www.xgcartoon.com Open in urlscan Pro
84.17.37.43  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 148

• https://eu-u.openx.net/w/1.0/sd?id=539901412&val=310745b1-ac71-4c51-b9c2-9b2610268c46&gdpr=0&gdpr_consent= HTTP 302
• https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=310745b1-ac71-4c51-b9c2-9b2610268c46&gdpr=0&gdpr_consent=

Request Chain 153

• https://x.bidswitch.net/sync?dsp_id=364&user_id=310745b1-ac71-4c51-b9c2-9b2610268c46&expires=30&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=310745b1-ac71-4c51-b9c2-9b2610268c46&expires=30&gdpr=0&gdpr_consent=

Request Chain 155

• https://eu-u.openx.net/w/1.0/sd?id=539901412&val=cf0f61fa-091a-41ca-abf1-27692bd500b3&gdpr=0&gdpr_consent= HTTP 302
• https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=cf0f61fa-091a-41ca-abf1-27692bd500b3&gdpr=0&gdpr_consent=

Request Chain 160

• https://x.bidswitch.net/sync?dsp_id=364&user_id=cf0f61fa-091a-41ca-abf1-27692bd500b3&expires=30&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=cf0f61fa-091a-41ca-abf1-27692bd500b3&expires=30&gdpr=0&gdpr_consent=

Request Chain 166

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEKGfPnN7-3dGhDpxEykIbL8&google_cver=1&google_push=ATf1kGOH3u-_HnnTqgQmBGnbd0iXkuupidbj8GppcwiLsfjEFdeBkcEBCHsYy519GKLOCcPIcowXL5Wj77S1couiCV4UCci_XEU HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAF-eDo_SAyu9irfH0RUoQ2&google_push=ATf1kGOH3u-_HnnTqgQmBGnbd0iXkuupidbj8GppcwiLsfjEFdeBkcEBCHsYy519GKLOCcPIcowXL5Wj77S1couiCV4UCci_XEU

Request Chain 167

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPbJaxV04zVN0iTBu-vZZ6g&google_cver=1&google_push=ATf1kGMpUW13OiOD-2C19-TXpo5IXmI8SjV4cjhp3NMHeoJKc9Jb10H_sRhnu3kbHjlYflTVv1q8i6hb8_vwOgtlz7vWEejdt_I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMpUW13OiOD-2C19-TXpo5IXmI8SjV4cjhp3NMHeoJKc9Jb10H_sRhnu3kbHjlYflTVv1q8i6hb8_vwOgtlz7vWEejdt_I&google_hm=eS1Ed1hzY0R0RTJwRmRZOEhUTFNrc2lzRkk0cm04Z2N0Z35B

Request Chain 169

• https://rtb.openx.net/sync/dds?google_gid=CAESECK7G_EdEC8taLqRgux4fjY&google_cver=1&google_push=ATf1kGM82zNcMZxS3NInjPGPWsKQWs1LpAiuth2MZdldX0YG5rAR1rs2RmGNAUuBdO6yA_Pp8Sas4QTCcJxhoiN4uuNGcUBZnic HTTP 302
• https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESECK7G_EdEC8taLqRgux4fjY&google_push=ATf1kGM82zNcMZxS3NInjPGPWsKQWs1LpAiuth2MZdldX0YG5rAR1rs2RmGNAUuBdO6yA_Pp8Sas4QTCcJxhoiN4uuNGcUBZnic&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGM82zNcMZxS3NInjPGPWsKQWs1LpAiuth2MZdldX0YG5rAR1rs2RmGNAUuBdO6yA_Pp8Sas4QTCcJxhoiN4uuNGcUBZnic&google_hm=xDuL2dkHxzEsUrGpzOTCgw==

Request Chain 170

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPmuTTPbuutQ2qjNOjP7ap0&google_cver=1&google_push=ATf1kGM1PRc4qAXQcvm6aaciVE9lS6NAFm4lIaLz_5_dH1qXdQgspurW-hBsmrtLfToZdTlZKpiMbL8ZmRy6TUnr3Ej7FnSnGg HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPmuTTPbuutQ2qjNOjP7ap0&google_cver=1&google_push=ATf1kGM1PRc4qAXQcvm6aaciVE9lS6NAFm4lIaLz_5_dH1qXdQgspurW-hBsmrtLfToZdTlZKpiMbL8ZmRy6TUnr3Ej7FnSnGg&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGM1PRc4qAXQcvm6aaciVE9lS6NAFm4lIaLz_5_dH1qXdQgspurW-hBsmrtLfToZdTlZKpiMbL8ZmRy6TUnr3Ej7FnSnGg&google_hm=GtUZsGZHyO3yq49cR9SHMkpA

Request Chain 171

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGHEmwbMZBkntyp1yTHHPys&google_cver=1&google_push=ATf1kGP_vdguGWzQ-KqkTvYR0YHRthThuUyuBiqILTpj5jRBBQYMqywJzep_zMSHb95rGrIVuROFEZE17pJiw1FzAIWmm_GU4g HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d81fb9f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGP_vdguGWzQ-KqkTvYR0YHRthThuUyuBiqILTpj5jRBBQYMqywJzep_zMSHb95rGrIVuROFEZE17pJiw1FzAIWmm_GU4g

Request Chain 172

• https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEKg8aFH66ONpj7a9hFZ2oFo&google_cver=1&google_push=ATf1kGPZ3AdBKFzy8XgngF75ZEe9PU6E4eS11gVpv_D3HL64cNCARfdOU9i7kjMQnt2o1_rBIGPTSq5cUbPpxBq_c4F2Uw5KYNA HTTP 302
• https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEKg8aFH66ONpj7a9hFZ2oFo&google_push=ATf1kGPZ3AdBKFzy8XgngF75ZEe9PU6E4eS11gVpv_D3HL64cNCARfdOU9i7kjMQnt2o1_rBIGPTSq5cUbPpxBq_c4F2Uw5KYNA&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPZ3AdBKFzy8XgngF75ZEe9PU6E4eS11gVpv_D3HL64cNCARfdOU9i7kjMQnt2o1_rBIGPTSq5cUbPpxBq_c4F2Uw5KYNA&google_hm=SzVsMHBwQ0cxUzd2NmlPVUpkRUE=

Request Chain 174

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1&C=1

Request Chain 175

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHAw9B9ONt4I1kd40uhnewAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1

Request Chain 176

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESECnZ-KK2C6vv8dJbFDf4zK0&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECnZ-KK2C6vv8dJbFDf4zK0%26google_cver%3D1

Request Chain 177

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5NDIxOTI3NzA4NDE4Nzc3MA%3D%3D

Request Chain 195

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEAtIW_YQVP4gDUN_XrX2fdM&google_cver=1&google_push=ATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAtIW_YQVP4gDUN_XrX2fdM&google_cver=1&google_push=ATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 196

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJNEEbg9AZ0fjubBh-LOfsU&google_cver=1&google_push=ATf1kGONroOhsn-8dvrw-vDK2gOXKzUBmdfEKLTWTMqnBEpwicTucih-ESoOR5G-40_hiyYTNmTYMj9ZZ2KkqGYZoy_ykdg-r1jH HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGONroOhsn-8dvrw-vDK2gOXKzUBmdfEKLTWTMqnBEpwicTucih-ESoOR5G-40_hiyYTNmTYMj9ZZ2KkqGYZoy_ykdg-r1jH

Request Chain 197

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIsip__1XU5JfW7YF2jQCUo&google_cver=1&google_push=ATf1kGNkhCCiA8nvVNbQIxH4cB14_W6FDcIddPLRmCSUAHqwUV5w_aPK7tAs5Sy4fBGMatAHfU23_lO1W9V8G1m0FKy7Uz7x4mA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzMzODQyNTczMTc3NDYxMg%3D%3D&google_push=ATf1kGNkhCCiA8nvVNbQIxH4cB14_W6FDcIddPLRmCSUAHqwUV5w_aPK7tAs5Sy4fBGMatAHfU23_lO1W9V8G1m0FKy7Uz7x4mA

Request Chain 198

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPbJaxV04zVN0iTBu-vZZ6g&google_cver=1&google_push=ATf1kGO66xFcRZg_f20gWdVMRYnGZBH7pYSsaYz_pXaJUXyGegrjPZM0TfK2VE5jx7fFPFutM8j6jkWoE2K54jL-ydcH5R0kBo0Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO66xFcRZg_f20gWdVMRYnGZBH7pYSsaYz_pXaJUXyGegrjPZM0TfK2VE5jx7fFPFutM8j6jkWoE2K54jL-ydcH5R0kBo0Y&google_hm=eS1Ed1hzY0R0RTJwRmRZOEhUTFNrc2lzRkk0cm04Z2N0Z35B

Request Chain 199

• https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHC-A0f2FkUNt3GpVZ9Jglg&google_cver=1&google_push=ATf1kGOnBDzql8QiTxGss2vVfc6JNyWuf9z8Kh7FLfU3j6mwtKmFZfuvLuW1DhwX7mCYHBNmnHyxHQcHL-t6qt_qp4LX0ONm3bs HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOnBDzql8QiTxGss2vVfc6JNyWuf9z8Kh7FLfU3j6mwtKmFZfuvLuW1DhwX7mCYHBNmnHyxHQcHL-t6qt_qp4LX0ONm3bs

Request Chain 200

• https://sync.inmobi.com/gob?google_gid=CAESEJSuLy-IGWnPa0havqGc8Nc&google_cver=1&google_push=ATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCAj3McwxZYPA HTTP 302
• https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCAj3McwxZYPA HTTP 302
• https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://sync.inmobi.com/gobRedirectFromId5?id=ID5-2438uxxdno4Ss9RXFfK_6UPk6pFZlUn4Q2EKZTv7rg&google_push=ATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCAj3McwxZYPA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_hm=sAH9PDlPJ6DMMQA0Lcp2&google_push=ATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCAj3McwxZYPA&google_nid=inmobi_new_eb

Request Chain 201

• https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGSt3wqMlNs5KuUjlolYfmM&google_cver=1&google_push=ATf1kGMfkhRK0EVlwkrDQdwgrrJY5whqoAazXZ5l5VZOjRo3OIddZCrBwCgIvNYiUroyxbbCVgdpnzBZzRK6UbfPV2pm4uEme0utGw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fb25a78d-37b8-4e79-a8ba-1879df21341a&%%GOOGLE_PUSH_PAIR%%

Request Chain 203

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdMn0tsYJ4yfOxfUF9grbU&google_cver=1&google_push=ATf1kGO904iyWC7CJCQrpEu1HwGSGFVL_miMqJz3YUCRbbub6WgE66ksgDgS7KtdZ6knvh29q0IdXhcc9AlrhZg_A-lbft6M77kAwQ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdMn0tsYJ4yfOxfUF9grbU&google_cver=1&google_push=ATf1kGO904iyWC7CJCQrpEu1HwGSGFVL_miMqJz3YUCRbbub6WgE66ksgDgS7KtdZ6knvh29q0IdXhcc9AlrhZg_A-lbft6M77kAwQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TXQ3a1pISVIxUTJvTHo1&google_gid=CAESEBdMn0tsYJ4yfOxfUF9grbU&google_cver=1&google_push=ATf1kGO904iyWC7CJCQrpEu1HwGSGFVL_miMqJz3YUCRbbub6WgE66ksgDgS7KtdZ6knvh29q0IdXhcc9AlrhZg_A-lbft6M77kAwQ

Request Chain 205

• https://s.uuidksinc.net/match/47/?remote_uid=CAESEOMATH1A2EnabIqZjr5sLWQ&c_param1=ATf1kGPFNGCE3MTdhcuRCfHbMG5DUFkr927BHNshTJDxOnZUCLe-TLmx12wz_lBRXOMw4-wfStVc8g-IynDTbKP3qAsb7SKIjBpQ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPFNGCE3MTdhcuRCfHbMG5DUFkr927BHNshTJDxOnZUCLe-TLmx12wz_lBRXOMw4-wfStVc8g-IynDTbKP3qAsb7SKIjBpQ

Request Chain 206

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPmuTTPbuutQ2qjNOjP7ap0&google_cver=1&google_push=ATf1kGOMHOk8wyPdk0UF_BpvgBgKNo5_owMpPcpSH9AqdKpmwoNL0bZ7yLn3D_1Krk08UkWK4pLJ6SrwOFcDMKiw01C8yV52OAMTfQ HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOMHOk8wyPdk0UF_BpvgBgKNo5_owMpPcpSH9AqdKpmwoNL0bZ7yLn3D_1Krk08UkWK4pLJ6SrwOFcDMKiw01C8yV52OAMTfQ&google_hm=GtUZsGZHyO3yq49cR9SHMkpA

Request Chain 208

• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHvNF_K98hM79mykG-Ddc4I&google_cver=1&google_push=ATf1kGNz1_39RvEHIqOqsr0FzcyyELWHGkZg4GK8xDEgA-VhrHrO4ZZJrowrUh7aq5PVGoilJcQZ259fO6-wuGsCjFHXQEKbkEuRFuU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12eDBvcm5kRTJ1RlRxMTdzX1pGVkZPUF9fbEtGb1Y2UX5B&google_push=ATf1kGNz1_39RvEHIqOqsr0FzcyyELWHGkZg4GK8xDEgA-VhrHrO4ZZJrowrUh7aq5PVGoilJcQZ259fO6-wuGsCjFHXQEKbkEuRFuU

Request Chain 221

• https://gcdn.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/981598485ED0C687E9D4A770A9E20E7EC32B2F6E.15FABCB9062531C39B909278FD9C3FD7DDF7BD48/key/ck2/file/file.mp4 HTTP 302
• https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3560350107909D8F757B55DD0B5EA70E3AAA0A85.4B970F0B2B8D90CD42108CBD83D0FA36C43FE03D/key/cms1/cms_redirect/yes/mh/mw/mip/91.239.206.150/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1685073435/mv/u/mvi/2/pl/25/file/file.mp4

