www.bg3.co Open in urlscan Pro
84.17.37.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao....
Submission: On May 26 via manual (May 26th 2023, 10:51:04 pm UTC) from US — Scanned from GE

Summary HTTP 479 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 93 IPs in 15 countries across 96 domains to perform 479 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	84.17.37.44 84.17.37.44	60068 (CDN77 ^_^) (CDN77 ^_^)
16	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
1 8	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
8	172.67.71.254 172.67.71.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.50.131.209 23.50.131.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.50.131.208 23.50.131.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
38	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	54.168.198.133 54.168.198.133	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
35	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 3	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
2	23.36.163.106 23.36.163.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.36.44 108.138.36.44	16509 (AMAZON-02) (AMAZON-02)
2	54.65.183.34 54.65.183.34	16509 (AMAZON-02) (AMAZON-02)
13	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
7	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	18.66.122.127 18.66.122.127	16509 (AMAZON-02) (AMAZON-02)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1 9	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.156.69.156 35.156.69.156	16509 (AMAZON-02) (AMAZON-02)
1	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT)
4 5	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
4 19	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	52.58.86.197 52.58.86.197	16509 (AMAZON-02) (AMAZON-02)
1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1	178.250.7.10 178.250.7.10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	142.250.74.193 142.250.74.193	15169 (GOOGLE) (GOOGLE)
3	91.228.74.200 91.228.74.200	16509 (AMAZON-02) (AMAZON-02)
19	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
4	13.113.148.165 13.113.148.165	16509 (AMAZON-02) (AMAZON-02)
1	172.64.161.31 172.64.161.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 24	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
3	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
10 11	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
6 7	54.72.87.105 54.72.87.105	16509 (AMAZON-02) (AMAZON-02)
6 7	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
16	172.217.18.97 172.217.18.97	15169 (GOOGLE) (GOOGLE)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	3.233.146.109 3.233.146.109	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
2 2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12 13	35.158.42.58 35.158.42.58	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
2 2	202.241.208.54 202.241.208.54	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	18.196.84.192 18.196.84.192	16509 (AMAZON-02) (AMAZON-02)
1 3	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
4 9	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
12 21	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
2 6	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
3 3	3.127.26.106 3.127.26.106	16509 (AMAZON-02) (AMAZON-02)
3 11	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	34.230.171.182 34.230.171.182	14618 (AMAZON-AES) (AMAZON-AES)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 6	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
6	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.21.20.138 2.21.20.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	178.250.7.2 178.250.7.2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	99.84.88.56 99.84.88.56	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 7	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 3	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
1	213.19.162.37 213.19.162.37	3356 (LEVEL3) (LEVEL3)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	146.20.132.150 146.20.132.150	27357 (RACKSPACE) (RACKSPACE)
5	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
4	87.248.119.251 87.248.119.251	34010 (YAHOO-IRD) (YAHOO-IRD)
1	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
1	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	13.32.99.85 13.32.99.85	16509 (AMAZON-02) (AMAZON-02)
1	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	3.124.225.209 3.124.225.209	16509 (AMAZON-02) (AMAZON-02)
3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 4	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.125.82.56 3.125.82.56	16509 (AMAZON-02) (AMAZON-02)
1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	52.213.148.186 52.213.148.186	16509 (AMAZON-02) (AMAZON-02)
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
9	52.213.50.95 52.213.50.95	16509 (AMAZON-02) (AMAZON-02)
1 1	54.160.251.62 54.160.251.62	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.64.189.110 185.64.189.110	() ()
1	104.26.10.209 104.26.10.209	() ()
10	52.210.15.1 52.210.15.1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.185.171 52.17.185.171	() ()
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
479	93

1 84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.96.203.13 (Fort Scott, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.131.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-209.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.50.131.208 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-208.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.168.198.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-198-133.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.163.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-106.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-44.muc50.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.65.183.34 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-183-34.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

adservice.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-127.fra60.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adpushup-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.69.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-69-156.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.85 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 51.89.9.254 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.86.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-86-197.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (North Holland, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.193 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net

