2d49e512df97a074ccc8e9e3cc93cdf
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f688b8dfc364b75c1f758c634c63dd4b757b621e31c8cf5337712450c18a07c4
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f88f70ad2e18f1576a0053d352ff6153735051af5b8f832a2d05dcc2f5f998d5
f8a4b657194a0cd88ecf77f8bdc066c4c25885e1aa52b5df5f370eb49fd3bed3
f96874b747df2aa09b3f3f5a2944fb70106877d78587590cfb549338b300003d
f9b9507e17aa205b9fce21aad1e7f2f330c6b4eb3819fcce36f24887b962db51
fa9230eb742fe60368d3a007ec3e93bb89d0673456c88ecf2d0672fc7922b5f3
fac65eae91e538682a3d665f71f914b4c23f75d63e108f39bbfedae2d4c18bc9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff8af3518ce1943c3dc09cbfb280463e74cc924bc45bdedc5fe61848f72c29e2