234 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request jiejiaomozu_di1jiriyu-yingjinghongming Show response www.xgcartoon.com/detail/	77 KB 18 KB	1262ms 644ms	Document text/html	84.17.37.43 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-37-43.cdn77.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 31e27404cfdbba0c120d750f9da395a9c11a61b674c31fd7037805ac7160adcc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers Cache-Control max-age=60 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Fri, 26 May 2023 04:09:18 GMT ETag "132d5-EIFeaKmUCsZf76SZQpxxF2zaVnE" Expires Fri, 26 May 2023 04:10:18 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	v0.js Show response cdn.ampproject.org/	277 KB 71 KB	586ms 301ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash daff8aabf176b66270a2ed05549b731cb25820c715497c703ef80cab1dc0a580 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 26 May 2023 04:09:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72811 x-xss-protection 0 server sffe etag "03b53c6311d4295f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 26 May 2023 04:09:19 GMT
GET H2	200	amp-ad-0.1.js Show response cdn.ampproject.org/v0/	82 KB 23 KB	518ms 237ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-ad-0.1.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 23205dc8bb2f752461eab7cf823df6459634564948681a16acec2ee52c1e76bd Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 26 May 2023 04:09:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23083 x-xss-protection 0 server sffe etag "ec60bd30329619a5" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 26 May 2023 04:09:19 GMT
GET H2	200	amp-autocomplete-0.1.js Show response cdn.ampproject.org/v0/	29 KB 10 KB	424ms 143ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 4156818638ebf484282bd5e7f3c296028502b30ad64e2c3d47e94362e84dc15b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 26 May 2023 04:09:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9477 x-xss-protection 0 server sffe etag "d3c24311cb26c9f2" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 26 May 2023 04:09:19 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/v0/	49 KB 15 KB	563ms 282ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-form-0.1.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash f1fe2440d3ec3f3dea04ba79fae20b5086de07912104f454fb396ec5de9f7560 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 26 May 2023 04:09:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14984 x-xss-protection 0 server sffe etag "b2692a8d828761fa" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 26 May 2023 04:09:19 GMT
GET H2	200	amp-mustache-0.2.js Show response cdn.ampproject.org/v0/	45 KB 15 KB	441ms 160ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-mustache-0.2.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash a570b49261e065743a45ff2c2915acd90b9dd1943516201bce60b85214c680ab Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 26 May 2023 04:09:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15346 x-xss-protection 0 server sffe etag "9a9a3210c164d512" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 26 May 2023 04:09:19 GMT
GET H2	200	amp-sticky-ad-1.0.js Show response cdn.ampproject.org/v0/	40 KB 10 KB	499ms 219ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 797f132f6e565fb3aa7b8c4816413a03596f0698a0226f7ce0c88546f36893dd Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 26 May 2023 04:09:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10292 x-xss-protection 0 server sffe etag "1f67409efc29664c" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 26 May 2023 04:09:19 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/v0/	110 KB 31 KB	320ms 320ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-analytics-0.1.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 117d672d13737b9fd296dbf791dfcb05ba56c07786fe50973fa48f2d06b30a5a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 26 May 2023 04:09:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32034 x-xss-protection 0 server sffe etag "77f92c2e94d638aa" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 26 May 2023 04:09:19 GMT
GET H/1.1	200 OK	logo.png www.xgcartoon.com/img/	13 KB 13 KB	325ms 325ms	Image image/png	84.17.37.43 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://www.xgcartoon.com/img/logo.png Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-37-43.cdn77.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 26 May 2023 04:09:19 GMT Last-Modified Sun, 28 Aug 2022 14:10:33 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"3473-182e4ca3706" Content-Type image/png Cache-Control max-age=180 Connection keep-alive Accept-Ranges bytes Content-Length 13427 Expires Fri, 26 May 2023 04:12:19 GMT
GET H2	200	jiejiaomozu_di1jiriyu-yingjinghongming.jpg static-a.xgcartoon.com/cover/	114 KB 114 KB	1282ms 988ms	Image image/png	104.22.46.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-a.xgcartoon.com/cover/jiejiaomozu_di1jiriyu-yingjinghongming.jpg?w=230&h=280&q=100 Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d70eb60fb214ce387b4e9deb6a0d957742f763ffcd08dd3d8edc5a1390552540 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT cf-cache-status REVALIDATED last-modified Mon, 06 Feb 2023 04:08:19 GMT server cloudflare etag "52F726941EE60E33C2E723602BA7485F" vary Accept-Encoding content-type image/png cache-control max-age=259200 accept-ranges bytes cf-ray 7cd3297d2d491c22-FRA content-length 116406 expires Mon, 29 May 2023 04:09:20 GMT
GET H/1.1	200 OK	play.png www.xgcartoon.com/img/	470 B 790 B	302ms 302ms	Image image/png	84.17.37.43 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://www.xgcartoon.com/img/play.png Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-37-43.cdn77.com Software nginx/1.18.0 (Ubuntu) / Resource Hash c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 26 May 2023 04:09:19 GMT Last-Modified Wed, 17 Aug 2022 11:09:20 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"1d6-182ab7e5700" Content-Type image/png Cache-Control max-age=180 Connection keep-alive Accept-Ranges bytes Content-Length 470 Expires Fri, 26 May 2023 04:12:19 GMT
GET H/1.1	200 OK	star.png www.xgcartoon.com/img/	424 B 744 B	604ms 301ms	Image image/png	84.17.37.43 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://www.xgcartoon.com/img/star.png Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-37-43.cdn77.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 26 May 2023 04:09:20 GMT Last-Modified Wed, 17 Aug 2022 11:09:12 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"1a8-182ab7e37c0" Content-Type image/png Cache-Control max-age=180 Connection keep-alive Accept-Ranges bytes Content-Length 424 Expires Fri, 26 May 2023 04:12:20 GMT
GET H2	200	over_lord_spriyu-yitengshangwang.jpg static-a.xgcartoon.com/cover/	77 KB 78 KB	1369ms 1075ms	Image image/png	104.22.46.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-a.xgcartoon.com/cover/over_lord_spriyu-yitengshangwang.jpg?w=280&h=120&q=100 Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6d30be48b6ada363eb01b91f6168de33972acaa8b90a4081a1db80824ad0f96 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT cf-cache-status HIT last-modified Thu, 25 Aug 2022 17:25:18 GMT server cloudflare etag "2ACCDD5A14F00BDD501517491946CD6A" vary Accept-Encoding content-type image/png cache-control max-age=259200 accept-ranges bytes cf-ray 7cd3297d2d4a1c22-FRA content-length 79213 expires Sun, 28 May 2023 23:49:37 GMT
GET H2	200	hanhuariji_di3jiguoyu-zhouxue.jpg static-a.xgcartoon.com/cover/	61 KB 62 KB	1419ms 1126ms	Image image/png	104.22.46.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-a.xgcartoon.com/cover/hanhuariji_di3jiguoyu-zhouxue.jpg?w=280&h=120&q=100 Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f12131d9c300d7d762d654ab8d099fc032ed8117884c35d00d2da066d714693e Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT cf-cache-status HIT last-modified Wed, 21 Dec 2022 06:13:23 GMT server cloudflare etag "EE38D747D97AB9A0637C4B13AB5ABF64" vary Accept-Encoding content-type image/png cache-control max-age=259200 accept-ranges bytes cf-ray 7cd3297d2d4b1c22-FRA content-length 62945 expires Fri, 26 May 2023 20:41:23 GMT
GET H2	200	wudengfendexinniangthe_quintessential_quintuplets1-2jiriyu-chunchangcong.jpg static-a.xgcartoon.com/cover/	75 KB 75 KB	1440ms 1147ms	Image image/png	104.22.46.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-a.xgcartoon.com/cover/wudengfendexinniangthe_quintessential_quintuplets1-2jiriyu-chunchangcong.jpg?w=280&h=120&q=100 Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1ecb310604624e654d0b2b6f6036e29ddd2983275d7efbb5b6f0808de7c9a98 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT cf-cache-status HIT last-modified Sun, 30 Apr 2023 00:05:02 GMT server cloudflare etag "1247DB114F1032EA1515F273CAC549C1" vary Accept-Encoding content-type image/png cache-control max-age=259200 accept-ranges bytes cf-ray 7cd3297d2d4c1c22-FRA content-length 76665 expires Sat, 27 May 2023 09:12:05 GMT
GET H2	200	guduyaogunriyu-zhaitengguiyilang.jpg static-a.xgcartoon.com/cover/	74 KB 75 KB	439ms 146ms	Image image/png	104.22.46.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-a.xgcartoon.com/cover/guduyaogunriyu-zhaitengguiyilang.jpg?w=280&h=120&q=100 Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aa7e52829f5e75e08098335b36667b47260e7462398be92feae38f14edec086 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:20 GMT cf-cache-status HIT last-modified Mon, 14 Nov 2022 08:04:18 GMT server cloudflare age 215516 etag "0B6437BB8A8384F258DE70F1C5620460" vary Accept-Encoding content-type image/png cache-control max-age=259200 accept-ranges bytes cf-ray 7cd3297d2d4d1c22-FRA content-length 75988 expires Fri, 26 May 2023 04:36:39 GMT
GET H2	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012305051745001/v0/	8 KB 4 KB	428ms 140ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305051745001/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 1d6c917cea545cbcff8c7988de594c3e060694883165721b9fb9eafc5cc81f8f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Origin https://www.xgcartoon.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 23 May 2023 23:30:49 GMT age 189511 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2994 x-xss-protection 0 server sffe etag "c3b4ae40123badc9" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 22 May 2024 23:30:49 GMT
GET H2	200	amp-ad-network-doubleclick-impl-0.1.js Show response cdn.ampproject.org/rtv/012305051745001/v0/	239 KB 63 KB	424ms 156ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305051745001/v0/amp-ad-network-doubleclick-impl-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 48888fd7e6493541ec3c6d65f972602e81dd462434332a945bd8656b0539dc28 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Origin https://www.xgcartoon.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 23 May 2023 23:30:58 GMT age 189502 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64436 x-xss-protection 0 server sffe etag "4662b295d05a9acb" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 22 May 2024 23:30:58 GMT
GET H2	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012305051745001/v0/	12 KB 4 KB	409ms 147ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305051745001/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash c3de40caecf3f4e1897e809cc72606a83f3d83a580b037dc768cdac6192e8c5d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Origin https://www.xgcartoon.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 23 May 2023 23:30:49 GMT age 189511 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3938 x-xss-protection 0 server sffe etag "e0ed5b11537c8ca0" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 22 May 2024 23:30:49 GMT
GET H2	200	integrator.json Show response adservice.google.com/adsid/	86 B 484 B	449ms 148ms	Fetch application/json	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.json?domain=www.xgcartoon.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer https://www.xgcartoon.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:20 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.xgcartoon.com p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store access-control-allow-credentials true cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83 x-xss-protection 0
GET H3	200	googleanalytics.json Show response cdn.ampproject.org/rtv/012305051745001/v0/analytics-vendors/	2 KB 812 B	145ms 144ms	Fetch application/json	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305051745001/v0/analytics-vendors/googleanalytics.json Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer https://www.xgcartoon.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 23 May 2023 23:30:49 GMT age 189511 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 782 x-xss-protection 0 server sffe etag "3835e66b3509ad97" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type application/json access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 22 May 2024 23:30:49 GMT
GET H2	200	ga4.json Show response amp.analytics-debugger.com/	5 KB 2 KB	429ms 147ms	Fetch application/json	172.64.202.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.202.13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept application/json Referer https://www.xgcartoon.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT content-encoding br x-content-type-options nosniff, nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only age 31585 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Thu, 25 May 2023 19:22:56 GMT server cloudflare vary Accept-Encoding, Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://www.xgcartoon.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJoI9sL6St%2FPmJx0glqjbrZKkreULWrS5BO9NSmYhJpniHFsQ%2FqQcFYFBYc6aB5KkkWri7k2dlB5eCSjYz7bN5zoIsdgeawEhmgqR%2Fl5QgK4bt%2BIplgnHDm%2F6eBCIN48dHCCnsM9jaIvXMUmHA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=86400 access-control-allow-credentials true x-debug-em-all-ga4amp-version 20230423b cf-ray 7cd329835a3490dc-FRA
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 22 KB	1226ms 930ms	Fetch text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2305051745001&d_imp=1&c=546005530&ga_cid=amp-X5taQCh4IpajXdpg6PvYDg&ga_hid=5530&dt=1685074160435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&bdt=1320&dtd=458&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 74f803fbf83455390419a5776aafe4523546d7ea47087aa9c1ded44c1c6a6bb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff x-ampsafeframeversion 1-0-40 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin x-ampanalytics {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzSccylCRHTqzDlRTZjnPeGaMfKvOXmjMS6jMvblDs7PcrK5u1mwUE2HZ4q7rHDdPRo8BIGosmIUalc1WpjU4Sys6kDvWOkzMBYID5CTH8md5Q5xjHVfw9lA\u0026sai=AMfl-YS93mkFTlSYeX7SYuHrWT3NQWmvHo6bbsnaOJnrORT7g8haCJPysBwIk_GFgJ6n8gXTTORY4qviqdoe\u0026sig=Cg0ArKJSzEN8HvDd2hENEAE\u0026cid=CAQSGwBygQiD7yowGtkDXfgYPAh_pK0gsTzEOvQsoRgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=1412529771"],"btrUrl":[]} x-ampadrender safeframe alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20368 x-xss-protection 0 google-lineitem-id -1 amp-fast-fetch-signature google:1:tWblVwDyXh2QoQ5Hh3tpj1jgttceY7CbrE1y4tqDolPzslF8OtcrfVh3FW8mpmkzNIL4em8Dnlh+S9pthPCfkWeWx8hOY8xoIvT5IEbjy+oLxwKFlWEsGaGK40wyuzrSbFz/Fj8N9vq1lnOMOjPEWJPBqZC9eB3WKe/wlLbXLJvSFRUcWt9C3r1xpUidbQMm0K3ihizK1WBLRB2QU80PH9A5DZH2/yS/YOM0RRlpiCukHCAtF8p+4hL4SpZUOCyJfYhBaSsyCdp6IQYQRv2JoYA6TElULNa4Qj5YZIUJo+6m1zWaI0XPizdQ8NLaLfuMs6mlv8QnbRO1ICzMOPMqHg== x-qqid CN6R27aOkv8CFZu8ewodv1cFWg amp-access-control-allow-source-origin https://www.xgcartoon.com server cafe google-creative-id -1 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.xgcartoon.com access-control-expose-headers Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature cache-control private access-control-allow-credentials true timing-allow-origin * amp-ff-sandbox true expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	63 KB 22 KB	920ms 624ms	Fetch text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=837&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2305051745001&d_imp=1&c=546005530&ga_cid=amp-X5taQCh4IpajXdpg6PvYDg&ga_hid=5530&dt=1685074160435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&bdt=1320&dtd=460&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash af78af800a40c5addbb870c7ad41be1095390f7db0e9034916b3a88c5d6ed011 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT content-encoding br x-content-type-options nosniff x-ampsafeframeversion 1-0-40 x-creativesize 160x600 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin x-ampadrender safeframe alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22131 x-xss-protection 0 google-lineitem-id 6137558351 x-qqid CPSUtraOkv8CFUI-4Aodt4EIuw amp-access-control-allow-source-origin https://www.xgcartoon.com server cafe google-mediationtag-id -2 google-creative-id 138372930229 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.xgcartoon.com access-control-expose-headers Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender cache-control private access-control-allow-credentials true timing-allow-origin * amp-ff-sandbox true expires Fri, 26 May 2023 04:09:21 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	63 KB 22 KB	836ms 543ms	Fetch text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2305051745001&d_imp=1&c=546005530&ga_cid=amp-X5taQCh4IpajXdpg6PvYDg&ga_hid=5530&dt=1685074160435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&bdt=1320&dtd=461&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e96cea072d282bf93860d5ac6a7249865e5c07539ff6b0c9eea28ac2a5e53140 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT content-encoding br x-content-type-options nosniff x-ampsafeframeversion 1-0-40 x-creativesize 300x600 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin x-ampadrender safeframe alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22159 x-xss-protection 0 google-lineitem-id 6136662859 x-qqid CPCUtraOkv8CFezAEQgdYGoANg amp-access-control-allow-source-origin https://www.xgcartoon.com server cafe google-mediationtag-id -2 google-creative-id 138390977757 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.xgcartoon.com access-control-expose-headers Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender cache-control private access-control-allow-credentials true timing-allow-origin * amp-ff-sandbox true expires Fri, 26 May 2023 04:09:21 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	36 KB 14 KB	1060ms 766ms	Fetch text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=1608544924&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=673088382&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2305051745001&d_imp=1&c=546005530&ga_cid=amp-X5taQCh4IpajXdpg6PvYDg&ga_hid=5530&dt=1685074160435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&bdt=1320&dtd=462&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash d8cc4d94c514d55703513c0a9ab3f2731c8cf7b77837a71e70b2ba7c42f03081 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT content-encoding br x-content-type-options nosniff x-ampsafeframeversion 1-0-40 x-creativesize 320x480 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin x-ampadrender safeframe alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14050 x-xss-protection 0 google-lineitem-id -1 x-qqid CIPy0baOkv8CFUOr3godIxcNOQ amp-access-control-allow-source-origin https://www.xgcartoon.com server cafe google-creative-id -1 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.xgcartoon.com access-control-expose-headers Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender cache-control private access-control-allow-credentials true timing-allow-origin * amp-ff-sandbox true expires Fri, 26 May 2023 04:09:21 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	63 KB 23 KB	759ms 466ms	Fetch text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=2565837172&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1627611741&nhd=0&adx=954&ady=931&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2305051745001&d_imp=1&c=546005530&ga_cid=amp-X5taQCh4IpajXdpg6PvYDg&ga_hid=5530&dt=1685074160435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&bdt=1320&dtd=462&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 6be0141955434bd34ab43a6148330d55c60ecf4eb8ab5d694119ab07582a0d02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT content-encoding br x-content-type-options nosniff x-ampsafeframeversion 1-0-40 x-creativesize 728x90 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin x-ampadrender safeframe alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22149 x-xss-protection 0 google-lineitem-id 6136661665 x-qqid CLqHtraOkv8CFfm8ewodGWgFYw amp-access-control-allow-source-origin https://www.xgcartoon.com server cafe google-mediationtag-id -2 google-creative-id 138370495019 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.xgcartoon.com access-control-expose-headers Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender cache-control private access-control-allow-credentials true timing-allow-origin * amp-ff-sandbox true expires Fri, 26 May 2023 04:09:21 GMT