691e9e2891f8a25b4776585bf50a05ef.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
be0782d7f8c2998aa76bc9e852638eb0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
66570716e3c675b4a2b3351a14a05cf3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

d-1405376643990224854.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.113.148.165 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-148-165.ap-northeast-1.compute.amazonaws.com

b.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.161.31 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.33.220.150 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.72.87.105 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-87-105.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.75.62.37 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.146.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-109.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (Alexandria, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.158.42.58 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-42-58.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.30 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.241.208.54 (Japan) 2 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.84.192 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-84-192.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.94 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.162 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.93.169.131 (United States) 2 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.139.93 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.34.64 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.26.106 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-26-106.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.230.171.182 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-171-182.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.239.72 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-138.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-56.muc50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.37 (United Kingdom)

ASN3356 (LEVEL3, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.20.132.150 (United States) 1 redirects

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.248.119.251 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-85.fra60.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.225.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-225-209.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.248 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.18 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.82.56 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-82-56.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.148.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-148-186.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.213.50.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.251.62 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-251-62.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (None, ) 1 redirects

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.10.209 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.185.171 (None, ) 2 redirects

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 899 trc.taboola.com — Cisco Umbrella Rank: 635 vidstat.taboola.com — Cisco Umbrella Rank: 2666 il-trc-events.taboola.com — Cisco Umbrella Rank: 21088 images.taboola.com — Cisco Umbrella Rank: 1972 imprammp.taboola.com — Cisco Umbrella Rank: 14039 am-match.taboola.com — Cisco Umbrella Rank: 14084 wf.taboola.com — Cisco Umbrella Rank: 2741 am-vid-events.taboola.com — Cisco Umbrella Rank: 13207 sync.taboola.com — Cisco Umbrella Rank: 882 sync-t1.taboola.com — Cisco Umbrella Rank: 1288 match.taboola.com — Cisco Umbrella Rank: 4534 pips.taboola.com — Cisco Umbrella Rank: 1575 cds.taboola.com — Cisco Umbrella Rank: 1782 vidstatb.taboola.com — Cisco Umbrella Rank: 4552 am-wf.taboola.com — Cisco Umbrella Rank: 15321	827 KB
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 691e9e2891f8a25b4776585bf50a05ef.safeframe.googlesyndication.com be0782d7f8c2998aa76bc9e852638eb0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132 66570716e3c675b4a2b3351a14a05cf3.safeframe.googlesyndication.com	539 KB
43	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337	511 KB
24	rubiconproject.com 9 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811 fastlane.rubiconproject.com — Cisco Umbrella Rank: 469 pixel.rubiconproject.com — Cisco Umbrella Rank: 315 eus.rubiconproject.com — Cisco Umbrella Rank: 566 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 967 token.rubiconproject.com — Cisco Umbrella Rank: 573 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10109 pixel-eu.rubiconproject.com Failed secure-assets.rubiconproject.com Failed	51 KB
19	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 729	9 KB
16	yahoo.com 12 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272 ads.yap.yahoo.com — Cisco Umbrella Rank: 11518 geo.yahoo.com — Cisco Umbrella Rank: 1473	10 KB
16	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 373	327 KB
13	bidswitch.net grid.bidswitch.net Failed x.bidswitch.net — Cisco Umbrella Rank: 290	4 KB
13	smartadserver.com 3 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1638 ssbsync.smartadserver.com — Cisco Umbrella Rank: 724 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1633	10 KB
12	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 508 eb2.3lift.com — Cisco Umbrella Rank: 358	6 KB
12	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	4 KB
12	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 17082 e3.adpushup.com — Cisco Umbrella Rank: 18833	256 KB