POST H2	204	collect www.google-analytics.com/g/	0 256 B	435ms 145ms	Ping text/plain	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=5530&cid=amp-X5taQCh4IpajXdpg6PvYDg&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&dr=&dt=%F0%9F%8D%B4%E8%A1%97%E8%A7%92%E9%AD%94%E6%97%8F%20%E7%AC%AC1%E5%AD%A3%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1685074161&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.xgcartoon.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 26 May 2023 04:09:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.xgcartoon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/	0 0	442ms 146ms	Other text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.xgcartoon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html Show response 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF8C	6 KB 3 KB	358ms 145ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 87F4	6 KB 3 KB	322ms 150ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 25C7	6 KB 3 KB	320ms 209ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2D6	6 KB 3 KB	196ms 196ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame EF8C	75 KB 25 KB	156ms 154ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 1c426edc0472c2777122862520233007d480818020e3dedfcf30cc946811b46e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25198 x-xss-protection 0 server cafe etag 273 / 19503 / m202305220101 / config-hash: 8162924834617908161 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame EF8C	171 KB 54 KB	445ms 154ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54244 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684927996807358" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame EF8C	0 440 B	174ms 174ms	Image image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTNXNyGPo9vdQTHj9fLLmEuzejclQzF5pP66fEwbwMHlmYJE5mV0bE_TQbpQOpduDhUHp4tRpbYCwXCzxN_lcrO07lgZeBYmhBO0zNBF0LGbrDKoBcQxtCHhXENLTZD2rHTKUGb5RwcPH_H8MpAjpMsujkZUt-tnn-ydQUNK_pyr7jQu4MM1js8GnH2yYzqA8o1EDJVLWFXetMrZ-oMkONk0CliJTGhDk4qfnbsddiqUm4bY7CyRuXlIkgzmgWSGqjUy_ee_5dcHCN7SG3tpbWrDBCESzkbDqYq-5p4LJ8FBBQrOgOstTvw3uwlRr4pRAOdbEADb0VvBH47zrtmMa-PZAUD3T-wBWaPFaQQg&sai=AMfl-YTWPKmE5j9VkDMcURVrTUf43ElbB3QCCQX7ODixk-5Zc5mK0U07wgXSr0BAK2qQ25dodK2FPZdaCVpvLEs&sig=Cg0ArKJSzHNdSF0d4XkAEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 26 May 2023 04:09:22 GMT
GET H3	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/012305051745001/v0/	19 KB 7 KB	144ms 143ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305051745001/v0/amp-ad-exit-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash df57b1e81e371ac9e5e1062dc899e0e2fa82bd519cefb8c0283011877d759e51 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Origin https://www.xgcartoon.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 23 May 2023 23:31:09 GMT age 189493 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6653 x-xss-protection 0 server sffe etag "682d765d27631fbe" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 22 May 2024 23:31:09 GMT
GET H3	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/012305051745001/v0/	7 KB 2 KB	145ms 144ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012305051745001/v0/amp-fit-text-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash e1326b1fc20b6439d757c6cf5c8b484ebe24e25df990f40d9c55312abf1dd363 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xgcartoon.com/ Origin https://www.xgcartoon.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 23 May 2023 23:30:53 GMT age 189509 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2515 x-xss-protection 0 server sffe etag "99296c2a47e9f8d7" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 22 May 2024 23:30:53 GMT
GET DATA	200 OK	truncated / Frame 7C97	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 32d6775142f63dcc51a43e9c037545cd3a29738dba26785fa4c07ddfdd74bcc6 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 87F4	75 KB 25 KB	161ms 160ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 64f0bcb634c1f92a7cd5fe2b0d90ef92200ebfa2f7c603e4969ee0c0e1e0d3ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25197 x-xss-protection 0 server cafe etag 193 / 19503 / m202305220101 / config-hash: 8162924834617908161 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 87F4	171 KB 53 KB	604ms 354ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 382a2f3edad3f7a604c119e04efd8f22315ebe40b4d14da436795b3b4ba6f5cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54276 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1685039980639380" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 87F4	0 293 B	179ms 179ms	Image image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGbr4ahEpjCzZuYApwHNjld5akrqjmSJ1L39y7LA8YCID0Z1yg8RwNkbBACk6XleYztR6Rk0mbgGxT2T-CklonD04LlFPF2bZPCMhM51QV9fWGUGjesaKFL7uPyzqiWTE_tNV8xGQG91BUiitY65Ll9PhUCCGlEYghtCrKbtXtllqqtX2ZnI7skrOWFYIVwFUw8kX4N6iZpREcOqJnU4nUwhtiytaWc7Jcihs8Pwdj3bRwsfnRc8UqCbDRPpdq_dkeRdqxuienoBQqNO09eajg-i30RbKVrS1u1w0SxYPdbvuXuZtGVk8Fb256AmTXPeB5v762krBq5ttVq1YcFZQWeeHxMdIrnZxt0P-R&sai=AMfl-YTlAIduQd0htt5cVnWUs-rEfuWx4WHN0PHMDNtvL9cQ2szwx4qwiULrqR9Z0GaBT2i6wOQCfrD9s2BHtnE&sig=Cg0ArKJSzIcYyGzEfLP4EAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 25C7	75 KB 25 KB	170ms 169ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash f20d18f5e8dc526e0396bcde6687f79cf28cb610edf0d238bc9d789778356174 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25197 x-xss-protection 0 server cafe etag 43 / 19503 / m202305220101 / config-hash: 8162924834617908161 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 25C7	171 KB 53 KB	542ms 303ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54244 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684927996807358" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 25C7	0 294 B	188ms 184ms	Image image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAwKgeU64wBvCubw8KB5MAQ9dljmDc4HuV60x1F_WCTUHKyWwk4IFlDeuM2xC6QDs6Fd-ANtMZONG-9_8HyuMvhhpYus52WSwcY4pigThsOMuVkiPOhbAkMKYW1WEws5HSHMQbqPujzArLW6IT43yYZQ1AOrhsUpk5tlrHLOM6d9j3C1HDlp3Yb4i6277FVd-IsDGjeYofHM8Ly70_jJwuTHw9uqKk10Nfai01zC4Ha9QMt2j4csjevD2tB7iO8dp591fI6nvx9m30rLMF-cerBTX8CPbPtralzKfnOTFHN7O898Gf_fBjAva9ectFsYdUFmDEdb_Zj91otoVMks7Pgr5IOYfP2_IvpJbKrQ&sai=AMfl-YR-JqtNX98ZMo_Fl7jwavDbeltevTbyR8y2C-vShzGhPIzyKZPb9UOzdAdM1kSdcI5B--SnzBj8NyxShdI&sig=Cg0ArKJSzAll4O1fsh3mEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	gsap.min.js Show response dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/js/ Frame E2D6	57 KB 25 KB	527ms 180ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/js/gsap.min.js Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 11 May 2024 12:53:34 GMT date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 722 cdn-cachedat 05/12/2023 12:53:34 cdn-pullzone 692289 last-modified Thu, 29 Jul 2021 02:19:42 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"6102103e-e568" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 473d14e4bc755ce7ba201613b2dff7cf cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Draggable.min.js Show response dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/js/ Frame E2D6	33 KB 14 KB	671ms 325ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/js/Draggable.min.js Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash c225bb7c6504991db5c252213d29ca207b489764705abeee9c044e69f0b0d886 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 11 May 2024 12:53:34 GMT date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1081 cdn-cachedat 05/12/2023 12:53:34 cdn-pullzone 692289 last-modified Thu, 29 Jul 2021 02:14:14 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"61020ef6-82b4" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 2be4cf098d55364e857817a628c18ff4 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	0_98906644135a7e9d6e.css dsp-media.eskimi.com/upload/js/ Frame E2D6	2 KB 1 KB	503ms 157ms	Stylesheet text/css	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/upload/js/0_98906644135a7e9d6e.css?_=1681995175 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 7fce5025c43538cacece3a60d78fbe18c360f07708e50cd3afc25936b939f0a4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 11 May 2024 12:53:34 GMT date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1053 cdn-cachedat 05/12/2023 12:53:34 cdn-pullzone 692289 last-modified Thu, 20 Apr 2023 12:52:55 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"644135a7-7b4" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid aaa2d3ef45d9818455c187cefd9e06d2 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	cap dsp-trk.eskimi.com/ Frame E2D6	43 B 161 B	437ms 148ms	Image image/gif	34.120.139.69 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-trk.eskimi.com/cap?id=7_-6963280448092949357&dc=5&tz=%2B04:00&sgid=25013372655&pid=1968502613&cid=165540&crid=1068854 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 69.139.120.34.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	2_98906644135a7e9d6e_450215437.js Show response dsp-media.eskimi.com/upload/js/ Frame E2D6	11 KB 4 KB	640ms 294ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/upload/js/2_98906644135a7e9d6e_450215437.js?_=1681995175 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 36c7f927c52b3964aee4c410edebb0f25a2f0f5d0fd7517a111c46db21da7d5f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 11 May 2024 12:53:34 GMT date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1053 cdn-cachedat 05/12/2023 12:53:34 cdn-pullzone 692289 last-modified Thu, 20 Apr 2023 12:52:55 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"644135a7-2db7" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid d36ff7ae6a42d36c635271fcd7a275b8 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ad-choice.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame E2D6	3 KB 2 KB	612ms 267ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.8 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Wed, 29 Nov 2023 14:20:59 GMT date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1054 cdn-cachedat 11/29/2022 14:20:59 cdn-pullzone 692289 last-modified Mon, 14 Nov 2022 14:24:28 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"63724f9c-bdd" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid e25f57b362d35effa2736606a9db3e51 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	bctr.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame E2D6	1 KB 1 KB	622ms 276ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/bctr.min.js?v=1.4 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 993eff878baaac385889e2599c9b0f03e76b966ab37816f7c71bc3a236190fb1 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Thu, 23 May 2024 14:29:21 GMT date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1076 cdn-cachedat 05/24/2023 14:29:21 cdn-pullzone 692289 last-modified Wed, 24 May 2023 14:13:54 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"646e1ba2-4b3" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid f7633686c741eb9d59a64bdfee590411 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame E2D6	3 KB 1 KB	491ms 210ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 17:46:04 GMT content-encoding br x-content-type-options nosniff age 37398 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Jun 2023 17:46:04 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame E2D6	19 KB 8 KB	416ms 135ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software cafe / Resource Hash 8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 14:12:57 GMT content-encoding br x-content-type-options nosniff age 50185 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7987 x-xss-protection 0 server cafe etag 5788035530912182302 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Jun 2023 14:12:57 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E2D6	24 KB 7 KB	426ms 146ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 14:52:15 GMT content-encoding br x-content-type-options nosniff age 566227 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 18 May 2024 14:52:15 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E2D6	171 KB 53 KB	565ms 338ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54244 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684927996807358" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 26 May 2023 04:09:22 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame E2D6	0 0	178ms 177ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CnAf68TBwZMO1LMPW-gajrrTIA6PQ5tRwyfjB39YQwI23ARABIABgjQKCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCeACAKgDAaoEqgJP0HeUHb4C8jRNH2vtk5TDkBxLpj8QrLTMEWfPUXgfRboknbe3pvE6ClMH3BvQYPif9FHpMN_m_r_8z3iXZV1B8KVFeY5kMIL925w6reQ2pHukb67NvUsjIdFxoPuNWYcrHf8UhYE_Z71RLNJswEHrZWgARYQmQb2FIO2tIJdZ5NL08F1dH_FE9dZ5rQxrjuc2Rq--jfZqw6Tmm5o5IWBoG7R1Yq8Pci7d4OdKHe2G3iFB3glgamBxOAlJ75ELOrGflg_X_iilCKW4dYKL7dEnPLkR3WjHyjyGIND_FONRzfrrKR3eDSHkFimJ-BeUh_RyKXXOOJQJRng4WMpYNCdxx1UaG4hIv56jo7cDQj27Ro37Sx_r9bf9KDHDP8ja95QEOCJhblntzfN34AQBgAbT3fnwu9rFwS-gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=dUEJIfYU1-Y&uach_m=[UACH]&cid=CAQSGwBygQiDznM4VXw9nCJVLrn_yPR-YDUXYaOWwxgB&vis=1 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	doubleWin win.eskimi.com/ Frame E2D6	43 B 161 B	435ms 145ms	Image image/gif	130.211.27.62 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://win.eskimi.com/doubleWin?eid=2&w=EiEKFlBZU3E4Q3NINE5XOGhXcGo1SnZjRmcQAhie4fyxhTEYBSCAnL_fBTFEi2zn-6mxP0F7FK5H4XqEP0jvjaeXXVikjQpoAnDYnwJ4tb3VAYABBqIBFjdfLTY5NjMyODA0NDgwOTI5NDkzNTepAfYoXI_C9cg_sgEZIAI6D3JhaW9uIHNhY2hraGVyZUICZ2VIAcIBJggCELH60jMY1e7TqgcgASjAJDAFOAhYtp5BaAFwAXgCiAECkAEBygEgZjM0ZTk2OTk1ZGRmM2ZmNWViMWJmZGUxMzhjZmUyOWPYAY6R5KeZndT8JeEBAAAAAACAUUDqAQJ6aPAB3wyAAgE%3D&esc=false&spent=ZHAw8QALGsMK3qtDAA0XI2xR1aLqJcoGHyxL1g Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 62.27.211.130.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:21 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/ Frame EF8C	404 KB 125 KB	135ms 135ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 19:03:07 GMT content-encoding br x-content-type-options nosniff age 32775 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127485 x-xss-protection 0 server cafe etag 17275677167730277524 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 24 May 2024 19:03:07 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/ Frame 87F4	404 KB 125 KB	170ms 170ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 19:03:07 GMT content-encoding br x-content-type-options nosniff age 32775 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127485 x-xss-protection 0 server cafe etag 17275677167730277524 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 24 May 2024 19:03:07 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/ Frame 25C7	404 KB 125 KB	184ms 182ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 19:03:07 GMT content-encoding br x-content-type-options nosniff age 32775 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127485 x-xss-protection 0 server cafe etag 17275677167730277524 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 24 May 2024 19:03:07 GMT
GET H2	200	integrator.js Show response adservice.google.ge/adsid/ Frame EF8C	107 B 531 B	439ms 150ms	Script application/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame EF8C	107 B 196 B	160ms 158ms	Script application/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame EF8C	35 KB 14 KB	392ms 392ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=639065492232696&correlator=1329433758486764&eid=31073865%2C31074850&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C468x60%7C728x90&fluid=height&ifi=1&adks=2103771922&sfv=1-0-40&prev_scp=in2w_key9001%3D1%26in2w_key%3D67%26in2w_key2%3Dnope%2Cbenchmark%26in2w_key3%3Dnop%26in2w_key4%3Dnop%26in2w_key5%3Dbenchmark%26in2w_key6%3D--3---%26in2w_key7%3D1580%26in2w_key8%3D67%26in2w_key9%3Dbenchmark_request%26in2w_key12%3Dbenchmark%26in2w_key15%3Db0%26in2w_key16%3D1&eri=4&sc=1&cdm=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com&abxe=1&dt=1685074162578&dlt=1685074162104&idt=446&adxs=0&adys=0&biw=728&bih=180&isw=728&scr_x=0&scr_y=0&ucis=bwzydvmhs6gy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&loc=https%3A%2F%2F03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&frm=24&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash ef2ed44c2665a725f0ec4a2576dc49f32cd94d5c56f0933fe94475732d5c143f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14328 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E171	6 KB 3 KB	170ms 155ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.ge/adsid/ Frame 87F4	107 B 165 B	399ms 167ms	Script application/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 87F4	107 B 165 B	155ms 155ms	Script application/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 87F4	82 KB 26 KB	373ms 373ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1471544645273787&correlator=3413317614673898&eid=31073559&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_mob_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x100%7C300x250%7C300x600&fluid=height&ifi=1&adks=2551925418&sfv=1-0-40&prev_scp=in2w_key9001%3D1%26in2w_key%3D68%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D68%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&eri=4&sc=1&cdm=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com&abxe=1&dt=1685074162628&dlt=1685074162136&idt=480&adxs=-12245933&adys=-12245933&biw=300&bih=1200&scr_x=0&scr_y=0&ucis=kgkk3bc46dru&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&loc=https%3A%2F%2F03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&frm=24&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 77a56aeada2986a29ddf9bc476d1f78908fa59baf65de6621ba9b9a6aacf8c1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27038 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E3B	6 KB 3 KB	177ms 150ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.ge/adsid/ Frame 25C7	107 B 165 B	367ms 157ms	Script application/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 25C7	107 B 165 B	149ms 149ms	Script application/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 25C7	25 KB 12 KB	409ms 409ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1614395051774453&correlator=1423748224657880&eid=31074851%2C21065724&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_vrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600&fluid=height&ifi=1&adks=2069428000&sfv=1-0-40&prev_scp=in2w_key9001%3D1%26in2w_key%3D2%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D2%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&eri=4&sc=1&cdm=03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com&abxe=1&dt=1685074162655&dlt=1685074162176&idt=464&adxs=0&adys=0&biw=160&bih=1200&isw=160&scr_x=0&scr_y=0&ucis=4ydflttt90ks&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjiejiaomozu_di1jiriyu-yingjinghongming&loc=https%3A%2F%2F03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&frm=24&vis=1&psz=0x0&msz=160x0&fws=256&ohw=0&ea=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 2cea2c68c2ae96f6b8f41de9945a536cf8fa94ce8843aee710b1e5ba6a350496 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11790 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55FD	6 KB 3 KB	167ms 151ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame EF8C	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 18131e93737d0075664a0ce5d6c39ae628d65ed396cf5c795a2c2634cf2f4343 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 25C7	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5c2dd01ec891a1f34a3bd5c86ef582086a0b875588126e73175f74ef829ac0bb Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	sunbg.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	3 KB 4 KB	160ms 157ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/sunbg.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 306e194acda16e1accb432b604588efdc67fa97a4795eceebce9c534345489f2 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1079 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 3166 last-modified Tue, 18 Apr 2023 06:50:16 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3da8-c5e" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 195e22b07374bcf7622586f61d2a10c8 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	fanta.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	42 KB 42 KB	173ms 170ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/fanta.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash a94ec52c7d8079981bfc83228aa54c22e70c168bfaff42f70db7f46603ebac72 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1079 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 42908 last-modified Tue, 18 Apr 2023 05:45:22 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e2e72-a79c" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 2a7cb9d91550c1f68f1fe5e1d881a91a accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	track.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	39 KB 39 KB	232ms 229ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/track.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash fbc25ee4fd8b1d849d14e2c358476f7a1f01e446e14cfbc2c75607991ce0177c Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1048 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 39884 last-modified Tue, 18 Apr 2023 06:03:42 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e32be-9bcc" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 117a16e576cabd0c1807ae9898e614df accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	pn_1_inst.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	4 KB 5 KB	257ms 254ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/pn_1_inst.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash af2599c9d73e3343dcd25e4ed688c0b7a177f664b8e0dc19f807d0a569d2509e Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1048 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 4293 last-modified Tue, 02 Nov 2021 10:41:46 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "618115ea-10c5" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 1c47fb26d0a75c27497ad67a9a86b311 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	pn_2_inst.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	4 KB 4 KB	256ms 253ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/pn_2_inst.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash e4562c1c18e26d8a316b02adf447ed779be21bb01705bbe102c38966423e3174 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 874 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 4012 last-modified Tue, 02 Nov 2021 10:44:02 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "61811672-fac" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 4e9f4e7e3d784e969703ca6343183f23 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	pc_inst.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	6 KB 6 KB	257ms 254ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/pc_inst.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 08f92d9945c9d67a03b5e955a21e5e8ed01dcd35d2680b013317a25aed1f849a Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 864 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 5902 last-modified Tue, 18 Apr 2023 05:46:04 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e2e9c-170e" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 41af224adc0c6069915e241d7f96023f accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	em_inst.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	643 B 1 KB	257ms 254ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/em_inst.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 95ec3bed246247a88017caeaf2c81e22bbd03d28f37e880abe5cdc1c215dfdc7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1047 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 643 last-modified Thu, 29 Jul 2021 02:21:36 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "610210b0-283" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 7329ff31aae94b5b862faa29cc52a6bc accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	spl.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	2 KB 2 KB	258ms 255ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/spl.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash af396bbc58e6cfdf07ca2a70269a0e71e79c2d6e6eb68637103dde8cf268ef44 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 864 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 1841 last-modified Thu, 29 Jul 2021 02:22:08 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "610210d0-731" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 880305ddcaf5637ab81db43574f972c7 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	in_sc.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	13 KB 13 KB	257ms 255ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/in_sc.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash ac27b5eaa00c4b50af05682ae8589f52d11f6350f6a7d1029c9c4a5dd600699e Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 860 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 12879 last-modified Tue, 18 Apr 2023 05:51:06 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e2fca-324f" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 3a30a9e73e3832e38a78b24648e1de2d accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	cp_1.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	14 KB 15 KB	258ms 255ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/cp_1.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash bb2ca5c571358e805e5242d30e8f2f6efafc01522273b19522af8212609a1e75 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 864 cdn-cachedat 05/12/2023 12:53:16 cdn-pullzone 692289 content-length 14755 last-modified Tue, 18 Apr 2023 06:30:48 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3918-39a3" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 589e1a6f9aace80d21175556dd5370cf accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:16 GMT
GET H2	200	instr.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	5 KB 5 KB	258ms 256ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/instr.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 9f30fd770fbb13e37a817656ff736e018c90c40145f686a1e5672e184364ce3d Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 863 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 4963 last-modified Tue, 18 Apr 2023 06:31:38 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e394a-1363" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid c3512315a658a84ca7a3348696b84e7a accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	wb_1.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	3 KB 4 KB	258ms 255ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/wb_1.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 09386a3e0e5a4bfc2ca9560fc24441649bbf059586e52886168b2ed61a9bff30 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1082 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 3231 last-modified Tue, 18 Apr 2023 06:50:10 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3da2-c9f" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 52fd412410b5a4014f0420a3f7ea74ec accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	wb_2.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	3 KB 3 KB	258ms 256ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/wb_2.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash fbdc9a2e91da7c4c85542f6cd444264a1851ff21d3ac9dbddcfc840804062c8e Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1077 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 2948 last-modified Tue, 18 Apr 2023 06:50:04 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3d9c-b84" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid b1a821b12b3497b58578050d9865ed51 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	wb_3.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	9 KB 9 KB	258ms 256ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/wb_3.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 8d4fe634bc0fb8f5fb317b0eedd6cad3bbef49ad361ef8442c29d82e79f8ca44 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 722 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 8861 last-modified Thu, 20 Apr 2023 10:51:22 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "6441192a-229d" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 673acc5603abb1819c22fbdf399cc91c accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	wb_4.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	69 KB 69 KB	258ms 256ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/wb_4.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 9e3308a88f8cabdc76d60a41999fb85187d2a1448895240b2561eee1b5fe7e27 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1076 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 70579 last-modified Tue, 18 Apr 2023 06:43:58 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3c2e-113b3" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 2c0300a4ae2d43d99aece55a18fee6c4 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	cp_2.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	11 KB 11 KB	258ms 256ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/cp_2.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 1341f81eff6a54fae23e9a8a9e7bec6311907305877ffccbadddc6af604a2174 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 860 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 10897 last-modified Tue, 18 Apr 2023 06:43:02 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3bf6-2a91" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid d7ddd2a8594f2db2b1f33478c28da096 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	win_gl.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	10 KB 10 KB	294ms 292ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/win_gl.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 77ec738a64b80a236728feef8226a783231571bf6dbf39287711c91f1d30114b Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 723 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 9985 last-modified Thu, 29 Jul 2021 02:21:20 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "610210a0-2701" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 2c69577e5910234759e2b0ce0f3d8c16 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	lose_bg.jpg dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	29 KB 29 KB	293ms 291ms	Image image/jpeg	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/lose_bg.jpg Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 1420c948e9f792e976eb27cee3ecb4c2d5716dfd600e5b02dd6fabcdc9c9cf9c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT x-content-type-options nosniff cdn-edgestorageid 1081 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 29363 last-modified Tue, 18 Apr 2023 06:48:04 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3d24-72b3" content-type image/jpeg access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 0a60193f196e672beb45d0b9e0fafdef accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	ls_fn.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	69 KB 69 KB	294ms 292ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ls_fn.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 194890cd57ff1cfa79669127a4f330905cdd745d249891e1b5dbec46983a9a7a Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 755 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 70579 last-modified Tue, 18 Apr 2023 06:43:42 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3c1e-113b3" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 5bd910ab5e57ec10811233dc26431088 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	ls_lp.jpg dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	29 KB 29 KB	294ms 292ms	Image image/jpeg	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ls_lp.jpg Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 8ea7fb6206f20198bc0eba35aa4c31ae355966ab23815e9a25810dd559672050 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT x-content-type-options nosniff cdn-edgestorageid 1076 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 29363 last-modified Tue, 18 Apr 2023 06:48:22 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3d36-72b3" content-type image/jpeg access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid d3fd9d9b67ee81e2b1147e3a72806465 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	ls_or.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	9 KB 9 KB	295ms 293ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ls_or.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 8d4fe634bc0fb8f5fb317b0eedd6cad3bbef49ad361ef8442c29d82e79f8ca44 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1081 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 8861 last-modified Thu, 20 Apr 2023 10:51:06 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "6441191a-229d" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid f4de3d2ac282f3cd553e533ad51a4f65 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	cp_3.png dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	11 KB 11 KB	295ms 293ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/cp_3.png Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 1341f81eff6a54fae23e9a8a9e7bec6311907305877ffccbadddc6af604a2174 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1082 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 10897 last-modified Tue, 18 Apr 2023 06:43:02 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3bf6-2a91" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid be3808eb575d55ea0d595e0275148981 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	game_cn.jpg dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	37 KB 38 KB	294ms 293ms	Image image/jpeg	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/game_cn.jpg Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 24cc76a23b3e6ca010a52bb5dd272e21735ceac9d8a36f85f3ca8c9f9dc6afbb Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT x-content-type-options nosniff cdn-edgestorageid 1054 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 38092 last-modified Tue, 18 Apr 2023 06:05:20 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3320-94cc" content-type image/jpeg access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid f120201bed4160458d7ce8fce52b3878 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	bg.jpg dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/ Frame E2D6	29 KB 29 KB	294ms 292ms	Image image/jpeg	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/rm/upload/1681995172/Pepsi_UCL_Game_320x480/assets/bg.jpg Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 8ea7fb6206f20198bc0eba35aa4c31ae355966ab23815e9a25810dd559672050 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT x-content-type-options nosniff cdn-edgestorageid 860 cdn-cachedat 05/12/2023 12:53:17 cdn-pullzone 692289 content-length 29363 last-modified Tue, 18 Apr 2023 06:48:22 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "643e3d36-72b3" content-type image/jpeg access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 60996b4bd4ebe90436a63313f1a708dd accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:53:17 GMT
GET H2	200	adchoice_logo_15x15_v2.png dsp-media.eskimi.com/upload/wl/eskimi/ Frame E2D6	360 B 832 B	291ms 290ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15_v2.png?_=2.1.0.8 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1047 cdn-cachedat 02/28/2023 09:40:28 cdn-pullzone 692289 content-length 360 last-modified Tue, 28 Feb 2023 09:21:44 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "63fdc7a8-168" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid d4fefcdd535f23408c18eca6fa7be127 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Wed, 28 Feb 2024 09:40:28 GMT
GET H2	200	utr.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame E2D6	10 KB 5 KB	292ms 291ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/utr.min.js?vv=0&trv=0&fla=0&trve=0&src=utr&bId=1685074161822.2.PYSq8CsH4NW8hWpj5JvcFg&baId=ead-0992081e596a192b41adcbdd00c60fe9&mr=0 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 25 May 2024 04:09:23 GMT date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1075 cdn-cachedat 05/26/2023 04:09:23 cdn-pullzone 692289 last-modified Thu, 01 Dec 2022 09:59:55 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"63887b1b-29ad" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache MISS cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid c305d320446999f3e920a004792167b6 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	gtr.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame E2D6	6 KB 3 KB	291ms 290ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Tue, 27 Feb 2024 09:17:18 GMT date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1082 cdn-cachedat 02/27/2023 09:17:18 cdn-pullzone 692289 last-modified Fri, 24 Feb 2023 12:08:35 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"63f8a8c3-19cc" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid a4ca18e4143e08c04266df662561696f cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	container.html Show response 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9B0	6 KB 3 KB	139ms 136ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 25C7	15 KB 11 KB	659ms 151ms	XHR application/json	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305220101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash 748445ba4142720f9b9f163256b3adbf6725e3159f6aa631f7268bbe57bc791b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11207 x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 25C7	0 0	448ms 173ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXi2XxX3csc1Bbk6spQU-KF5mgfqJN_LUKfjOCkU0D6FPtm-XC-Myu6jR5b9Q55vO2MtfdxaPzB1ypJ36A0oEqRT3419WrB7IzWbOk5xOuIJluHvFZBGV1-1aD9o5A4zEkP7381L-0unfA8v39wlks6jqnej5vP44hD9fvSTWvKbQf8NlPJn8x_S6102TC7zVBtw-NsM5-NuDmYc6SiCnETmogS5VUPp0zI_bnZEZla4LiLeeDPTZI_s1q8volU7Ig2izjO1vt2TxomVsxHoMRxOUsZcd0t2D22QbSjTvyJDWxqruYW5Op6B2xceUKTcbvnZJf6calqj8CoZQ_BBiQIt2cmXeb8sE_D4TFJp2J&sai=AMfl-YQv1hWyGX3OQqIyRFcOCSj0mgpJw6sTizuI0Sq5LMJWUO9AhW4-zXijuePdEypYo3q0vZlub5hohEykPgw&sig=Cg0ArKJSzDwNyVPUrvyzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 26 May 2023 04:09:23 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 87F4	14 KB 11 KB	668ms 167ms	XHR application/json	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305220101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash 2451eae00ae75dedb8ec7abbe2d14360c7f8da31d38220ca8fd6143fcd814aef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11081 x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 87F4	0 0	441ms 175ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCEkGU_boa19xGuiGSWKt_T4-aDc8I4pL_X-QkBvrtasCvlgIxG-twONg8pfwXKlv3ka0NsaNUy4BRo23-y7BSqnAC6uMyL6xRttN4Gs7xlvUM-dVhxpVqr4HLj1CrZpftOyWtO2hW0EdChz3tLWCI6Xn3haAKZX65JuMZzpjPO_9287UkuLD-I2A29zlquwQjVVKEuIBbWq6TcczEGoUxwC7fxaMEIB8yaKQWJHT8otRVlZJrfRP8kuOjo1l26Qk-W33tzExE5_WG2fImn7bbVDDNisLvHnqU7vPIIcUC4pc4Hm5X5Pyl5ZcE6ePAsw0IuAwg59Ri6RlSTWCE36HXUWztLEujfvyszDoOdYQ&sai=AMfl-YTOb0KNJ-ri1WOTNxfpP03vNSPCrbW5RE1Kx2s8TQZag7OWxMfTsJ1vhB2SMMEilPrn-xbvW9wHyXTrYz4&sig=Cg0ArKJSzASdR7YbyjgkEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 26 May 2023 04:09:23 GMT
GET H2	200	container.html Show response f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8ED1	6 KB 3 KB	138ms 137ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4AFB	6 KB 3 KB	137ms 137ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:22 GMT expires Sat, 25 May 2024 04:09:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame F9B0	0 0	188ms 187ms	Fetch text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CST5y8jBwZPC3Ktei9u8PhrSeyAqj0ObUcMn4wd_WEMCNtwEQASAAYI0CggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQngAgCoAwGqBKoCT9A_JwpuDuDRNo0BkvaHmV38c0zPC68EiuLerrzjIOH_LFZ6t-hCbfWL4z2NiIL0taoGkxr0MbGyLX4NV_cCfD5rJG4PdY3NnuCuYDCJvRg8IalJAUWY0FcG8hrGEIqPjcaMNQZbOcor7XqU-vxKp1y8xaR7Zf7cwFGaUufS2oOQkybhI5TCiKItyy-jys4Sgd8IG8WK5mXQhFEuVSlmrc-AjKzABOYxJc06f1y7v5yAaWxnbfJuLBBD2kla-VLxBA-DC4epxs6Yrvm-BR4upNsCJ7EWUs-oOzU8qG5OQbqlryaRz0HW3H7HB-Q1xVgBM6HpCY8JDn08X4ZXkqc71fpXpTIup-0LZSnT9fo2a9cFyGCcr5Wz3_TlXjTnDM2wfCqKR4yzNzAwsOAEAYAGu8ak66Wy7JwuoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=gQ4lRcK3F-M&uach_m=[UACH]&cid=CAQSKQBygQiDPN9Vxj1j8MKQQHbt_D9OpMZZAdIuRrTmwlmqYlKR8q-TExTpGAE Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software / Resource Hash Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	doubleWin Show response win.eskimi.com/ Frame F9B0	43 B 99 B	145ms 144ms	Fetch image/gif	130.211.27.62 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://win.eskimi.com/doubleWin?eid=2&w=EiEKFkRfMzROX2wyWHZhZnI4LTAwSFBHdncQAhjs6PyxhTEYBSCAnL_fBTHZzvdT46WrP0F7FK5H4XqEP0i78MH-TFihjQpoAnDYnwJ4tb3VAYABBpoBG0NBRVNFT1JTQTR4dEpqaVZyU0NVal85bzNrVaIBG0NBRVNFT1JTQTR4dEpqaVZyU0NVal85bzNrVakBMzMzMzMzwz-yARkgAjoPcmFpb24gc2FjaGtoZXJlQgJnZUgBwgEnCAIQsfrSMxid1_6kByABKMeFATAFOAhYwJ5BaAFwAXgCiAECkAEBygEgZjM0ZTk2OTk1ZGRmM2ZmNWViMWJmZGUxMzhjZmUyOWPYAaf5tu_NoNu-TeEBAAAAAACAUUDqAQJ6aPAB3wyAAgE%3D&esc=false&spent=ZHAw8gAKm_AH_ZFXAAeaBngSxYfz_KUvEoIDKQ Requested by Host: www.xgcartoon.com URL: https://www.xgcartoon.com/detail/jiejiaomozu_di1jiriyu-yingjinghongming Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 62.27.211.130.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	ad-choice.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame F9B0	3 KB 2 KB	170ms 170ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.8 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Wed, 29 Nov 2023 14:20:59 GMT date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1054 cdn-cachedat 11/29/2022 14:20:59 cdn-pullzone 692289 last-modified Mon, 14 Nov 2022 14:24:28 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"63724f9c-bdd" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid fbe415308bffc84ebd471c6d235f37df cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	100968_2281127577_7cca85c4803dbba92ff5308b45ee38c2.png dsp-media.eskimi.com/upload/ Frame F9B0	69 KB 70 KB	170ms 169ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/100968_2281127577_7cca85c4803dbba92ff5308b45ee38c2.png Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 3ca80abf94089adb59b168a41da95db79d24d8563f390e62dd002cba67445068 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1049 cdn-cachedat 05/12/2023 12:37:19 cdn-pullzone 692289 content-length 70821 last-modified Fri, 12 May 2023 12:21:27 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "645e2f47-114a5" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 7598f4e12314ab1baf76e52884a45102 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Sat, 11 May 2024 12:37:19 GMT