11	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1404 usersync.gumgum.com — Cisco Umbrella Rank: 1728	4 KB
11	adsrvr.org 10 redirects match.adsrvr.org — Cisco Umbrella Rank: 306	6 KB
11	openx.net 2 redirects adpushup-d.openx.net — Cisco Umbrella Rank: 18092 u.openx.net — Cisco Umbrella Rank: 619 eu-u.openx.net — Cisco Umbrella Rank: 2294 us-u.openx.net — Cisco Umbrella Rank: 436	14 KB
10	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 273 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950	7 KB
10	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1950 Failed public.servenobid.com — Cisco Umbrella Rank: 3536	7 KB
10	aralego.com 3 redirects ads.aralego.com — Cisco Umbrella Rank: 27434 sync.aralego.com — Cisco Umbrella Rank: 2732 agent.aralego.com — Cisco Umbrella Rank: 291919	6 KB
8	pubmatic.com 4 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 660 image8.pubmatic.com — Cisco Umbrella Rank: 641 ads.pubmatic.com — Cisco Umbrella Rank: 492 image2.pubmatic.com image6.pubmatic.com Failed	13 KB
8	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 12848	122 KB
7	casalemedia.com htlb.casalemedia.com Failed dsum-sec.casalemedia.com Failed ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	9 KB
7	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 62147 sync.logly.co.jp — Cisco Umbrella Rank: 70797 b.logly.co.jp — Cisco Umbrella Rank: 69451	5 KB
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 413 bidder.criteo.com — Cisco Umbrella Rank: 723 dis.criteo.com — Cisco Umbrella Rank: 575	2 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	240 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 214 acdn.adnxs.com Failed secure.adnxs.com Failed	14 KB
5	google.ge adservice.google.ge — Cisco Umbrella Rank: 73522	1 KB
4	mathtag.com 4 redirects sync.mathtag.com — Cisco Umbrella Rank: 482	2 KB
4	yimg.com s.yimg.com — Cisco Umbrella Rank: 558	57 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1572	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	480 B
3	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 629
3	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	1 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 339	988 B
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 961	2 KB
3	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 550	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 562 cm.adform.net Failed	2 KB
3	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 113506	29 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 970 cms.quantserve.com — Cisco Umbrella Rank: 686 pixel.quantserve.com — Cisco Umbrella Rank: 790	10 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 30153 audiencedata.im-apps.net — Cisco Umbrella Rank: 31017	4 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 155	3 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 531	701 B
2	360yield.com 2 redirects ad.360yield.com	645 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3942	1 KB
2	lkqd.net 1 redirects cs.lkqd.net — Cisco Umbrella Rank: 2825	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	55 KB
2	metadsp.co.uk 2 redirects u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4260	908 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 645	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2848	633 B
2	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 969	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	82 KB
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 756006	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	913 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 696	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 25725	11 KB
1	ad4m.at ad4m.at
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1295	274 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 232	667 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 620 cdn.indexww.com Failed	2 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	54 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 918	633 B
1	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1928	296 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2388	467 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1160	188 B
1	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10381	253 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 25680	2 KB
1	ampproject.net d-1405376643990224854.ampproject.net
1	media.net prebid.media.net Failed hbx.media.net — Cisco Umbrella Rank: 1194	616 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 855	167 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	1 KB
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 107391	16 KB
1	bg3.co www.bg3.co static.bg3.co Failed	16 KB
0	admanmedia.com Failed cs.admanmedia.com Failed
0	iqzone.com Failed cs.iqzone.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	technoratimedia.com Failed sync.technoratimedia.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	admedo.com Failed pool.admedo.com Failed
0	adotmob.com Failed sync.adotmob.com Failed
0	dotomi.com Failed casale-match.dotomi.com Failed
0	digitaleast.mobi Failed euexchangesync.digitaleast.mobi Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	loopme.me Failed csync.loopme.me Failed
0	sonobi.com Failed sync.go.sonobi.com Failed
0	rfihub.com Failed p.rfihub.com Failed
0	yellowblue.io Failed cs-server-s2s.yellowblue.io Failed
0	adkernel.com Failed sync.adkernel.com Failed
0	minutemedia-prebid.com Failed cs-rtb.minutemedia-prebid.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	1rx.io Failed sync.1rx.io Failed
0	id5-sync.com Failed id5-sync.com — Cisco Umbrella Rank: 421 Failed
0	lijit.com Failed ce.lijit.com Failed ap.lijit.com Failed
0	omnitagjs.com Failed hb-api.omnitagjs.com Failed visitor.omnitagjs.com Failed
0	teads.tv Failed a.teads.tv Failed
479	96