GET H2	200	cellularTracking.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame F9B0	803 B 1 KB	170ms 168ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/cellularTracking.min.js?v=1 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 33dc14e1be2ccee701bf1afe545c0602f2723e4bf29a824332bbf55486d38b0d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Fri, 05 Jan 2024 13:19:14 GMT date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1082 cdn-cachedat 01/05/2023 13:19:14 cdn-pullzone 692289 last-modified Tue, 18 Aug 2020 12:41:28 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"5f3bcc78-323" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid ae59ed60e536de27314e41cbbfa148eb cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	utr dsp-trk.eskimi.com/ Frame F9B0	43 B 99 B	149ms 147ms	Image image/gif	34.120.139.69 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-trk.eskimi.com/utr?coId=CAESEORSA4xtJjiVrSCUj_9o3kU&e=2 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 69.139.120.34.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	bctr.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame F9B0	1 KB 1 KB	170ms 168ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/bctr.min.js?v=1.4 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 993eff878baaac385889e2599c9b0f03e76b966ab37816f7c71bc3a236190fb1 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Thu, 23 May 2024 14:29:21 GMT date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1076 cdn-cachedat 05/24/2023 14:29:21 cdn-pullzone 692289 last-modified Wed, 24 May 2023 14:13:54 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"646e1ba2-4b3" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 2a201beb4144c2e29a4d2362bc6214c8 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	cap dsp-trk.eskimi.com/ Frame F9B0	43 B 99 B	149ms 147ms	Image image/gif	34.120.139.69 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-trk.eskimi.com/cap?id=CAESEORSA4xtJjiVrSCUj_9o3kU&dc=5&tz=%2B04:00&sgid=20666415163&pid=1956621213&cid=165537&crid=1068864 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 69.139.120.34.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame F9B0	3 KB 1 KB	157ms 155ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 17:46:04 GMT content-encoding br x-content-type-options nosniff age 37399 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Jun 2023 17:46:04 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame F9B0	19 KB 8 KB	137ms 135ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software cafe / Resource Hash 8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 14:12:57 GMT content-encoding br x-content-type-options nosniff age 50186 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7987 x-xss-protection 0 server cafe etag 5788035530912182302 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Jun 2023 14:12:57 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F9B0	24 KB 6 KB	146ms 145ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 14:52:15 GMT content-encoding br x-content-type-options nosniff age 566228 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 18 May 2024 14:52:15 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F9B0	171 KB 53 KB	152ms 151ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54244 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684927996807358" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 26 May 2023 04:09:23 GMT
GET H3	200	trv dsp-trk.eskimi.com/ Frame E2D6	43 B 54 B	148ms 148ms	Image image/gif	34.120.139.69 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-trk.eskimi.com/trv?bId=1685074161822.2.PYSq8CsH4NW8hWpj5JvcFg&trve=0&trv=0&src=utr&_=1685074163366 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 69.139.120.34.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H3	200	trv dsp-trk.eskimi.com/ Frame E2D6	43 B 54 B	149ms 149ms	Image image/gif	34.120.139.69 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-trk.eskimi.com/trv?bId=1685074161822.2.PYSq8CsH4NW8hWpj5JvcFg&trve=1&trv=0&src=utr&_=1685074163366 Requested by Host: 03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com URL: https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 69.139.120.34.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:22 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	gtr Show response dsp-ap.eskimi.com/v2/ Frame E2D6	731 B 1 KB	446ms 153ms	XHR application/json	35.186.201.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dsp-ap.eskimi.com/v2/gtr?&t=1685074163367 Requested by Host: dsp-media.eskimi.com URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 99.201.186.35.bc.googleusercontent.com Software / Resource Hash 4065ee70b816b4794a76cdf8c34ee1b6f4e4a14333c0fbecceb4b01c000377f6 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com date Fri, 26 May 2023 04:09:23 GMT cache-control no-cache access-control-allow-credentials true via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type application/json
GET H2	200	adchoice_logo_15x15_v2.png dsp-media.eskimi.com/upload/wl/eskimi/ Frame F9B0	360 B 832 B	156ms 156ms	Image image/png	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15_v2.png?_=2.1.0.8 Requested by Host: dsp-media.eskimi.com URL: https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cdn-requestpullsuccess True date Fri, 26 May 2023 04:09:23 GMT cdn-edgestorageid 1047 cdn-cachedat 02/28/2023 09:40:28 cdn-pullzone 692289 content-length 360 last-modified Tue, 28 Feb 2023 09:21:44 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "63fdc7a8-168" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 cache-control public, max-age=31536000 cdn-requestid 262bcff9b25ada9da3cba9dcfb4f8f69 accept-ranges bytes cdn-requestcountrycode GE cdn-status 200 expires Wed, 28 Feb 2024 09:40:28 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 821C	624 B 577 B	444ms 150ms	Document text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYtb215gEwAQ&v=APEucNX0AOW5iDsyO4RDrl4Ri5z3XDGws7sylKZIt5yLVLWtt0ZVWd_b4Fz9W5VR_PXxz_qGQPG3iDe7OClVkmz9663qRsK1wA Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f98.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:23 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 8ED1	78 KB 28 KB	441ms 159ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Fri, 26 May 2023 04:09:23 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8ED1	42 B 110 B	536ms 255ms	Image image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AiBflx7Bcmxitnt_6nY8tLj9eY9CCe7oyWEEk7vZfetlKPSOWMt9KIWfUQ8F-EZBttM572dQm7kJ7A5cBGxDqKrB0fJPBBwbFmrxT2PxVGjRJNpjA Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8ED1	0 121 B	535ms 254ms	Image image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13286933064471041933&x=1&ct=77 Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 8ED1	3 KB 1 KB	142ms 141ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 17:46:04 GMT content-encoding br x-content-type-options nosniff age 37399 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Jun 2023 17:46:04 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 8ED1	19 KB 8 KB	143ms 142ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software cafe / Resource Hash 8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 14:12:57 GMT content-encoding br x-content-type-options nosniff age 50186 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7987 x-xss-protection 0 server cafe etag 5788035530912182302 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Jun 2023 14:12:57 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 8ED1	0 0	437ms 143ms	Image text/html	142.250.74.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWs8Hmv-LCJg20fV23K2Vjc-EuiK_Jnjm9PnK4dVCZep3hEAdNPBWJ6j4S4UUHejBghyVISfvB5l1kCJRf_EpgIytEVw Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.196 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8ED1	171 KB 53 KB	151ms 151ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54244 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684927996807358" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 26 May 2023 04:09:23 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 4AFB	22 KB 9 KB	161ms 160ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software cafe / Resource Hash 551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 14:19:04 GMT content-encoding br x-content-type-options nosniff age 49819 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8798 x-xss-protection 0 server cafe etag 11317101923912129037 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Jun 2023 14:19:04 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4AFB	8 KB 1 KB	436ms 148ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash 98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 26 May 2023 04:09:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 26 May 2023 02:39:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 May 2023 04:09:23 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 4AFB	15 KB 3 KB	440ms 139ms	Stylesheet text/css	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software sffe / Resource Hash 7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 May 2023 05:06:06 GMT content-encoding gzip x-content-type-options nosniff age 255797 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2883 x-xss-protection 0 last-modified Wed, 17 May 2023 00:43:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 May 2024 05:06:06 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 4AFB	371 KB 127 KB	440ms 140ms	Script text/javascript	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software sffe / Resource Hash 464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 May 2023 16:50:02 GMT content-encoding gzip x-content-type-options nosniff age 213561 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 130330 x-xss-protection 0 last-modified Wed, 17 May 2023 00:43:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 May 2024 16:50:02 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 4AFB	19 KB 8 KB	188ms 187ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software cafe / Resource Hash 8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 May 2023 14:12:57 GMT content-encoding br x-content-type-options nosniff age 50186 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7987 x-xss-protection 0 server cafe etag 5788035530912182302 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 08 Jun 2023 14:12:57 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 4AFB	0 0	432ms 145ms	Image text/html	142.250.74.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlR-9YvWFHIeoaETb4xlJqiNFnSrvHQViNcaPXTYMslQbL734S15OK8Ohz7zrlI9FwPea41HZy6hUcz2UdQq4RjAmyAg Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.196 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	col dsp-trk.eskimi.com/ Frame F9B0	43 B 54 B	148ms 147ms	Image image/gif	34.120.139.69 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-trk.eskimi.com/col?u=CAESEORSA4xtJjiVrSCUj_9o3kU&exid=xhW1L_K0q4EzRFmA-OCL4CL591C8eT14C5JIOXt5I8BvQd33lJhg69udjQZp30yc&exidtmp=1&ct=0&cntr=ge&ipl=1542442496&op=0&conn=0&extid=2 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 69.139.120.34.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	utr.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame F9B0	10 KB 5 KB	185ms 185ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/utr.min.js?vv=0&trv=0&trve=0&src=utr&bId=1685074162796.2.D_34N_l2Xvafr8-00HPGvw&baId=ead-ecc28caf55c9d4949f77ae76cd0a0d97&mr=0 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash 7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 25 May 2024 04:09:23 GMT date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1076 cdn-cachedat 05/26/2023 04:09:23 cdn-pullzone 692289 last-modified Thu, 01 Dec 2022 09:59:55 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"63887b1b-29ad" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache MISS cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid a96198815f37dba2b0bc78cc52727d42 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	gtr.min.js Show response dsp-media.eskimi.com/assets/js/e/ Frame F9B0	6 KB 3 KB	156ms 156ms	Script application/javascript	169.150.247.39 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-169-150-247-39.datapacket.com Software BunnyCDN-DE1-1082 / Resource Hash c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Tue, 27 Feb 2024 09:17:18 GMT date Fri, 26 May 2023 04:09:23 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 1082 cdn-cachedat 02/27/2023 09:17:18 cdn-pullzone 692289 last-modified Fri, 24 Feb 2023 12:08:35 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"63f8a8c3-19cc" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid ce2848ff-13c5-49e5-873d-af24ad423612 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 749934621073936973dac2ce9617ce48 cdn-requestcountrycode GE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 3346	1 KB 1001 B	411ms 135ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 75683 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 May 2023 07:08:00 GMT etag 48472445140208031 expires Fri, 26 May 2023 07:08:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame F9B0	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 448a14fd5a2c1fbb17da3a7774b9cb570039fdf4b3624eb0c62e1924cc75abb1 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 25C7	17 KB 6 KB	154ms 154ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 26 May 2023 04:09:23 GMT
GET H2	200	gtr Show response dsp-ap.eskimi.com/v2/ Frame F9B0	731 B 1 KB	150ms 150ms	XHR application/json	35.186.201.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dsp-ap.eskimi.com/v2/gtr?&t=1685074163700 Requested by Host: dsp-media.eskimi.com URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 99.201.186.35.bc.googleusercontent.com Software / Resource Hash 3a11c6fd164d50ea93a98293b73f2f8729e279b370c4fc655c376e876b409666 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com date Fri, 26 May 2023 04:09:23 GMT cache-control no-cache access-control-allow-credentials true via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type application/json
GET H3	200	trv dsp-trk.eskimi.com/ Frame F9B0	43 B 54 B	149ms 149ms	Image image/gif	34.120.139.69 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-trk.eskimi.com/trv?bId=1685074162796.2.D_34N_l2Xvafr8-00HPGvw&trve=0&trv=0&src=utr&_=1685074163732 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 69.139.120.34.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H3	200	trv dsp-trk.eskimi.com/ Frame F9B0	43 B 54 B	148ms 148ms	Image image/gif	34.120.139.69 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dsp-trk.eskimi.com/trv?bId=1685074162796.2.D_34N_l2Xvafr8-00HPGvw&trve=1&trv=0&src=utr&_=1685074163732 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 69.139.120.34.bc.googleusercontent.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 87F4	17 KB 6 KB	155ms 155ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 26 May 2023 04:09:23 GMT
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame E2D6 Redirect Chain https://eu-u.openx.net/w/1.0/sd?id=539901412&val=310745b1-ac71-4c51-b9c2-9b2610268c46&gdpr=0&gdpr_consent= https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=310745b1-ac71-4c51-b9c2-9b2610268c46&gdpr=0&gdpr_consent=	43 B 106 B	162ms 160ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=310745b1-ac71-4c51-b9c2-9b2610268c46&gdpr=0&gdpr_consent= Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=310745b1-ac71-4c51-b9c2-9b2610268c46&gdpr=0&gdpr_consent= date Fri, 26 May 2023 04:09:24 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	200	match a4p.adpartner.pro/ssp/ Frame E2D6	43 B 458 B	524ms 165ms	Image image/gif	137.74.6.209 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://a4p.adpartner.pro/ssp/match?dsp_id=27&user_id=310745b1-ac71-4c51-b9c2-9b2610268c46 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR), Reverse DNS app-ngx-pl-02.adpartner.pro Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT last-modified Fri, 26 May 2023 04:09:24 GMT server nginx content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform content-length 43 expires Wed, 11 Nov 1998 11:11:11 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame E2D6	170 B 318 B	150ms 146ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=310745b1-ac71-4c51-b9c2-9b2610268c46 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame E2D6	42 B 786 B	582ms 151ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=310745b1-ac71-4c51-b9c2-9b2610268c46&expires=30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 37b22a0c36bd84993dd2cda4a5e04b1d P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	/ csync.loopme.me/ Frame E2D6	0 128 B	466ms 149ms	Image text/plain	35.214.153.92 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://csync.loopme.me/?partner_id=2157&gdpr=0&gdpr_consent=&uid=310745b1-ac71-4c51-b9c2-9b2610268c46 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.214.153.92 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 92.153.214.35.bc.googleusercontent.com Software _ / Resource Hash Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT server _
GET H2	200	sync x.bidswitch.net/ul_cb/ Frame E2D6 Redirect Chain https://x.bidswitch.net/sync?dsp_id=364&user_id=310745b1-ac71-4c51-b9c2-9b2610268c46&expires=30&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=310745b1-ac71-4c51-b9c2-9b2610268c46&expires=30&gdpr=0&gdpr_consent=	43 B 345 B	141ms 141ms	Image image/gif	18.185.140.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=310745b1-ac71-4c51-b9c2-9b2610268c46&expires=30&gdpr=0&gdpr_consent= Protocol H2 Server 18.185.140.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-140-51.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers location https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=310745b1-ac71-4c51-b9c2-9b2610268c46&expires=30&gdpr=0&gdpr_consent= date Fri, 26 May 2023 04:09:24 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	/ s-cs.rmp.rakuten.com/ Frame E2D6	43 B 275 B	461ms 163ms	Image image/gif	34.95.81.88 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://s-cs.rmp.rakuten.com/?d=23&uid=310745b1-ac71-4c51-b9c2-9b2610268c46 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 88.81.95.34.bc.googleusercontent.com Software / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 content-type image/gif
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame F9B0 Redirect Chain https://eu-u.openx.net/w/1.0/sd?id=539901412&val=cf0f61fa-091a-41ca-abf1-27692bd500b3&gdpr=0&gdpr_consent= https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=cf0f61fa-091a-41ca-abf1-27692bd500b3&gdpr=0&gdpr_consent=	43 B 180 B	160ms 158ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=cf0f61fa-091a-41ca-abf1-27692bd500b3&gdpr=0&gdpr_consent= Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://eu-u.openx.net/w/1.0/sd?cc=1&id=539901412&val=cf0f61fa-091a-41ca-abf1-27692bd500b3&gdpr=0&gdpr_consent= date Fri, 26 May 2023 04:09:24 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	200	match a4p.adpartner.pro/ssp/ Frame F9B0	43 B 457 B	491ms 166ms	Image image/gif	137.74.6.209 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://a4p.adpartner.pro/ssp/match?dsp_id=27&user_id=cf0f61fa-091a-41ca-abf1-27692bd500b3 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR), Reverse DNS app-ngx-pl-02.adpartner.pro Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT last-modified Fri, 26 May 2023 04:09:24 GMT server nginx content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform content-length 43 expires Wed, 11 Nov 1998 11:11:11 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame F9B0	170 B 233 B	146ms 145ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=cf0f61fa-091a-41ca-abf1-27692bd500b3 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame F9B0	42 B 787 B	576ms 152ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=cf0f61fa-091a-41ca-abf1-27692bd500b3&expires=30 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 5b959e9b7aef6dd90a6fa539ca64ac62 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	/ csync.loopme.me/ Frame F9B0	0 155 B	433ms 148ms	Image text/plain	35.214.153.92 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://csync.loopme.me/?partner_id=2157&gdpr=0&gdpr_consent=&uid=cf0f61fa-091a-41ca-abf1-27692bd500b3 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.214.153.92 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 92.153.214.35.bc.googleusercontent.com Software _ / Resource Hash Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT server _
GET H2	200	sync x.bidswitch.net/ul_cb/ Frame F9B0 Redirect Chain https://x.bidswitch.net/sync?dsp_id=364&user_id=cf0f61fa-091a-41ca-abf1-27692bd500b3&expires=30&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=cf0f61fa-091a-41ca-abf1-27692bd500b3&expires=30&gdpr=0&gdpr_consent=	43 B 345 B	141ms 141ms	Image image/gif	18.185.140.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=cf0f61fa-091a-41ca-abf1-27692bd500b3&expires=30&gdpr=0&gdpr_consent= Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Server 18.185.140.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-140-51.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers location https://x.bidswitch.net/ul_cb/sync?dsp_id=364&user_id=cf0f61fa-091a-41ca-abf1-27692bd500b3&expires=30&gdpr=0&gdpr_consent= date Fri, 26 May 2023 04:09:24 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	/ s-cs.rmp.rakuten.com/ Frame F9B0	43 B 210 B	430ms 164ms	Image image/gif	34.95.81.88 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://s-cs.rmp.rakuten.com/?d=23&uid=cf0f61fa-091a-41ca-abf1-27692bd500b3 Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 88.81.95.34.bc.googleusercontent.com Software / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers accept-language ka-GE,ka;q=0.9 Referer https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:23 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 content-type image/gif
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BFE	13 KB 5 KB	143ms 141ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 35210 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 25 May 2023 18:22:33 GMT expires Fri, 24 May 2024 18:22:33 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 4B17	783 B 999 B	165ms 163ms	Document text/html	142.250.74.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.196 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f4.1e100.net Software GSE / Resource Hash 39fa9fbdf6edb8d55c7dd2862d2aff2ec2109c36ba263e9dad933b250206c6fe Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eYTDJrXzLNX6gtdLCMNo2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-eYTDJrXzLNX6gtdLCMNo2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:23 GMT expires Fri, 26 May 2023 04:09:23 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame C438	13 KB 5 KB	143ms 142ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 35211 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 25 May 2023 18:22:33 GMT expires Fri, 24 May 2024 18:22:33 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 43B4	783 B 762 B	147ms 146ms	Document text/html	142.250.74.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.196 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f4.1e100.net Software GSE / Resource Hash b3ad236f28af403c53e1d64061159ae52315300b8dd7e550c9eb8242f6ac090d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8LFo_rJuJsmahXkufmJEHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-8LFo_rJuJsmahXkufmJEHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:24 GMT expires Fri, 26 May 2023 04:09:24 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3346 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEKGfPnN7-3dGhDpxEykIbL8&google_cver=1&google_push=ATf1kGOH3u-_HnnTqgQmBGnbd0iXkuupidbj8GppcwiLsfjEFdeBkcEBCHsYy519GKLOCcPIcowXL5Wj77S1coui... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAF-eDo_SAyu9irfH0RUoQ2&google_push=ATf1kGOH3u-_HnnTqgQmBGnbd0iXkuupidbj8GppcwiLsfjEFdeBkcEBCHsYy519GKLOCcPIcowXL5Wj77S1couiCV4UCci_XEU	170 B 188 B	160ms 158ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAF-eDo_SAyu9irfH0RUoQ2&google_push=ATf1kGOH3u-_HnnTqgQmBGnbd0iXkuupidbj8GppcwiLsfjEFdeBkcEBCHsYy519GKLOCcPIcowXL5Wj77S1couiCV4UCci_XEU Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 26 May 2023 04:09:24 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAF-eDo_SAyu9irfH0RUoQ2&google_push=ATf1kGOH3u-_HnnTqgQmBGnbd0iXkuupidbj8GppcwiLsfjEFdeBkcEBCHsYy519GKLOCcPIcowXL5Wj77S1couiCV4UCci_XEU x-host tde-deliveryengine-production-575784b66-thz6z alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3346 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPbJaxV04zVN0iTBu-vZZ6g&google_cver=1&google_push=ATf1kGMpUW13OiOD-2C19-TXpo5IXmI8SjV4cjhp3NMHeoJKc9Jb10H_sRhnu3kbHjlYflTVv1q8i6hb8_vwOgtlz7vWEej... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMpUW13OiOD-2C19-TXpo5IXmI8SjV4cjhp3NMHeoJKc9Jb10H_sRhnu3kbHjlYflTVv1q8i6hb8_vwOgtlz7vWEejdt_I&google_hm=eS1Ed1hzY0R0RTJwRmRZOEh...	170 B 188 B	160ms 155ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMpUW13OiOD-2C19-TXpo5IXmI8SjV4cjhp3NMHeoJKc9Jb10H_sRhnu3kbHjlYflTVv1q8i6hb8_vwOgtlz7vWEejdt_I&google_hm=eS1Ed1hzY0R0RTJwRmRZOEhUTFNrc2lzRkk0cm04Z2N0Z35B Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 26 May 2023 04:09:24 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMpUW13OiOD-2C19-TXpo5IXmI8SjV4cjhp3NMHeoJKc9Jb10H_sRhnu3kbHjlYflTVv1q8i6hb8_vwOgtlz7vWEejdt_I&google_hm=eS1Ed1hzY0R0RTJwRmRZOEhUTFNrc2lzRkk0cm04Z2N0Z35B content-length 0
GET		google d5p.de17a.com/cookies/ Frame 3346	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3346 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESECK7G_EdEC8taLqRgux4fjY&google_cver=1&google_push=ATf1kGM82zNcMZxS3NInjPGPWsKQWs1LpAiuth2MZdldX0YG5rAR1rs2RmGNAUuBdO6yA_Pp8Sas4QTCcJxhoiN4uuNGcUBZnic https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESECK7G_EdEC8taLqRgux4fjY&google_push=ATf1kGM82zNcMZxS3NInjPGPWsKQWs1LpAiuth2MZdldX0YG5rAR1rs2RmGNAUuBdO6yA_Pp8Sas4QTCcJxhoiN4uuNGcUBZnic&o... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGM82zNcMZxS3NInjPGPWsKQWs1LpAiuth2MZdldX0YG5rAR1rs2RmGNAUuBdO6yA_Pp8Sas4QTCcJxhoiN4uuNGcUBZnic&google_hm=xDuL2dkHxzEsUrGpzOTCgw==	170 B 188 B	160ms 154ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGM82zNcMZxS3NInjPGPWsKQWs1LpAiuth2MZdldX0YG5rAR1rs2RmGNAUuBdO6yA_Pp8Sas4QTCcJxhoiN4uuNGcUBZnic&google_hm=xDuL2dkHxzEsUrGpzOTCgw== Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT via 1.1 google content-type text/html; charset=utf-8 location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGM82zNcMZxS3NInjPGPWsKQWs1LpAiuth2MZdldX0YG5rAR1rs2RmGNAUuBdO6yA_Pp8Sas4QTCcJxhoiN4uuNGcUBZnic&google_hm=xDuL2dkHxzEsUrGpzOTCgw== p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 228
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3346 Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPmuTTPbuutQ2qjNOjP7ap0&google_cver=1&google_push=ATf1kGM1PRc4qAXQcvm6aaciVE9lS6NAFm4lIaLz_5_dH1qXdQgspurW-hBsmrtLfToZdTlZKpiMbL8ZmRy6TUnr3... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPmuTTPbuutQ2qjNOjP7ap0&google_cver=1&google_push=ATf1kGM1PRc4qAXQcvm6aaciVE9lS6NAFm4lIaLz_5_dH1qXdQgspurW-hBsmrtLfToZdTlZKpiMbL8ZmRy6TUnr3... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGM1PRc4qAXQcvm6aaciVE9lS6NAFm4lIaLz_5_dH1qXdQgspurW-hBsmrtLfToZdTlZKpiMbL8ZmRy6TUnr3Ej7FnSnGg&google_hm=GtUZsGZHyO3yq49cR9SHMkpA	170 B 188 B	156ms 151ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGM1PRc4qAXQcvm6aaciVE9lS6NAFm4lIaLz_5_dH1qXdQgspurW-hBsmrtLfToZdTlZKpiMbL8ZmRy6TUnr3Ej7FnSnGg&google_hm=GtUZsGZHyO3yq49cR9SHMkpA Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 26 May 2023 04:09:24 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGM1PRc4qAXQcvm6aaciVE9lS6NAFm4lIaLz_5_dH1qXdQgspurW-hBsmrtLfToZdTlZKpiMbL8ZmRy6TUnr3Ej7FnSnGg&google_hm=GtUZsGZHyO3yq49cR9SHMkpA Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3346 Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGHEmwbMZBkntyp1yTHHPys&google_cver=1&google_push=ATf1kGP_vdguGWzQ-KqkTvYR0YHRthThuUyuBiqILTpj5jRBBQYMqywJzep_zMSHb95rGrIVuROFEZE17pJiw1Fz... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d81fb9f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGP_vdguGWzQ-KqkTvYR0YHRthThuUyuBiqILTpj5jRBB...	170 B 188 B	167ms 164ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d81fb9f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGP_vdguGWzQ-KqkTvYR0YHRthThuUyuBiqILTpj5jRBBQYMqywJzep_zMSHb95rGrIVuROFEZE17pJiw1FzAIWmm_GU4g Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 26 May 2023 04:09:24 GMT via 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P2 x-cache FunctionGeneratedResponse from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d81fb9f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGP_vdguGWzQ-KqkTvYR0YHRthThuUyuBiqILTpj5jRBBQYMqywJzep_zMSHb95rGrIVuROFEZE17pJiw1FzAIWmm_GU4g cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id xYDul7DrHzYxR5nARfGpOrEMfZAwPNsnavlZg-7Iq1if3GtfRsEnwA==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3346 Redirect Chain https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEKg8aFH66ONpj7a9hFZ2oFo&google_cver=1&google_push=ATf1kGPZ3AdBKFzy8XgngF75ZEe9PU6E4eS11gVpv_D3HL64cNCARfdOU9i7kjMQnt2o1_rBIGPTS... https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEKg8aFH66ONpj7a9hFZ2oFo&google_push=ATf1kGPZ3AdBKFzy8XgngF75ZEe9PU6E4eS11gVpv_D3HL64cNCARfdOU9i7kjMQnt2o1_rBIGPTS... https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPZ3AdBKFzy8XgngF75ZEe9PU6E4eS11gVpv_D3HL64cNCARfdOU9i7kjMQnt2o1_rBIGPTSq5cUbPpxBq_c4F2Uw5KYNA&google_hm=SzVsMHBwQ0cxUzd2N...	170 B 188 B	153ms 153ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPZ3AdBKFzy8XgngF75ZEe9PU6E4eS11gVpv_D3HL64cNCARfdOU9i7kjMQnt2o1_rBIGPTSq5cUbPpxBq_c4F2Uw5KYNA&google_hm=SzVsMHBwQ0cxUzd2NmlPVUpkRUE= Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 26 May 2023 04:09:25 GMT Content-Type text/html; charset=utf-8 Location https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGPZ3AdBKFzy8XgngF75ZEe9PU6E4eS11gVpv_D3HL64cNCARfdOU9i7kjMQnt2o1_rBIGPTSq5cUbPpxBq_c4F2Uw5KYNA&google_hm=SzVsMHBwQ0cxUzd2NmlPVUpkRUE= P3p CP="We do not support P3P header." Cache-Control no-cache, no-store, must-revalidate Content-Length 239 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 3346	0 12 B	160ms 157ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwLl1T9na8nMI8HZk7MTI_ZttAGEkc-uAbl42Sy5F0LbYqtX4-klAMx2EARk2f9O-kbqMrIg Requested by Host: 0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com URL: https://0b99b4c4489448f808a0bdd02edc77d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 821C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1&C=1	43 B 632 B	142ms 140ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYtb215gEwAQ&v=APEucNX0AOW5iDsyO4RDrl4Ri5z3XDGws7sylKZIt5yLVLWtt0ZVWd_b4Fz9W5VR_PXxz_qGQPG3iDe7OClVkmz9663qRsK1wA Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 26 May 2023 04:09:24 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Fri, 26 May 2023 04:09:24 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 0 Expires 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 821C Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHAw9B9ONt4I1kd40uhnewAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1	43 B 632 B	149ms 148ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYtb215gEwAQ&v=APEucNX0AOW5iDsyO4RDrl4Ri5z3XDGws7sylKZIt5yLVLWtt0ZVWd_b4Fz9W5VR_PXxz_qGQPG3iDe7OClVkmz9663qRsK1wA Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 26 May 2023 04:09:24 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFk8vPd1Nuj_sL3TcqYsfbw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 821C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESECnZ-KK2C6vv8dJbFDf4zK0&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECnZ-KK2C6vv8dJbFDf4zK0%26google_cver%3D1	43 B 1 KB	143ms 141ms	Image image/gif	37.252.171.149 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECnZ-KK2C6vv8dJbFDf4zK0%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYtb215gEwAQ&v=APEucNX0AOW5iDsyO4RDrl4Ri5z3XDGws7sylKZIt5yLVLWtt0ZVWd_b4Fz9W5VR_PXxz_qGQPG3iDe7OClVkmz9663qRsK1wA Protocol HTTP/1.1 Server 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 26 May 2023 04:09:24 GMT AN-X-Request-Uuid 9f80a73c-3856-4ca2-b182-4db4b6292193 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 91.239.206.150; 91.239.206.150; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 26 May 2023 04:09:24 GMT AN-X-Request-Uuid 817732a6-1b1f-4b39-a8c1-43295b6ebd26 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECnZ-KK2C6vv8dJbFDf4zK0%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 91.239.206.150; 91.239.206.150; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 821C Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5NDIxOTI3NzA4NDE4Nzc3MA%3D%3D	170 B 188 B	157ms 156ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5NDIxOTI3NzA4NDE4Nzc3MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYtb215gEwAQ&v=APEucNX0AOW5iDsyO4RDrl4Ri5z3XDGws7sylKZIt5yLVLWtt0ZVWd_b4Fz9W5VR_PXxz_qGQPG3iDe7OClVkmz9663qRsK1wA Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 26 May 2023 04:09:24 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 91.239.206.150; 91.239.206.150; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 7a28c874-dd5d-4905-ae45-2f1e3c6e5b74 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5NDIxOTI3NzA4NDE4Nzc3MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame 4B17	0 0	177ms 175ms	Image text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305220101&jk=1614395051774453&rc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js Show response pagead2.googlesyndication.com/bg/ Frame 9BFE	38 KB 15 KB	139ms 138ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software sffe / Resource Hash 3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 May 2023 14:38:59 GMT content-encoding br x-content-type-options nosniff age 221425 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14781 x-xss-protection 0 last-modified Mon, 22 May 2023 09:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 22 May 2024 14:38:59 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8ED1	0 56 B	174ms 174ms	Ping image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9838792766011&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8ED1	0 56 B	171ms 171ms	Ping image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9838792766011&version=m202301230201&ct=77&x=1&cor=13286933064471042000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 8ED1	15 KB 11 KB	175ms 174ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4o1f-IczU3CsP-TcyHOi8XTwAsNEFWhSy45Hl3EMl1yTTz73QgnEgEBlUX4nycjNSwbVUjsVJYCAVZjIMTHeQMRALvsEE57mrsoSjoNMtHNfeliI24bHwbZet5dF37sF9mUyCCw-UAC605VYABobRLReD4xsVp9WCRLpP4ohO3TWHx_U&cry=1&dbm_d=AKAmf-AgmnGieYmiZKFcc8CdMw4JKfHWN--yR5W75_inM4r7zR8kMvDZDN8QSidUIcn7zMkukWTmdaXdTRIPEgqn9RvmLeKWY-pCGE5AWOKiSPTnY7yBj6Z39bGb4KqFGR9oG63yB46dsX86WORTTvd82E-hLO9iDvv_H48okj0Ova3sNPZ7mwijqTQEJyTRxi5nHAowuTbsQcTiwpv6EclCYB2oKnrobsRrAPoxM9nBbcz8NcoxHzPgt7RetXGsp3YQ-14ApBtfVoMhE-suGUxLJGYunso3hlqqCIo2dx2eJeeKoHidEs10NqNAIawwIVew_SvFrtRkbhY7oyyS78upVg02uuLVpXW7GM4QvQ4fYY8uiYT-Uk6SC0VqQAj_lBFSuFVvY1en0WveqJOpJ2Rdo3Vzchk2eVg8A40Wsa-ctb0m9JzLki3J-WtABMPE61hmoZHYFezX8u0oIi70pC5N2S7d9pBfxFIZQYsGmIZd0AwLeVe6LIMchVrBA3Ov0BPk-jcW8uK3sGVoyfwjmuVUBCQE8aivroWuQf83d08IVs6pD57bdllnvOorZJ93lwidngkiSY_ILCFudTVtrIasGJ9LS5jqTTbH1dn3icN-4dUFo918CfmfnNTjkaOgBsEy6GdMmy5hf8NAjjCBtYskqdqMzQwPGNDYBIO2eC6H-yORG0NSQoae47mogpP4SlAebQdsWpwxvRreiezbBubpVvZvLJQmWjQc7_oZlOseebYFNjXB6Xu9oyFQLdp2aZOoARMyEr-hyKI7_at59WURrAyQVObmNMdwT1RRG_OlqFaLDvzUe6O7q6q3xicwg5J38QQsgjaBAriJZCEVmxr5jcHFaOOG4tleJtHZhzeFTbSTUwoE74XKNI9eNmfvt-cAuYyQUAmZOu-Cpyw2_E845q-XiiL-qhZhmhmAbDH_TSfkCSXRXVoxOR9zsG0yCnryj1QP1kxDhnZlk7b0wlzB8v36_pCs1keuexu49qZHl1RbFaMmZVZpaweE4P1UwmeJkCBqkf8dRoYDKX2wtxxYp-l8oigVpOMoJNhpi0WOzts0b5pxBv9kecN9Ur5T6PT75KdAQa5rv1kTIfT5EDAMRA5F7xT_ldLLOx4uJjbUEscUHY5MjKCbgNTmZH6DVuKCf9ND2ZAUrLX-9vfKgY5xHKFVTeb1FlFJYdNr6nem5IYcgR3S_gtPZOOYNAzw_GKbr55ObcFGDU_xzFyIyTaR2Je6FxRGHXtEatba3PtY1WXw_upPFeqZsOzetOSrLEaZ1YsuZodUWZjYK7rFy2j8c8X--iSntZ5n8-NwDw4rItO7mKvIcBUVB-tWEh7qbaRGD9TYwXv4IKyoHyNqF-FJq2G_aypq6R0-lCwn8_kUygXjSiihkNpiCUKcT-vvAT1bHaf-SW0hiDiI9_IuadxhB9_HWpH1wBt-ZZ-PV3Q7OQXZEJVhwmr7Te1Hy2bC3C1kKKwKrXpaVh7evHfbCXg6Z9NxFkEVXfRPDDw0AY80Tus9811ft6bJVeT1Zdre5Oin94XR4Pi52BrnuB-sy9EvIxg2dUQzlJmedCJ2Wy3sQcDYCjlm4tyjTQ4W31BOTvIgfAx3kGbFj1dNqjPR_nC4P1LqLtt9LevGRQBrD6ONVOyooINFrOh9vU2SmyDej1drPv3X1Hh0zZ5IwvcCNwzYKCFFjCE2WhqTPH5hvg1BP-6KfLdHWOkikmUJOAUlgMpmlf8cjNGiwNozDeyHg3dCaBsMlzbH4LDjZtLbos6hcxennuL6mXuqP63qRglOfxTsol6I_EG6Fa3k8y6t_w2pgsu8cw7T-TfdIVTy6gPqU22t6Guyk65PNTQxrnuRLFuA-9Ex3JdTViro3PTQ8SOgfhJoIDIcl3X6H_JcxsUwXBuANPUZlPXISvOkrYzmLqOjgTxY4Ydy5SEPWHROo_ub_c89KB0FEl-JFLsxT1tdKdC3ht_YbeJMPIQR8_QgDWk4UT682VW9tF-XG7WuGEz8vg5EGpLOPHPcb4c3PlBjM08X3vOd6h1IifuriCqIgVmRUaJEWIBNPmo3O1R4OC4pWnpTp7AZyvZKa_vSx_jzhOeet_i9G8HXGjme8M9LfNgAAUCDx_Z8Ghr3-eUbvhOduxc_cgSJTKggElWoNRyty_DSg5k6AT_EMOWAEjOmV4sGfolNCyj3TRXJjS_69VnN1pvfYms5TJsRkSzp_7jeKhk5tlGDxpFXfvsv-wH3ONZbDQIiJPTtjX26VY1UxXiCcY2SZDv3OTLI17HBYApU1_iHFoABMSp83NJj2tr22owaelqjdTTLBmohbDz2TbmZR9DVktAWT08XJzkxOEdLlW0IvM9_cA6KmnS_UqUPO9zgV6_QcTDMkyfVa0Gf3Bf3fKlS7Oz2KsdB16k7cEpEQtPRpMcljaVKuDR-hwY6WBJOX8mNTmx7KMNBOrm_zWUg2HHh4NcCQSeb9atqyicIXwqKF6MMkMqAt6-Ut8tklfnVpFp_Vfblq6f6cqBlS1Pklxe22nv5NvRmaOhYrGbfdIasBsGajOQTrNKcZEzX2wofK_8jZ7WxnpeG3uz2e5lfap-VbHdIb3kSu08HE5fBlhjZORh0XRe7GAkSuCOCDeto-T4PM7m0WfygUwv3rKelIHQwn1OQ6pRj_-K0ZOPUj90jBQywSNz5HU3uRpSknqzRaoJAxa6Ol2lRYSZGD4DOgW0duBHxGzeCDGhLj7cK_xpKW2pu9qxNq_whXKiKt0kHiMhOYaocXosTBoQzgDPbMNlEKJDtG9yNhN7k3xIHBJ_SOI-XWDSg6UZeh6f_YIJXzmdhprfoKSBv0UOEx3wY3j2qtFGu-rxDaGOK7GgnNVYXdW2TiaCM3yjKZ2O7dV6Scra4_50BbJLclwOLuj06gAPqedmyCFKN5R0XYJeieHRA_SaSuq1aTKTHjYDpQdBnd5l81WGs5KHIzSfoTPyvT_thozDXJTJsTwPyhkJj9Ils2IsgwS3d3-w-iVUJkNn3LyM9OpVPtB2UhzKKvQ8UNy1MVSztw0TZxD8p76To6P-yuAzct9AtEXXeRmHRbLSnhgqU1gGcWmCsbyfJWLo7r3YnL3cJa2V0krNSZLKpOv0-EVKZT20GrhZQZo4zQREcI_eH7tKMTS60vElTo596oKhLpkR_p0lk8ZuPrSiTkyk77r1ynKD_py_DrbBzxu4Q9Pvnjvq4omM1NoAGWM8j9IDgxPUKgDLbm49CdtxMC3HNqn_dUXJRqhXEC9ihdFBjWtffuXyYrxgV5LZNxw7o-OYHqulhnKX0ZTLKM_G7izawDnA8GhgSXaEmkGHALNsqreQd0fEyvLRkk_fOrE9cXXt8TWkSrErO4OofwPJqBKlWHmaIuitkZvqm6OjYZY831LpFX5wuoY5a6uJw2b3HN4sh8GGZmDHXlOTMqYf262gp41iT9CZXsK9_zedjhGEmyHozB7hofiAHcMDTbwHmphs39CyCzdSgq7KcqzXI97dURNdyI8c1WhxejvUgXVQEuLTV4JAXF7K5FIZJ2FLCB70R92KHhhIs0BIUWQ9e3kgMlBPfZm7xS-M_tuYSjuS6dr9lpETHT4Clt-E8cLTIihQW6iDa_7gWea_WEoWyYGskEkTDlTRk8SuWbymWCtwf20yaOvvQCmO-TWL6qwRSotde6hY0aQ&cid=CAQSKQBygQiDOOMdS5Rxgl9rIv35yvSgo43JOWaZoIE3EBD54BSx1ZDhcUFnGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=13286933064471042000&adk=3522027986&idt=536&cac=0&dtd=20 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f98.1e100.net Software cafe / Resource Hash d0c3d80a8f3a511f22ce4df4ec6e3ca0a6e2e0a6f041fd3d7e60818465224fcb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11441 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame 43B4	0 0	194ms 172ms	Image text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305220101&jk=1471544645273787&rc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js Show response pagead2.googlesyndication.com/bg/ Frame C438	38 KB 14 KB	173ms 151ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software sffe / Resource Hash 3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 May 2023 14:38:59 GMT content-encoding br x-content-type-options nosniff age 221425 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14781 x-xss-protection 0 last-modified Mon, 22 May 2023 09:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 22 May 2024 14:38:59 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4AFB	0 234 B	778ms 256ms	Ping image/gif	142.250.217.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~li41neh3&c=4588205490829&slotId=2294102745414.5&qqid=CKT0j7eOkv8CFQlO4Aod_v4Bmw&fb=outstream-lima&sei=44714743%2C44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.217.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS mia07s62-in-f3.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4AFB	0 56 B	181ms 180ms	Image image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Csw2Q8jBwZKSzLYmcgQf-_YfYCfHp-9twprXC0qYR8C4QASDTy84wYI0CyAEFqAMByAObBKoE_QFP0Iy_Kwvopd6p8j5x0KrNhHalU3UBr2uYfQbZN1ATtN-rqfxnCmDSzV-aHcMNsZcJphj9_GGSG_xeuXkosR-whnUK6siTs8xtemSscdJgAmoXSe6xYpF4M9GSVOs71E91dDyDEvahvOpFHBNWbrxazaAKp3Q_Opl9H5UXyztgtMiippFh1r4rC2495tMRd-GVEIgJegPJ-byr4RNdSMR_FgLVfo-pmhNqAyxZhoJpZd3ci81rz70k4GCqeamiLvtgyw3mADne4jz6FExn02nQnZQ5wV8ykysQ-fZ1vEzMGXtQUXUX5q_SG5i_364UM_9MHBx612-wC8ncxikLwATgyqrLwQTgBAOQBgGgBnaAB66H8_oCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB4AsBgAwBsBP31LoTyBPHvvjiA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1685074164264&ai=Csw2Q8jBwZKSzLYmcgQf-_YfYCfHp-9twprXC0qYR8C4QASDTy84wYI0CyAEFqAMByAObBKoE_QFP0Iy_Kwvopd6p8j5x0KrNhHalU3UBr2uYfQbZN1ATtN-rqfxnCmDSzV-aHcMNsZcJphj9_GGSG_xeuXkosR-whnUK6siTs8xtemSscdJgAmoXSe6xYpF4M9GSVOs71E91dDyDEvahvOpFHBNWbrxazaAKp3Q_Opl9H5UXyztgtMiippFh1r4rC2495tMRd-GVEIgJegPJ-byr4RNdSMR_FgLVfo-pmhNqAyxZhoJpZd3ci81rz70k4GCqeamiLvtgyw3mADne4jz6FExn02nQnZQ5wV8ykysQ-fZ1vEzMGXtQUXUX5q_SG5i_364UM_9MHBx612-wC8ncxikLwATgyqrLwQTgBAOQBgGgBnaAB66H8_oCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB4AsBgAwBsBP31LoTyBPHvvjiA9gTCogUAtgUAdAVAfgWAYAXAegXBQ Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4AFB	0 54 B	766ms 256ms	Ping image/gif	142.250.217.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~li41nei2&c=4588205490829&slotId=2294102745414.5&qqid=CKT0j7eOkv8CFQlO4Aod_v4Bmw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.19q&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.217.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS mia07s62-in-f3.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame 4AFB	26 KB 16 KB	500ms 185ms	XHR text/xml	64.233.167.