	Domain	Requested by
35	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co googleads.g.doubleclick.net www.googletagservices.com
21	cm.g.doubleclick.net	12 redirects www.bg3.co eus.rubiconproject.com googleads.g.doubleclick.net u.openx.net onetag-sys.com eb2.3lift.com g2.gumgum.com
19	il-trc-events.taboola.com	www.bg3.co
19	onetag-sys.com	4 redirects cdn.adpushup.com onetag-sys.com public.servenobid.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co pagead2.googlesyndication.com
16	cdn.ampproject.org	www.bg3.co cdn.ampproject.org securepubads.g.doubleclick.net
15	cdn.taboola.com	www.bg3.co cdn.taboola.com
13	x.bidswitch.net	12 redirects onetag-sys.com
13	sync.taboola.com	2 redirects imprammp.taboola.com am-match.taboola.com www.bg3.co eus.rubiconproject.com
13	securepubads.g.doubleclick.net	cdn.aralego.net cdn.adpushup.com securepubads.g.doubleclick.net www.bg3.co www.googletagservices.com
11	eb2.3lift.com	3 redirects www.bg3.co cdn.adpushup.com eb2.3lift.com
11	match.adsrvr.org	10 redirects cdn.adpushup.com
10	usersync.gumgum.com	g2.gumgum.com
9	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com onetag-sys.com
9	ads.servenobid.com	cdn.adpushup.com public.servenobid.com ssbsync.smartadserver.com onetag-sys.com ssum-sec.casalemedia.com g2.gumgum.com
8	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
7	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com
7	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com onetag-sys.com ssum-sec.casalemedia.com
7	ups.analytics.yahoo.com	6 redirects onetag-sys.com
7	pr-bh.ybp.yahoo.com	6 redirects ssum-sec.casalemedia.com
7	images.taboola.com	www.bg3.co
7	trc.taboola.com	cdn.taboola.com imprammp.taboola.com am-match.taboola.com www.bg3.co
7	e3.adpushup.com	www.bg3.co
6	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com www.bg3.co cdn.adpushup.com
6	www.google.com	1 redirects tpc.googlesyndication.com www.bg3.co
6	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org www.bg3.co pagead2.googlesyndication.com
6	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net cdn.ampproject.org
5	s0.2mdn.net	www.bg3.co s0.2mdn.net
5	sync-t1.taboola.com	am-match.taboola.com www.bg3.co
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	ib.adnxs.com	4 redirects cdn.adpushup.com
5	adservice.google.ge	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
5	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
4	image8.pubmatic.com	3 redirects onetag-sys.com
4	sync.mathtag.com	4 redirects
4	s.yimg.com	ad.sitemaji.com s.yimg.com adx.holmesmind.com
4	token.rubiconproject.com	4 redirects
4	ads.betweendigital.com	3 redirects www.bg3.co
4	rtb-csync.smartadserver.com	1 redirects www.bg3.co ssbsync.smartadserver.com
4	www.google-analytics.com	www.bg3.co cdn.ampproject.org www.googletagmanager.com
4	b.logly.co.jp	www.bg3.co
4	prg.smartadserver.com	cdn.adpushup.com
3	us-u.openx.net	1 redirects u.openx.net
3	id.rlcdn.com	www.bg3.co onetag-sys.com
3	match.sharethrough.com	www.bg3.co public.servenobid.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	px.ads.linkedin.com	1 redirects eus.rubiconproject.com eb2.3lift.com
3	u.openx.net	1 redirects www.bg3.co cdn.adpushup.com
3	rtb.mfadsrvr.com	3 redirects
3	bh.contextweb.com	2 redirects www.bg3.co
3	ssbsync.smartadserver.com	1 redirects www.bg3.co public.servenobid.com
3	c1.adform.net	3 redirects
3	ad.sitemaji.com	adx.holmesmind.com agent.aralego.com
3	adpushup-d.openx.net	cdn.adpushup.com
3	gum.criteo.com	cdn.taboola.com cdn.adpushup.com
3	sync.aralego.com	ads.aralego.com www.bg3.co
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.bg3.co
2	creativecdn.com	2 redirects
2	ad.360yield.com	2 redirects