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DurM97XzpxlteMKTwhRA09x71J07dXxXObvdxl3UHn9EFH0lT0__DCnZvGNuRkq80NOIxgYROlYIpS63cH3qQeuSzbUg&cry=1&dbm_d=AKAmf-Dr7PlA4pBPbcz3o6nRzHf9TBJifNCUK222faPHIkbwEPIe66q9ZzSeArMWI94GiibPzeImx1SmiL2VSZy4oriOLaimbHku1urS66TiVCt7uh08BlBzech5Y_YPEp8PbVeTPNY3dzQeu96w4YZLDMJFnznJ9mHlggLyPEMsrY-cY83VRrpE1NgeqBwmKhDVtOZjSD1NjUtTk5hVbWD5bL3XmK7r5tiD7qDBSmqZ2JjvGeAf3RePFj7Ni0ExYMKKqrmo1YsoYIMyGKGnzBmkfJFaZR840CqxstXZDk1Shx4B_HEdbEMWlVPVxw4Aq1xjwXk8x4xsi4f72yT2oeI14rTvAanqJQG1O_wCxbjrHre2nUn-IqUK6BprOCitu--XvUWthva3LcOxd0BVx9_5_vUr_Wchy8ork7zgnjxDzWJe6REZERgusSwXJS63wMFkbLS-0-4SG_zZavOowbjdBR6JWpQe9OgIsFPxNUytOhyHu80X9KSMIxAyIVtFL_yeAS_EkN6ntOQklfHqvQEKttproUM8fdUBH10faXe-HSlBMaWril9eKyWouIAhHP4RspG3VOYoWIqUWyGE4ifHsWBYHTTN-HYfCXDODXuriQPJ1DxyZfBMTPrYnUwfzSP5HCzetrWfKX1fhdbuH7OUC8aV7d8AO2RIHPcDnKhLdf1pZ3gSYtLmgiL1i-RgYQPNt-u-muLnQwJaPd-0FuvO7dU0KtyR2boGqRNerbZ8_USyPPRuJAxCQDfPfRfRrxvXIc_EyE-ESORtgmTyjGRlnITrXJXayOJxR3Ds6U_3hIDOaJDUuGQiHhBDSVUPXnc0hZ1g5dkvV8buzLaan82tkYcuDk7yqt2CmiUCd-McDK4l83ZK7QCNmna6TuoKXigf77bJzDcAerdn7z0fZsAiD9dhRjhdSGyWEahXn8RsSHbI7WAQxypQQiAvQdF7ckH2_uA06gyx5StSCorqrSiwgaQkDyvTQe6xQnuNovBAXx5q_cx5ZSzMRDQZ817GWHcvlStjA_0P74LHcm3iEMGvLKO1N3vohsOaaDqyos3Zx_WzVkIOcRIxwSxxWlfLaJ2bZjeoNRz5Q_Ms1qyZSUzUIqgZG4BwMm6Pf3rCzmlIdAn6uhOm_6QpxOOHQCUFi71ErzIchQeafrQCASq98Qmr0AdWmqRaKOzGp4JMrl0f3l-rnTY1MnTG10Dn7GODpMkRR2kVuWQI3c_JGya4r-a73FNT3fr3XCv1hpfBxe37fzccixyX0pCcuczVcj7IBqBkW5Aqn5PGZOrhdQGXYbLqTuH7bJHY8XCgiqcL6AWNI3Q_Dv-4MLzT9O2hpB-aQu3-rDZmSaD5b_w7W9ddZD_N132cdazPRPZ2Zr9_cR3-omGuiyB7WJjj_Ik1wkK7e_vIphd2Rf5UL1qQiRF-m3RkoGwE0gBfGZqvawcyzp1aR8lwjPWzFI9NrzpD4Kxi2XfumJFgWvnPTzNGmrdmA3W6QWNsdt6XB_Z5q0mBg8EkbbFNh8eUxpOPkQJrToVqp6uS49F2nOj70aDlzvCcCt4bTuPwd_NVweyVokrKeN_et7FCyE786hlNUIhGbxr1BCZOqUYTAovzoQ88ooaofInjVwDVtNiwX7ERAI2Z11bzO_J2T4HUAv1mWW9Aeb9oT-GX9dvNXrHPRugh5aVXSxMHpW_ERIWYS0pYDBw3ahN2Fju6dmLl5taXiqToNg0RGwzr782lj_UhLTz092II6cQAFZvGLJm-LbPuSydX184Q_gZ70iBGJ-yojzXLJsfJCb7Yii7_pKV_grhOV_s3hKNgDKQwB0Q7HAtCrHBxl0ysaMNbpMUVnYCW2cajfC8LQ5pjZcIBsX8FxnvDJkDmopjNNrE-MepaOTDIV8BoMnWSs0EwpjJsJo4JHfJbxT92J_jU7p1T72rbWv0x5G4rQ6Ieg_U0H94blDt_Ous4S9S_3yNEU6MYxNChA2VEc_dfqWk1ugxdRDq-qtDTiU5mlVMI9UzqLkCbw26zqT53Lq08uSkkiDQmutSbo0Mp5xpBLiEiJRWm4Y_mo2VABLdsHhV57XxeueHVxdLcfk7UpjjJc_-AsDH_sNxy_w7DkYlbS8yD-4PJ2HlEIB9EdJn_GqEogLfchMUv9FHnQzbtcwnOZCyNIG5xOxNUFbOCsG0_zr5HRn2zVZOhH9u1OKaqTxGDiVcDcxUDkjFvyt5yM10XRufpu7ZvlCXzJJPm3eRZjvLulKT3mvhELdi5aD7uKcoRK3gT0MXDFM40lUVVmm-RDjIuvRwtYu7gLEjGnmVo2WNH871_u2PwbehXQzJ84WHgWNEahG3A0rg3fmTlBjpp1bDYvBBqWgFFBcksWe8aU0v6MPl3bXdyPhpEefDZQk-mMDrro_146qTWreRQoZU_U99iaZ_oWGH-IokqV0nA0ze8DZseI3KahQ5tQVad-_Le5Mz4sR_5Bo3SPaPBO6eCmAq5ozCGhRE1BbIHJ2gnP5TCH13Zu6IPaYG1HyP3fd_e4LLrQF09P4-Y41ZPL-QzLXgH5gQIkMa9XE3cPbUkZaET30dvPfYWcr3Ezzv1i13ZUAv7dRPqvGG8Q2EPlcjk50rtQ1ptZ_jHAHCWXMqkQi7_bR1ruE8ndo1qM0xaisH6gE2BJuAeYMxOCreMkxUV8PQ-0PZ4popibE9gj5pfZip7c5zRzswZI7EeYLfk_4nn-DVcAo8qeM40_xmjXGiKnXwZ8ivlCK1tRBJDdxjdbZiq1oqrvM_KJfVlB2lxXv4jQtZ3aoLjyXZrhHf1cSkZATgTSlKwn2J-dUbQkpd6hQDDFJGh1MOuUVeyTpeOLBeyOq8C_F35YfUywu7ITRJ34R2Hj1it1ikgXUev0OSJxk9BiBbEoylbuZOKe0UWRtTpM_N5RqJPrypaRZfiR46OyE2XbMxMJJ_XLO-omOKM2kchVGdzyh1Tnl4ChrfUatq-N1mWUKcjsAWDkcC0M0PkUjgd--5qmMilovaLntmQ8d7V_GnkM0bQEZM9tXphrfwpcYPnLeFQfDt9nFJnC44WpCOMRQ0zrsUzOc-tbQMMY2ty_-0uuiICV4SNUMt8C_X-cQ57KrCrueKGvuLtgKL3zNFkFDY7ZOqKjiaoDe_A0sUdMtJyLF1bI02CaXynyJaKPnrnEgSAwzlORRxCNYjt6vbgNpezAzm3VpBk9OStu1QPkA1Q1jIyxlV2_PyyHspvaqFqWK9SJqFC5qErIzhfAcDi-xgWG0fxC2-_S1QZAC0jD_SkNIqcssJ-96QKCQ7LTKd53BgOxYms18DjCQDxMH8qBQH_ClPc6UsBZL7FrIgMiyvPLe-dOV0uM8xAiFu7RuCCVBVojZ3L-KkpAJkwDFIBSoYdSEtCe-FOnHlg2bcciCO5IZukkLMAL4nDU4tqtR_Z3UoIblQCNXqpktbAkWV4IOYtQRO7x2sKcSKL4o9Q-h1jnvWw6oe-o4AZlIUk-nyb5-h0-f86eAK5Oxck8JqWx7Xtnaeyv67AAPmwx5uZI2C0cjnjI8gef4mi28pOAYi2fTzkL4pDeSs2OoMqvlTGeoH9TUU9LdQB4yKzERbU3O-yRzMG2Hb6RXOviGwoJyD8x9-Pu93_9mT7B2mWAyXuwEiicYY0iBgqCtjULRccrfAtvvGPS3xHr6Xop2BP-qOgsmeKndKX_VluJ2eD-Y0u0hi4CuwYNRn8Z4SNms2ksBiLr7zTI1CdcLr4ocF_RhO1NVyTzxP5w-OgvMdIWNpGUyNTtwIJLmv7RXCpFrsThohvhHT-ymEDgzB89MpjkXS4GWOkeA&cid=CAQSKQBygQiDPRMhFEwWkVTSujjRqdiGIFop59I9mssyUEEJcnVHXcOcy9N_GAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.167.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wl-in-f155.1e100.net Software cafe / Resource Hash 61c0f70880acbd30c7d863be97add0ca450776c9fcf2be1015c5a4465f948782 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15561 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4AFB	0 0	182ms 181ms	Fetch text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CBx278jBwZKSzLYmcgQf-_YfYCfHp-9twprXC0qYR8C4QASDTy84wYI0CyAEFqAMBqgT6AU_QjL8rC-il3qnyPnHQqs2EdqVTdQGva5h9Btk3UBO036up_GcKYNLNX5odww2xlwmmGP38YZIb_F65eSixH7CGdQrqyJOzzG16ZKxx0mACahdJ7rFikXgz0ZJU6zvUT3V0PIMS9qG86kUcE1ZuvFrNoAqndD86mX0flRfLO2C0yKKmkWHWvisLbj3m0xF34ZUQiAl6A8n5vKvhE11IxH8WAtV-j6maE2oDLFmGgmll3dyLzWvPvSTgOKuroKlkeFFZlxiuCA9MM3q-KNh5XSQtoM1ZPhOZiBrQ7oNo5Pjt6ZJ6Ww9AN2B_JzcdhTgrZ4eqLauM2QMN0krABODKqsvBBOAEA4gFtvLWlkuSBQsIIhADGANIod74AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHrofz-gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDLywEYl-rh6gHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAbAT99S6E8gTx7744gPYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzAzOTE5OTUwMzQwMzYzNBiZ0iHoFwU&sigh=nz59rEQ4VnE&uach_m=[UACH]&cid=CAQSKQBygQiDPRMhFEwWkVTSujjRqdiGIFop59I9mssyUEEJcnVHXcOcy9N_GAE&vt=10 Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software / Resource Hash Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 83BA	1 KB 682 B	150ms 149ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 75684 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 May 2023 07:08:00 GMT etag 48472445140208031 expires Fri, 26 May 2023 07:08:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 8ED1	41 KB 15 KB	164ms 164ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4o1f-IczU3CsP-TcyHOi8XTwAsNEFWhSy45Hl3EMl1yTTz73QgnEgEBlUX4nycjNSwbVUjsVJYCAVZjIMTHeQMRALvsEE57mrsoSjoNMtHNfeliI24bHwbZet5dF37sF9mUyCCw-UAC605VYABobRLReD4xsVp9WCRLpP4ohO3TWHx_U&cry=1&dbm_d=AKAmf-AgmnGieYmiZKFcc8CdMw4JKfHWN--yR5W75_inM4r7zR8kMvDZDN8QSidUIcn7zMkukWTmdaXdTRIPEgqn9RvmLeKWY-pCGE5AWOKiSPTnY7yBj6Z39bGb4KqFGR9oG63yB46dsX86WORTTvd82E-hLO9iDvv_H48okj0Ova3sNPZ7mwijqTQEJyTRxi5nHAowuTbsQcTiwpv6EclCYB2oKnrobsRrAPoxM9nBbcz8NcoxHzPgt7RetXGsp3YQ-14ApBtfVoMhE-suGUxLJGYunso3hlqqCIo2dx2eJeeKoHidEs10NqNAIawwIVew_SvFrtRkbhY7oyyS78upVg02uuLVpXW7GM4QvQ4fYY8uiYT-Uk6SC0VqQAj_lBFSuFVvY1en0WveqJOpJ2Rdo3Vzchk2eVg8A40Wsa-ctb0m9JzLki3J-WtABMPE61hmoZHYFezX8u0oIi70pC5N2S7d9pBfxFIZQYsGmIZd0AwLeVe6LIMchVrBA3Ov0BPk-jcW8uK3sGVoyfwjmuVUBCQE8aivroWuQf83d08IVs6pD57bdllnvOorZJ93lwidngkiSY_ILCFudTVtrIasGJ9LS5jqTTbH1dn3icN-4dUFo918CfmfnNTjkaOgBsEy6GdMmy5hf8NAjjCBtYskqdqMzQwPGNDYBIO2eC6H-yORG0NSQoae47mogpP4SlAebQdsWpwxvRreiezbBubpVvZvLJQmWjQc7_oZlOseebYFNjXB6Xu9oyFQLdp2aZOoARMyEr-hyKI7_at59WURrAyQVObmNMdwT1RRG_OlqFaLDvzUe6O7q6q3xicwg5J38QQsgjaBAriJZCEVmxr5jcHFaOOG4tleJtHZhzeFTbSTUwoE74XKNI9eNmfvt-cAuYyQUAmZOu-Cpyw2_E845q-XiiL-qhZhmhmAbDH_TSfkCSXRXVoxOR9zsG0yCnryj1QP1kxDhnZlk7b0wlzB8v36_pCs1keuexu49qZHl1RbFaMmZVZpaweE4P1UwmeJkCBqkf8dRoYDKX2wtxxYp-l8oigVpOMoJNhpi0WOzts0b5pxBv9kecN9Ur5T6PT75KdAQa5rv1kTIfT5EDAMRA5F7xT_ldLLOx4uJjbUEscUHY5MjKCbgNTmZH6DVuKCf9ND2ZAUrLX-9vfKgY5xHKFVTeb1FlFJYdNr6nem5IYcgR3S_gtPZOOYNAzw_GKbr55ObcFGDU_xzFyIyTaR2Je6FxRGHXtEatba3PtY1WXw_upPFeqZsOzetOSrLEaZ1YsuZodUWZjYK7rFy2j8c8X--iSntZ5n8-NwDw4rItO7mKvIcBUVB-tWEh7qbaRGD9TYwXv4IKyoHyNqF-FJq2G_aypq6R0-lCwn8_kUygXjSiihkNpiCUKcT-vvAT1bHaf-SW0hiDiI9_IuadxhB9_HWpH1wBt-ZZ-PV3Q7OQXZEJVhwmr7Te1Hy2bC3C1kKKwKrXpaVh7evHfbCXg6Z9NxFkEVXfRPDDw0AY80Tus9811ft6bJVeT1Zdre5Oin94XR4Pi52BrnuB-sy9EvIxg2dUQzlJmedCJ2Wy3sQcDYCjlm4tyjTQ4W31BOTvIgfAx3kGbFj1dNqjPR_nC4P1LqLtt9LevGRQBrD6ONVOyooINFrOh9vU2SmyDej1drPv3X1Hh0zZ5IwvcCNwzYKCFFjCE2WhqTPH5hvg1BP-6KfLdHWOkikmUJOAUlgMpmlf8cjNGiwNozDeyHg3dCaBsMlzbH4LDjZtLbos6hcxennuL6mXuqP63qRglOfxTsol6I_EG6Fa3k8y6t_w2pgsu8cw7T-TfdIVTy6gPqU22t6Guyk65PNTQxrnuRLFuA-9Ex3JdTViro3PTQ8SOgfhJoIDIcl3X6H_JcxsUwXBuANPUZlPXISvOkrYzmLqOjgTxY4Ydy5SEPWHROo_ub_c89KB0FEl-JFLsxT1tdKdC3ht_YbeJMPIQR8_QgDWk4UT682VW9tF-XG7WuGEz8vg5EGpLOPHPcb4c3PlBjM08X3vOd6h1IifuriCqIgVmRUaJEWIBNPmo3O1R4OC4pWnpTp7AZyvZKa_vSx_jzhOeet_i9G8HXGjme8M9LfNgAAUCDx_Z8Ghr3-eUbvhOduxc_cgSJTKggElWoNRyty_DSg5k6AT_EMOWAEjOmV4sGfolNCyj3TRXJjS_69VnN1pvfYms5TJsRkSzp_7jeKhk5tlGDxpFXfvsv-wH3ONZbDQIiJPTtjX26VY1UxXiCcY2SZDv3OTLI17HBYApU1_iHFoABMSp83NJj2tr22owaelqjdTTLBmohbDz2TbmZR9DVktAWT08XJzkxOEdLlW0IvM9_cA6KmnS_UqUPO9zgV6_QcTDMkyfVa0Gf3Bf3fKlS7Oz2KsdB16k7cEpEQtPRpMcljaVKuDR-hwY6WBJOX8mNTmx7KMNBOrm_zWUg2HHh4NcCQSeb9atqyicIXwqKF6MMkMqAt6-Ut8tklfnVpFp_Vfblq6f6cqBlS1Pklxe22nv5NvRmaOhYrGbfdIasBsGajOQTrNKcZEzX2wofK_8jZ7WxnpeG3uz2e5lfap-VbHdIb3kSu08HE5fBlhjZORh0XRe7GAkSuCOCDeto-T4PM7m0WfygUwv3rKelIHQwn1OQ6pRj_-K0ZOPUj90jBQywSNz5HU3uRpSknqzRaoJAxa6Ol2lRYSZGD4DOgW0duBHxGzeCDGhLj7cK_xpKW2pu9qxNq_whXKiKt0kHiMhOYaocXosTBoQzgDPbMNlEKJDtG9yNhN7k3xIHBJ_SOI-XWDSg6UZeh6f_YIJXzmdhprfoKSBv0UOEx3wY3j2qtFGu-rxDaGOK7GgnNVYXdW2TiaCM3yjKZ2O7dV6Scra4_50BbJLclwOLuj06gAPqedmyCFKN5R0XYJeieHRA_SaSuq1aTKTHjYDpQdBnd5l81WGs5KHIzSfoTPyvT_thozDXJTJsTwPyhkJj9Ils2IsgwS3d3-w-iVUJkNn3LyM9OpVPtB2UhzKKvQ8UNy1MVSztw0TZxD8p76To6P-yuAzct9AtEXXeRmHRbLSnhgqU1gGcWmCsbyfJWLo7r3YnL3cJa2V0krNSZLKpOv0-EVKZT20GrhZQZo4zQREcI_eH7tKMTS60vElTo596oKhLpkR_p0lk8ZuPrSiTkyk77r1ynKD_py_DrbBzxu4Q9Pvnjvq4omM1NoAGWM8j9IDgxPUKgDLbm49CdtxMC3HNqn_dUXJRqhXEC9ihdFBjWtffuXyYrxgV5LZNxw7o-OYHqulhnKX0ZTLKM_G7izawDnA8GhgSXaEmkGHALNsqreQd0fEyvLRkk_fOrE9cXXt8TWkSrErO4OofwPJqBKlWHmaIuitkZvqm6OjYZY831LpFX5wuoY5a6uJw2b3HN4sh8GGZmDHXlOTMqYf262gp41iT9CZXsK9_zedjhGEmyHozB7hofiAHcMDTbwHmphs39CyCzdSgq7KcqzXI97dURNdyI8c1WhxejvUgXVQEuLTV4JAXF7K5FIZJ2FLCB70R92KHhhIs0BIUWQ9e3kgMlBPfZm7xS-M_tuYSjuS6dr9lpETHT4Clt-E8cLTIihQW6iDa_7gWea_WEoWyYGskEkTDlTRk8SuWbymWCtwf20yaOvvQCmO-TWL6qwRSotde6hY0aQ&cid=CAQSKQBygQiDOOMdS5Rxgl9rIv35yvSgo43JOWaZoIE3EBD54BSx1ZDhcUFnGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=13286933064471042000&adk=3522027986&idt=536&cac=0&dtd=20 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 19:05:15 GMT content-encoding gzip x-content-type-options nosniff age 378249 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 20 May 2024 19:05:15 GMT
GET H2	200	html5.js Show response dsp.adviad.com/v1/ Frame 8ED1	14 KB 4 KB	429ms 147ms	Script application/javascript	104.21.234.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dsp.adviad.com/v1/html5.js?v=2023.05.26 Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f2450934a708ce82400f0ba670c14b0dbd42407afc090157a1a499f472b0e5c Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT content-encoding br cf-cache-status HIT last-modified Thu, 18 May 2023 11:22:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4803 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9BCZqzLOCubjEupyleZ%2BSZfPOZYZbPFFAFePqi1oGT52Z%2B%2BGHos6PiVGKNOyrd%2Bm7XtTbXlNZ%2B3LtqZwMh%2BAoucqyl9jne1dSnHvSHu0PfcsarosIOaehj387XKav20VA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1800 cf-ray 7cd329993b86bbcb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 9E3B	1 KB 677 B	138ms 137ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 75684 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 25 May 2023 07:08:00 GMT etag 48472445140208031 expires Fri, 26 May 2023 07:08:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 8ED1	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e7c27f246197444ac782877622d3fb579113c8bec45f5d84d2a6df5bcb679340 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	i.match s.tribalfusion.com/z/ Frame 83BA Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEAtIW_YQVP4gDUN_XrX2fdM&google_cver=1&google_push=ATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e&... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAtIW_YQVP4gDUN_XrX2fdM&google_cver=1&google_push=ATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-...	43 B 441 B	1402ms 1401ms	Image image/gif	104.18.24.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAtIW_YQVP4gDUN_XrX2fdM&google_cver=1&google_push=ATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:26 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7cd3299c69859b7a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 202 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAtIW_YQVP4gDUN_XrX2fdM&google_cver=1&google_push=ATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNN5GUaF0VozxixIL5p48qI2Z0Se0Gq2vn_4klHPYEez06WsDnREoWGaR6JfdPOpHdScn1DT-QjuYq9VNBa8xfGa5VYx9-e%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7cd3299a78189b7a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 83BA Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJNEEbg9AZ0fjubBh-LOfsU&google_cver=1&google_push=ATf1kGONroOhsn-8dvrw-vDK2gOXKzUBmdfEKLTWTMqnBEpwicTucih-ESoOR5G-40_hiyYTNmTYM... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGONroOhsn-8dvrw-vDK2gOXKzUBmdfEKLTWTMqnBEpwicTucih-ESoOR5G-40_hiyYTNmTYMj9ZZ2KkqGYZoy_ykdg-r1jH	170 B 188 B	152ms 152ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGONroOhsn-8dvrw-vDK2gOXKzUBmdfEKLTWTMqnBEpwicTucih-ESoOR5G-40_hiyYTNmTYMj9ZZ2KkqGYZoy_ykdg-r1jH Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 26 May 2023 04:09:24 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 4E2B274B30054C118FA616C2C8146102 Ref B: VIEEDGE4210 Ref C: 2023-05-26T04:09:24Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGONroOhsn-8dvrw-vDK2gOXKzUBmdfEKLTWTMqnBEpwicTucih-ESoOR5G-40_hiyYTNmTYMj9ZZ2KkqGYZoy_ykdg-r1jH x-li-proto http/2 content-length 0 x-li-uuid AAX8kOcFCneBkxYk41UmTA==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 83BA Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIsip__1XU5JfW7YF2jQCUo&google_cver=1&google_push=ATf1kGNkhCCiA8nvVNbQIxH4cB14_W6FDcIddPLRmCSUAHqwUV5w_aPK7tAs5Sy4fBGMatAHfU23_lO1W9V8G1... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzMzODQyNTczMTc3NDYxMg%3D%3D&google_push=ATf1kGNkhCCiA8nvVNbQIxH4cB14_W6FDcIddPLRmCSUAHqwUV5w_aPK7tAs5Sy4fBGMatAHfU23_lO1W9V8G1m0FK...	170 B 188 B	157ms 156ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzMzODQyNTczMTc3NDYxMg%3D%3D&google_push=ATf1kGNkhCCiA8nvVNbQIxH4cB14_W6FDcIddPLRmCSUAHqwUV5w_aPK7tAs5Sy4fBGMatAHfU23_lO1W9V8G1m0FKy7Uz7x4mA Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzMzODQyNTczMTc3NDYxMg%3D%3D&google_push=ATf1kGNkhCCiA8nvVNbQIxH4cB14_W6FDcIddPLRmCSUAHqwUV5w_aPK7tAs5Sy4fBGMatAHfU23_lO1W9V8G1m0FKy7Uz7x4mA Date Fri, 26 May 2023 04:09:24 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 83BA Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPbJaxV04zVN0iTBu-vZZ6g&google_cver=1&google_push=ATf1kGO66xFcRZg_f20gWdVMRYnGZBH7pYSsaYz_pXaJUXyGegrjPZM0TfK2VE5jx7fFPFutM8j6jkWoE2K54jL-ydcH5R0... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO66xFcRZg_f20gWdVMRYnGZBH7pYSsaYz_pXaJUXyGegrjPZM0TfK2VE5jx7fFPFutM8j6jkWoE2K54jL-ydcH5R0kBo0Y&google_hm=eS1Ed1hzY0R0RTJwRmRZOE...	170 B 188 B	161ms 161ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO66xFcRZg_f20gWdVMRYnGZBH7pYSsaYz_pXaJUXyGegrjPZM0TfK2VE5jx7fFPFutM8j6jkWoE2K54jL-ydcH5R0kBo0Y&google_hm=eS1Ed1hzY0R0RTJwRmRZOEhUTFNrc2lzRkk0cm04Z2N0Z35B Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 26 May 2023 04:09:24 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO66xFcRZg_f20gWdVMRYnGZBH7pYSsaYz_pXaJUXyGegrjPZM0TfK2VE5jx7fFPFutM8j6jkWoE2K54jL-ydcH5R0kBo0Y&google_hm=eS1Ed1hzY0R0RTJwRmRZOEhUTFNrc2lzRkk0cm04Z2N0Z35B content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 83BA Redirect Chain https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHC-A0f2FkUNt3GpVZ9Jglg&google_cver=1&google_push=ATf1kGOnBDzql8QiTxGss2vVfc6JNyWuf9z8Kh7FLfU3j6mwtKmFZfuvLuW1DhwX7mCYHBNmnHyxHQcHL-t6qt_... https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOnBDzql8QiTxGss2vVfc6JNyWuf9z8Kh7FLfU3j6mwtKmFZfuvLuW1DhwX7mCYHBNmnHyxHQcHL-t6qt...	170 B 188 B	154ms 152ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOnBDzql8QiTxGss2vVfc6JNyWuf9z8Kh7FLfU3j6mwtKmFZfuvLuW1DhwX7mCYHBNmnHyxHQcHL-t6qt_qp4LX0ONm3bs Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8Ri2qSAmVdZQhwK4gEPga1vvzpY&google_push=ATf1kGOnBDzql8QiTxGss2vVfc6JNyWuf9z8Kh7FLfU3j6mwtKmFZfuvLuW1DhwX7mCYHBNmnHyxHQcHL-t6qt_qp4LX0ONm3bs Date Fri, 26 May 2023 04:09:25 GMT Connection keep-alive Content-Length 241 Content-Type text/html; charset=utf-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 83BA Redirect Chain https://sync.inmobi.com/gob?google_gid=CAESEJSuLy-IGWnPa0havqGc8Nc&google_cver=1&google_push=ATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCAj3McwxZYPA https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8... https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= https://sync.inmobi.com/gobRedirectFromId5?id=ID5-2438uxxdno4Ss9RXFfK_6UPk6pFZlUn4Q2EKZTv7rg&google_push=ATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCA... https://cm.g.doubleclick.net/pixel?google_hm=sAH9PDlPJ6DMMQA0Lcp2&google_push=ATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCAj3McwxZYPA&google_nid=inmob...	170 B 188 B	154ms 153ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_hm=sAH9PDlPJ6DMMQA0Lcp2&google_push=ATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCAj3McwxZYPA&google_nid=inmobi_new_eb Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 26 May 2023 04:09:25 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none referrer-policy no-referrer expect-ct max-age=0 x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 location https://cm.g.doubleclick.net/pixel?google_hm=sAH9PDlPJ6DMMQA0Lcp2&google_push=ATf1kGMLmlTGy6x8qyBv5uB5KS8TB0e4WRK7Md1P7ke8mCb8dz5WjkSKsd3bxLuh1Pi3Lwvg-mX8g1gLP8DWR-bQLjCAj3McwxZYPA&google_nid=inmobi_new_eb x-download-options noopen vary Accept content-length 227 x-xss-protection 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 83BA Redirect Chain https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGSt3wqMl... https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fb25a78d-37b8-4e79-a8ba-1879df21341a&%%GOOGLE_PUSH_PAIR%%	170 B 188 B	152ms 151ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fb25a78d-37b8-4e79-a8ba-1879df21341a&%%GOOGLE_PUSH_PAIR%% Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fb25a78d-37b8-4e79-a8ba-1879df21341a&%%GOOGLE_PUSH_PAIR%% date Fri, 26 May 2023 04:09:24 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 83BA	0 12 B	163ms 161ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JhJIqcKyJdXfsrbeYaHhFw4OA8IhndfMovNtzkdX1fFmFXcX05SCvWHRsgiURGSfoPXVHdM1M Requested by Host: dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com URL: https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9E3B Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdMn0tsYJ4yfOxfUF9grbU&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdMn0tsYJ4yfOxfUF9grbU&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TXQ3a1pISVIxUTJvTHo1&google_gid=CAESEBdMn0tsYJ4yfOxfUF9grbU&google_cver=1&google_push=ATf1kGO904iyWC7CJCQrpEu1HwGSGFVL_miMqJz3YUCRbbu...	170 B 188 B	152ms 152ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TXQ3a1pISVIxUTJvTHo1&google_gid=CAESEBdMn0tsYJ4yfOxfUF9grbU&google_cver=1&google_push=ATf1kGO904iyWC7CJCQrpEu1HwGSGFVL_miMqJz3YUCRbbub6WgE66ksgDgS7KtdZ6knvh29q0IdXhcc9AlrhZg_A-lbft6M77kAwQ Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 26 May 2023 04:09:24 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TXQ3a1pISVIxUTJvTHo1&google_gid=CAESEBdMn0tsYJ4yfOxfUF9grbU&google_cver=1&google_push=ATf1kGO904iyWC7CJCQrpEu1HwGSGFVL_miMqJz3YUCRbbub6WgE66ksgDgS7KtdZ6knvh29q0IdXhcc9AlrhZg_A-lbft6M77kAwQ Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET		google d5p.de17a.com/cookies/ Frame 9E3B	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9E3B Redirect Chain https://s.uuidksinc.net/match/47/?remote_uid=CAESEOMATH1A2EnabIqZjr5sLWQ&c_param1=ATf1kGPFNGCE3MTdhcuRCfHbMG5DUFkr927BHNshTJDxOnZUCLe-TLmx12wz_lBRXOMw4-wfStVc8g-IynDTbKP3qAsb7SKIjBpQ&gdpr=%%GDPR%%&... https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPFNGCE3MTdhcuRCfHbMG5DUFkr927BHNshTJDxOnZUCLe-TLmx12wz_lBRXOMw4-wfStVc8g-IynDTbKP3qAsb7SKIjBpQ	170 B 188 B	154ms 153ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPFNGCE3MTdhcuRCfHbMG5DUFkr927BHNshTJDxOnZUCLe-TLmx12wz_lBRXOMw4-wfStVc8g-IynDTbKP3qAsb7SKIjBpQ Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPFNGCE3MTdhcuRCfHbMG5DUFkr927BHNshTJDxOnZUCLe-TLmx12wz_lBRXOMw4-wfStVc8g-IynDTbKP3qAsb7SKIjBpQ date Fri, 26 May 2023 04:09:24 GMT server nginx/1.23.2 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9E3B Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPmuTTPbuutQ2qjNOjP7ap0&google_cver=1&google_push=ATf1kGOMHOk8wyPdk0UF_BpvgBgKNo5_owMpPcpSH9AqdKpmwoNL0bZ7yLn3D_1Krk08UkWK4pLJ6SrwOFcDMKiw0... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOMHOk8wyPdk0UF_BpvgBgKNo5_owMpPcpSH9AqdKpmwoNL0bZ7yLn3D_1Krk08UkWK4pLJ6SrwOFcDMKiw01C8yV52OAMTfQ&google_hm=GtUZsGZHyO3yq49cR9SH...	170 B 188 B	156ms 153ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOMHOk8wyPdk0UF_BpvgBgKNo5_owMpPcpSH9AqdKpmwoNL0bZ7yLn3D_1Krk08UkWK4pLJ6SrwOFcDMKiw01C8yV52OAMTfQ&google_hm=GtUZsGZHyO3yq49cR9SHMkpA Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 26 May 2023 04:09:24 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOMHOk8wyPdk0UF_BpvgBgKNo5_owMpPcpSH9AqdKpmwoNL0bZ7yLn3D_1Krk08UkWK4pLJ6SrwOFcDMKiw01C8yV52OAMTfQ&google_hm=GtUZsGZHyO3yq49cR9SHMkpA Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET		rmpssp sync.1rx.io/usersync2/ Frame 9E3B	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9E3B Redirect Chain https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHvNF_K98hM79mykG-Ddc4I&google_cver=1&google_push=ATf1kGNz1_39RvEHIqOqsr0FzcyyELWHGkZg4GK8xDEgA-VhrHrO4ZZJrowrUh7aq5PVGoilJc... https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12eDBvcm5kRTJ1RlRxMTdzX1pGVkZPUF9fbEtGb1Y2UX5B&google_push=ATf1kGNz1_39RvEHIqOqsr0FzcyyELWHGkZg4GK8xDEgA-VhrHrO4ZZJr...	170 B 188 B	157ms 157ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12eDBvcm5kRTJ1RlRxMTdzX1pGVkZPUF9fbEtGb1Y2UX5B&google_push=ATf1kGNz1_39RvEHIqOqsr0FzcyyELWHGkZg4GK8xDEgA-VhrHrO4ZZJrowrUh7aq5PVGoilJcQZ259fO6-wuGsCjFHXQEKbkEuRFuU Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12eDBvcm5kRTJ1RlRxMTdzX1pGVkZPUF9fbEtGb1Y2UX5B&google_push=ATf1kGNz1_39RvEHIqOqsr0FzcyyELWHGkZg4GK8xDEgA-VhrHrO4ZZJrowrUh7aq5PVGoilJcQZ259fO6-wuGsCjFHXQEKbkEuRFuU date Fri, 26 May 2023 04:09:24 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.57 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	v1 match.sharethrough.com/E4rooAtA/ Frame 9E3B	0 359 B	687ms 139ms	Image text/plain	18.193.218.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENDNILlbbl7y3n-p7Tly36w&google_cver=1&google_push=ATf1kGNEsZL7BwBIYKxtW_tz37k53H0Ep8JGKrnLgKq3d_wfrUoTSk2UfZYng0obzSG17ay70lZ0B4zDCWCe4qHA5ctWNbZe3RfncXU Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.218.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-218-55.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:25 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 9E3B	0 12 B	156ms 155ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2RbfETexoFfxkQWb63mVKBS-B43DWA2U2qDCtNBtvW978HqA27jZDZVjroOcWtPN95GEXDL0 Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame D484	22 KB 8 KB	148ms 145ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 159041 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 24 May 2023 07:58:43 GMT expires Thu, 23 May 2024 07:58:43 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame EF8C	14 KB 11 KB	156ms 155ms	XHR application/json	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305220101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash a1dc922a6df4d8c2317a8b16ebb1becf95946aba7c42cbf0e903b73c996c264f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11069 x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame EF8C	0 0	174ms 174ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEtEY_TUMs1mpogEGBnaZgquA3aQSYdPZNcLlsqTRVSevSlyeqjgeMdL6Q75tQ27WBFOo6m9aqWscLyuP9JHLpxgjXT_ymWAvcY_LCA9cu-5CzX8zSdsXkU5On22hpyX1iQbGPzzVEdZXVrMHNfM_FuH6HV58vLelxlGlOvNiREKyiAoLS3JrBN90xSOQjCyZ71hTRU99q5fqhiC8LHzBRIZ9IPKu4uPpPqWluF1O7dKaCC1uX2Z90Qz7S-QsPrApU-TPAOevgpXtO7ibytLRjL9bKGYfHdT9L9x0y4D8AkPVzAK5wH9QAplVUubA9pvbxSaXkiovp_exB_dN3nEICImaW0bxhoRQTMwmvRhds&sai=AMfl-YRPe6UnegBmYxjKoYcbl1bOy3ntHctfweHiCMEGUyKWYuJvN5hQtjlp5L_yQ6uNeP_MqIJZ2TverD6RoGk&sig=Cg0ArKJSzCxsHzR5OM7mEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 26 May 2023 04:09:24 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 9BFE	0 10 B	145ms 144ms	Image text/plain	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?u9HFDQ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame C438	0 10 B	141ms 141ms	Image text/plain	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?r9RKNQ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response pagead2.googlesyndication.com/bg/ Frame D484	37 KB 14 KB	157ms 157ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software sffe / Resource Hash b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 May 2023 12:51:37 GMT content-encoding br x-content-type-options nosniff age 141467 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14579 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 23 May 2024 12:51:37 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame EF8C	17 KB 6 KB	171ms 170ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 26 May 2023 04:09:24 GMT
GET H2	200	/ Show response cdn.adviad.io/storage/2023/04/12/d4cbe67efb65d53ace5f7ad535d747c9/ Frame 00E4	882 B 1016 B	444ms 144ms	Document text/html	104.21.82.248 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adviad.io/storage/2023/04/12/d4cbe67efb65d53ace5f7ad535d747c9/ Requested by Host: dsp.adviad.com URL: https://dsp.adviad.com/v1/html5.js?v=2023.05.26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.248 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63c667b988d292799f181678c2be85eb474adbc9298985c430c0f21899297874 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 240533 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=304800 cf-cache-status HIT cf-ray 7cd3299c1ec53732-FRA content-encoding gzip content-type text/html date Fri, 26 May 2023 04:09:25 GMT last-modified Wed, 12 Apr 2023 06:24:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xia%2B2BlBBZfjuEjc0eGQMD8y29OkUGdqxHxu6L9QAVsjL9iPXUxe2RskANrvzLgo9VZE%2BS7TVNq689mAftWolkW7863%2Bjc5dQyn1bPwfeMhNCgsBpmpIbDRo2lY5J44i"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding
POST H2	204	csi csi.gstatic.com/ Frame 4AFB	0 54 B	259ms 258ms	Ping image/gif	142.250.217.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~li41neig&c=4588205490829&slotId=2294102745414.5&qqid=CKT0j7eOkv8CFQlO4Aod_v4Bmw&fb=outstream-lima&vast_v=2.0&vmfc=4&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.217.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS mia07s62-in-f3.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame 4AFB	41 KB 15 KB	142ms 142ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 May 2023 21:33:59 GMT content-encoding gzip x-content-type-options nosniff age 196525 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 May 2024 21:33:59 GMT
HEAD H/1.1	200 OK	file.mp4 r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4AFB Redirect Chain https://gcdn.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa... https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	505ms 158ms	Fetch video/mp4	74.125.153.199
General Check archive.org Show headers Download Go to Full URL https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3560350107909D8F757B55DD0B5EA70E3AAA0A85.4B970F0B2B8D90CD42108CBD83D0FA36C43FE03D/key/cms1/cms_redirect/yes/mh/mw/mip/91.239.206.150/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1685073435/mv/u/mvi/2/pl/25/file/file.mp4 Protocol HTTP/1.1 Server 74.125.153.199 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 26 May 2023 04:09:25 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 2080737 Last-Modified Sun, 21 May 2023 20:33:09 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Fri, 26 May 2023 04:09:25 GMT Redirect headers date Fri, 26 May 2023 04:09:25 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 644 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com location https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3560350107909D8F757B55DD0B5EA70E3AAA0A85.4B970F0B2B8D90CD42108CBD83D0FA36C43FE03D/key/cms1/cms_redirect/yes/mh/mw/mip/91.239.206.150/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1685073435/mv/u/mvi/2/pl/25/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 031C	13 KB 5 KB	142ms 141ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 35211 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 25 May 2023 18:22:33 GMT expires Fri, 24 May 2024 18:22:33 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 5632	783 B 766 B	148ms 147ms	Document text/html	142.250.74.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.196 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f4.1e100.net Software GSE / Resource Hash 5afd8551e39595b91b2233c98305f14786afdc4234a85e471dbcaf349509cd22 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-3lqmxw8gy3kXNzXM7fVe_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-3lqmxw8gy3kXNzXM7fVe_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 26 May 2023 04:09:25 GMT expires Fri, 26 May 2023 04:09:25 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D484	0 20 B	182ms 181ms	Image image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOEGU9DBwZO7lCqmv-gaOuK6IDAAAAAA4AeAEAg&bg=!CwilCFzNAAZ8_aWmXP07ADkAdvg8WkZGSkCfZi8iPoWWTei7TWIw_mYArJPHfGGIsc-zNHQfFL0cJWAT95OjF9gXjZ1nZZcDqCgCAAAAYlIAAAAGaAEHmQM6foCyxsLsfBFslWH1SrRLe-IjZBlmvIYgesa3H_NeIvj8zdIObu0M2L61ZuDea2ZArWr7c_gKlv0KUCCo7Mmvczth5bPXVHHSqnE0D019Vi5Hm_ypyaZwiFcfx_Vg0yWYEosGyv7bpbRe_KNWeE5O62pN5Nnm1lqaj3Od6dbD-0g9BXnCyDTXrdHDWL3KvpKlNMHkA5KI15JTRI9La0FVVR1hKBPkFatVXJgqOryyG-nBPBqKszsGAIDVbbqFJBokMwGUaZlqg6u6WDsbyL8etXPoMT17C0_Q-RMNNs22IDELC4CKw8Lsu_ayjwjF5aVxwq6MMvUbLP6lBSDR3IotAcI94Z6hmCJCOYOqV5lRtkN0LZg5ATHjbXWigxWkNchkKA7avz6TR6HyyiPIg9jwtWrn6LDm23silMlBIX7yXhrC-3jd2mWHlKCzD6uyxV_gdIGtxX2on5b0N4uTlm_AFMK0QLHGH4-HkTkUbxCJVl538P5CYNV7X6MSLxi_t4ndrMmr7ZKePncAPHadL1wm-b-ma7s2zhfBeJuS2rmwDerJQNfhRp-sFWB1Bx4PNrkTpuCZORLBlir521Ee1NDdDXcSc5o1sayZfC9ccdzMZAOm8YOOznt7t4ywX-taBsO1YVsVn2JJOEVgIFhfaEpa_sG184z1g_0CX36bIkbfGlgKysMSS00uGJcJw9J83YfpX5KALE1M57TlHsTKexD19GLKPIsdHkOauH-Hpf99oB-FFwac-IVVmAcdHQsOgvdbWv3a8ZIfbmIW8P-sXHYG-GZe44n5FSLfGZ8zu8niQZxSSN3JrKjXkvXU1EBuPO05ln1CCNkoOl1lQyaowhM3YoOBvHtJT_MYhaO38wM6EBw6wt1MD53T9IMho5ZErHliWc61Ete8blCU7tUBQkO1zHHgEdZSBeJGC2DMC33_6x63fjVe9lmJHjU2NR8JXr1JFxGoA-WEAdUCk2oNHkdAsI9WzzPIV2gPsuJAt2HklBl4A70AjgJ2pHGdUPBrpeNiDNtKgWD7vos9wrEN2K9JII60JMSB16memluIfdiJdt16cho0qNJibE6aZLkpFTnv6rABxV49yk60pg Requested by Host: f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com URL: https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame DBF4	23 KB 9 KB	150ms 147ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 243714 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8727 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 23 May 2023 08:27:31 GMT expires Wed, 22 May 2024 08:27:31 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js Show response pagead2.googlesyndication.com/bg/ Frame 031C	38 KB 14 KB	144ms 143ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software sffe / Resource Hash 3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 23 May 2023 14:38:59 GMT content-encoding br x-content-type-options nosniff age 221426 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14781 x-xss-protection 0 last-modified Mon, 22 May 2023 09:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 22 May 2024 14:38:59 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 5632	0 0	180ms 178ms	Image text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305220101&jk=639065492232696&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 25C7	0 0	187ms 187ms	Image text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305220101&jk=1614395051774453&bg=!urmlue3NAAZu7ficTu07ADkAdvg8Wvfs0QFsoUPFJt2u6vVZOGf78BGbsSaqNkjoGKNn_gAvd2W0Ite1FVitG0dTQv4VPndikPECAAABIFIAAAADaAEHmQL8OUWLa9Uy8Zi86jGWWmUCDfQlN0z6vv-Mmui0n_qw4gNN4XZF9hMJ5FKedq37_Zjh18c7GCHDGAjFzEtGoVpYUwa_qi0w19TQcijnp_IwiSX6QwQU24OIqFIOsmn8Un4eQEqSypAhRoDMd0SJc9i8Fn3QFL2zzsVVYeYmu6GvEo0IOl-15fOZeTs2bOd9XnBan6WoJJPc_efrE5WBsW4Mmn5mfQAxBLB6fkn-V9H_48eYnrpKQZhnvNMQXh2l22Ptzc4vU0wdfRa4ky5sBGXLglh4f8Ujwjr5ZlNJELa08rB7CbqAOQLQnaoTq7vTSIMAeVeNLXMhWEIHdEeZOJn3Opqt6DuKnG_2qsimoeDv_DNaWYUrsEoOOj11AA4rgSYGMOfMEpJfihK0AIsO4pM4Bzf54JNdf9kV5TSIFvwC_A6jmXkxJkPgMY44t0YvJ1WRCGpxbnp7Tv7fBUktX5wfgbi4sFrVkD9WHlVylLi4hMM4Vyx00UphT_DyT3R0a6JvQYT-in_omMn9rghAxiwLYxIJC9GcL-xRCWOwCA88d7EKsjD2pNyS1UDIZ-dtZ5xxVVUeiw68FmaJq9Uf_sE0m0vDjs7oAeF4JM5C00VIn8gi_T7v6_JzQc3eHqaMKrBWTHjDYEtcn9Oh6uyocDqCX77SaGs-Nss8P-Xph4IeXmzJy4h5rzBLtkD9Sx6vFEh9yoqTb65VjFcg1sypJ-F3v3mV79_CUNV7aRFzdABGv_fKfVSQkUlamxN56mJq0_-67KF5lx2sn_1p0MYZ8lUfsn_r2tG2QiKAXcrpx29gPQQVmOpbGFzKW9Lluc3lYIDli09j_jXYcR08FfzDCO3aQmWxUbabckjBpdmjrRn5IB_pwRgwnrrNh3vnL2yP6Amd5bdYv5W_zyWj8sCjaiQR8lMe6XODSKA6t-n0IrQRYDQwHFJroxwwCh9jN5IxsFZ1EvMHHeApQakH4PP4nIAx4J6GiCx5WUBQoHioFogWau0MzcMRC34wnCjbEKI Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 87F4	0 0	182ms 181ms	Image text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305220101&jk=1471544645273787&bg=!4uGl4bXNAAZu7ficTu07ADkAdvg8WsoXoBBd0_149ClqZEJlc0vHMtz0AFQXOB5s-CvySZJflrVvoe7F3Y4nF8vit3eAUaNATocCAAAA_VIAAAACaAEHmQLpWbqapefloZQaYfAcxrUgBwK7WU1pB0114Y66FocZH5mMZghWK-HDmxxr9rYi43mO2txJoGaw0_fUgmCFm2sS4su62p2O_p6uY92-c-s9swRbYfDSE9IwArFdwXHPsYTBQ4PhTpJQgjnsDrCXglPm000OnH76BeKHG5d_itw3E80zu71Zk_g--29gsgHFhdLxrBIudsaorPqW4RxTBPmD3adsPHFLF9rgz91C98urDHPHLWpi1O9FKeE3k_z7-uE-WycCxdNolQIdbPlEgkCIpfPnjR1HMdXhmjyABvVXP7nCOaPJec05hjSzofRabWROk4tWeV-NT8tsQ7e_HccaZdFsVhLzfcYGi9kZTAeTv92toHZr-aa0qSuDpYXobTSJ74Pf8cQMyxU-vlp76hyE5lj2O0-XJRmwk9PTS7gsrRASQ4JTk8lYOtm9CcsdHEYuUCaGKe84DLAEfjEMctkqmxrc7LIMfYl91wuoqQ8_xwJTk_4JiPMSyoumEUnJt_d3yjKXl4TijeWv-b7GuzU-QZBvc7voMYJLR3ou5EkE-OiEPsxvh0iVi_U2vax5Kjk_Jmi53bnzSzbxROAwkTY_UmaIA72TXw5-N8Y9ar0b1GRQxVW6MhyXZZV3vnvACld12D9zmM7pYZO0vJMWj89ZTYaqakwDz5IJx17SyICXKEtTc9bL68i76QAJ1Cw3Yp8K7wEg4woocXtZlb7iATScwDfne59bC7WpnCeJ3oJGUPKwThmm8EDGT5KQZQSEeZubqZ3UZ82xyY_Mx3dCPNxmI_wSQw_J_uzU3RS8QaGr5sORzmGiy43kmXBxaqOIlr2zD_-W6tasZV30_iJ4piSA8Egjv0NUkdUh54Bkhu3Ytivd8uun2E51pago-klOjt8SkLldAOFOIUUtR5hYhJB0NTRiARKcK6DRzVn_2XF_MrYvtvatzhjGsOKx5l247QsurLkXsqXOHEjrM0v2AHP_oruYuWF1QVi2rw Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	d4cbe67efb65d53ace5f7ad535d747c9.jpeg cdn.adviad.io/storage/2023/04/12/d4cbe67efb65d53ace5f7ad535d747c9/ Frame 00E4	90 KB 90 KB	148ms 148ms	Image image/jpeg	104.21.82.248 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adviad.io/storage/2023/04/12/d4cbe67efb65d53ace5f7ad535d747c9/d4cbe67efb65d53ace5f7ad535d747c9.jpeg Requested by Host: cdn.adviad.io URL: https://cdn.adviad.io/storage/2023/04/12/d4cbe67efb65d53ace5f7ad535d747c9/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.248 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40fe0ed7f78b07628d69808e366982c8c68aaee61db1abaf97d10f57906b5a1b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://cdn.adviad.io/storage/2023/04/12/d4cbe67efb65d53ace5f7ad535d747c9/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:25 GMT strict-transport-security max-age=15724800; includeSubDomains cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 240525 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 91688 last-modified Wed, 12 Apr 2023 06:24:25 GMT server cloudflare etag "64364e99-16628" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIDyve9UD5tYnSQE9yPy2LJvtlfDTAcI9xLP25%2FvBVrFUpmSiB4byE%2BCVXKgJKfESLdskwDBUYg0P%2FNI6kJi0CeyxntUHt7MIi6ZTUA7llf8xEGfKPDI9MdmjXEGAVNn"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=304800 accept-ranges bytes cf-ray 7cd3299d0fa63732-FRA
GET H3	200	s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response pagead2.googlesyndication.com/bg/ Frame DBF4	37 KB 14 KB	144ms 143ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software sffe / Resource Hash b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 May 2023 12:51:37 GMT content-encoding br x-content-type-options nosniff age 141468 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14579 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 23 May 2024 12:51:37 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 031C	0 10 B	141ms 140ms	Image text/plain	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?xrDQKQ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f97.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 May 2023 04:09:25 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame DBF4	0 20 B	181ms 181ms	Image image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bemad9DBwZL7jKYn-zQa0paqgDwAAAAA4AeAEAg&bg=!Hh2lHUnNAAZ8_aWmXP07ADkAdvg8WoG86vhdiNAlhLJPoBe3cyaCXRmOszo8dyF8DvnMYPWi0n61ai5EqQ5fhlFA_23Kldkrk-MCAAAAaFIAAAADaAEHCgBTno6xMfPYUFBIRr3N0DMbNm63hjgFFD15OdqG0ZPSdbxlihAwliLRV_dDENm1A9HP1BOTbxK-EuCeQSaZ_QeE6qMrAGH-zt8uN6fArHOEvzMbZCCZAzbp6CvEuCRqkG8xOsgKyBgtvQKmYpPAFVS8fViGGRKsGixC9AWSPGn2-O6f2_ekBAInDrkYjTu8oIPM_ZeDeMP4VPvKw5RApmGLWhISjc8oMVPDrq4yOPT1PHBMl0P-YFNvQNPp9hubjkKKIz1WiOD81-A76MwN2dLKz-4BFo9u4IOc7aWABYCauRkOt210higPO8LutoY34KJq0r31GVnU7-5fY24AVeI3Iss5gX6vkIY3CPBrEnnJmNerEyJIJ_75GuvzoTteVX0iT7D0w0uHxqja8ebfNGXrPNZgc5t0sw0hjBBNap4KXwYfl32BPVKHsPVSaCXW1DR0h8ebnidP2ccoLpL5ZXyldQ3i84yMTABNbupNeopI21P5P-63K90inJTqhg_9NcXI3ey3XxTDN_WHkb_bL80-epFYTgSO_EMtqIqbDthUoF2unVkqgkr9Dj9aiR1BDHIOdODq6QaWlVmaMIj2PTtgVC91UaYcFglabldoyDjyhHzk3ZJaLEph-ba3Mp5Q3QHZp-YXi3DkMJPiGP2U5vVRFjcwOHBKAB5gVtcb_ChOVL_5MKxtrEacx-yzT9cK_bDiFtNjpQGc2EVhtBKqRsPXHBJo1LVuM_3YP37-rNwFSz0i5rQrYIGqYCeH1dDEyaE0D6Qgdjtteu108ZHr8-jclK5ntuiH_sQod8uUXlh6TQiqo569dk0Dw6onkpPm8rLGyK2yRTIOhc2FZJAc09ispIo2qeksXRPXQuzV2ZdF1UEd7bWUiJpsEYXuadROSYp8A3xveTmWRaxuWGUCZ0_f4WRxEVSIk-ULxzVg7fIYAGfaavAu50V9r5zOU5B7PnQOMkWRyb3Xp9DL1KvCFCoDXmp1nBMmRT-T0pYm-6ABHKYD18oiLxrVOcUPZpfXBO1u9-9p9pWHaqhInExYieP0LhTf669kKK0Y5diS8ie1PuMoC6_TiVKLotv6jae5KjF2T0BgZpQudHg259CD4V50iVrEZKLIGaWTXe6yJRYCAR2d-kJu4VpP2HTlVKyykvCAsQZpycat2fZv08UyDBIHty2HJa3PwQ36Jr_weyTU7RzndtmnYO74klC4j9Y Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 4AFB	0 54 B	257ms 257ms	Ping image/gif	142.250.217.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~li41neyz&c=4588205490829&slotId=2294102745414.5&qqid=CKT0j7eOkv8CFQlO4Aod_v4Bmw&fb=outstream-lima&gpm_i=2&gpm_c=2&gpm_a=2&smb=1000&br=283&mt=video%2Fmp4&vs=428x242&msm=1&aits=0%2C18%2C692%2C342&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=342&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1qh&ape=1&ple=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.217.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS mia07s62-in-f3.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:25 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	206	file.mp4 r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4AFB	2 MB 2 MB	281ms 139ms	Media video/mp4	74.125.153.199
General Check archive.org Show headers Download Go to Full URL https://r2---sn-4g5edn6r.c.2mdn.net/videoplayback/id/f640bab4b2b9f3a2/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1716610164/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3560350107909D8F757B55DD0B5EA70E3AAA0A85.4B970F0B2B8D90CD42108CBD83D0FA36C43FE03D/key/cms1/cms_redirect/yes/mh/mw/mip/91.239.206.150/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1685073435/mv/u/mvi/2/pl/25/file/file.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.153.199 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash 835ca853d30e99357a05d7ebc2cbc4f64f971a93a5c006175e872b1d2d9602fd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers expires Fri, 26 May 2023 04:09:26 GMT date Fri, 26 May 2023 04:09:26 GMT x-content-type-options nosniff Content-Range bytes 0-2080736/2080737 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 2080737 last-modified Sun, 21 May 2023 20:33:09 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://dc54915b3d20b7c2cca0095061163981.safeframe.googlesyndication.com client-protocol quic
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame EF8C	0 0	181ms 181ms	Image text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305220101&jk=639065492232696&bg=!DwylDFjNAAZu7ficTu07ADkAdvg8WmigpKCG4soHqQAgLF-cDR9R9ee6F7uDWF1MMDX7mjBjRDX27PailyfefvGUvc3sXMq1iAkCAAAAYlIAAAAGaAEHmQMEvfc_FlDtio6J8RWMRlDdoIy6muWUS5RyxVoPPCDDSTKlUI63J8XtOX5Rme23I4wBwUDq9mTkusPSjWbXVTPxt7H35YCNj0sf7h2H5D75UoRVGtv19qXucl-TvQaWw14t4KH_Q4Z72H3edbsPu2Cz1HVyF1ACA0rHxR9C5P7k5w1reFfseCbViC7E4lKy738jgtCZk8k3BQba6kBRVW1UkQgnV1GFW3DeoBwX0bfVw9ODX8hrJ9BelOpHlSWE_B3nbLQXiMODz0Fz4JE8qTRZvWCoNYtycfb45DgpmlkVcGw_6TO47W48z1sPC4zmAs17WS83xAXJ7sZGdCBOgImTlT7xl8NqOaEJXRwFE1dOr-uRYVIWgMGS38f1YoQIp9XYzyym8f2SxPkszDCnPT5J9qYqCkPZ1qveUT3lS1cDTMFH0L8ixvJfBz-LkgjE2raxiXi610nmPNEwduBjn77fzFCxSqKoHoGiKeWeU7QKe-SdYpOKYstfRssAezXG1QZ5iA4pKQB1z_T90CqhbF_CDQst5hev8HWloqwyGhsVYfL7_Nt4sJZtd-l-hJr4JBPgVAn2oAhttxzAD-OxzO6QTxrIt0yJ2NYYaXONWkGBF2j6b-Pt9A74JEqEClyBm5FkMhnnzUuo3flOjeq1_RxPXXsdernhGZ2ZWcspsQSklz4qfiJQJfTEgjJmTcb6vD0D0jhqdb-1A5ZEAoKKNlLgJiYtMZ6vbrupk7b_F6ZZD2H3raVfzjqI4qYZwq18hAyC1NgcRnCzBKxDIZOVVOl92wKzUO_C-lhILHbpk_Ar48loYBJfArPnZA9o2344DKbWjGUT1viOTiw7p2zhbLKs5T-ONDSzc1IDHr20OJU_bqE1pBDg_7P8UlbL8klyn1ge6J1g7fL8SO54indp7UUei5sXzHfEoo424-EI_IlM_CLl195ULnfFsVXWfSmXSXGKCQriFtewcryrIAC_ukHxOhF6ASiuYNae-teGMO4neo2yqb-v-0qXZX3Ome6Iv-aaPjDpLQ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://03baa24e0d6138a639360ee1993d7fd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8ED1	0 20 B	179ms 178ms	Ping image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9838792766011&version=m202301230201&ct=77&x=1&cor=13286933064471042000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://f2b13fd799275caeb9dae8bb63767c34.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 26 May 2023 04:09:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

d5p.de17a.com

URL

https://d5p.de17a.com/cookies/google?google_gid=CAESEBP0dhSu51918TPKllTIE_s&google_cver=1&google_push=ATf1kGMabqLqMVjMHshcDvEZeIiZAEtQzP73tiixfZIq1xe73TAqw9QrKxaHP47JFeSMvg-oJRJnO347g6nr7YECm3AhQIU1_E0

Domain

d5p.de17a.com

URL

https://d5p.de17a.com/cookies/google?google_gid=CAESEBP0dhSu51918TPKllTIE_s&google_cver=1&google_push=ATf1kGNs1cb8D3aW2cbgFNLGUfFejM8jvozG7jO4WrlpuXb824QVvaFMy0_6sTCZK1AeSjn9rASU1e6FxgO7qLwRFAHiYoEKTPtoMA

Domain

sync.1rx.io

URL

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOJyPaRZorVwyaN_9RFhYl8&google_cver=1&google_push=ATf1kGOb3nWZDi6Kne97Q_qHF2A7pM0iXntPCTjrpfVfwSuqXwxEdo4IqVMvO0cmsdeEvKnF0WbNj378KBrhwUCscVVEUpp7vnC1CA