2	ads.pubmatic.com	public.servenobid.com g2.gumgum.com
2	googleads4.g.doubleclick.net	www.bg3.co
2	ads.creative-serving.com	2 redirects
2	ssbsync-global.smartadserver.com	1 redirects onetag-sys.com
2	eu-u.openx.net	u.openx.net
2	am-wf.taboola.com	vidstat.taboola.com
2	cs.lkqd.net	1 redirects googleads.g.doubleclick.net
2	static.criteo.net	cdn.adpushup.com static.criteo.net
2	u.ipw.metadsp.co.uk	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	dis.criteo.com	2 redirects
2	ih.adscale.de	2 redirects
2	tg.socdm.com	2 redirects
2	agent.aralego.com	2 redirects
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	prebid-server.rubiconproject.com	cdn.adpushup.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	ad4m.at	ssum-sec.casalemedia.com
1	image2.pubmatic.com	1 redirects
1	hbx.media.net	1 redirects
1	ssp.disqus.com	1 redirects
1	g2.gumgum.com	public.servenobid.com
1	c.bing.com	eb2.3lift.com
1	pixel.quantserve.com	www.bg3.co
1	cms.quantserve.com	u.openx.net
1	js-sec.indexww.com	cdn.adpushup.com
1	public.servenobid.com	cdn.adpushup.com
1	fonts.gstatic.com	fonts.googleapis.com
1	geo.yahoo.com	adx.holmesmind.com
1	ads.yap.yahoo.com	s.yimg.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	beacon-ams3.rubiconproject.com	www.bg3.co
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	66570716e3c675b4a2b3351a14a05cf3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	qsearch-a.akamaihd.net	www.bg3.co
1	vidstatb.taboola.com	www.bg3.co
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	t.adx.opera.com	www.bg3.co
1	match.taboola.com	www.bg3.co
1	simage2.pubmatic.com	www.bg3.co
1	trace.mediago.io	1 redirects
1	stats.g.doubleclick.net	cdn.ampproject.org
1	http-intake.logs.datadoghq.com	cdn.adpushup.com
1	imprammp.taboola.com	vidstat.taboola.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-1405376643990224854.ampproject.net	cdn.ampproject.org
1	be0782d7f8c2998aa76bc9e852638eb0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	secure.quantserve.com	cdn.adpushup.com
1	691e9e2891f8a25b4776585bf50a05ef.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bidder.criteo.com	cdn.adpushup.com
1	prebid.a-mo.net	cdn.adpushup.com
1	tlx.3lift.com	cdn.adpushup.com
1	fastlane.rubiconproject.com	cdn.adpushup.com
1	cdn.jsdelivr.net	cdn.adpushup.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	l.logly.co.jp	nt.compass-fit.jp
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	cs.admanmedia.com Failed	g2.gumgum.com
0	cs.iqzone.com Failed	g2.gumgum.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.technoratimedia.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	sync.outbrain.com Failed	g2.gumgum.com
0	pool.admedo.com Failed	g2.gumgum.com
0	secure.adnxs.com Failed	g2.gumgum.com
0	sync.adotmob.com Failed	ssum-sec.casalemedia.com
0	casale-match.dotomi.com Failed	ssum-sec.casalemedia.com
0	cdn.indexww.com Failed	ssum-sec.casalemedia.com
0	euexchangesync.digitaleast.mobi Failed	ssum-sec.casalemedia.com
0	sync-tm.everesttech.net Failed	ssbsync.smartadserver.com g2.gumgum.com
0	csync.loopme.me Failed	ssbsync.smartadserver.com
0	visitor.omnitagjs.com Failed	ssbsync.smartadserver.com
0	cm.adform.net Failed	public.servenobid.com
0	sync.go.sonobi.com Failed	public.servenobid.com
0	p.rfihub.com Failed	public.servenobid.com ssum-sec.casalemedia.com
0	ap.lijit.com Failed	public.servenobid.com
0	cs-server-s2s.yellowblue.io Failed	public.servenobid.com
0	sync.adkernel.com Failed	public.servenobid.com g2.gumgum.com
0	cs-rtb.minutemedia-prebid.com Failed	public.servenobid.com
0	secure-assets.rubiconproject.com Failed	public.servenobid.com g2.gumgum.com
0	b1sync.zemanta.com Failed	eb2.3lift.com g2.gumgum.com
0	pixel-eu.rubiconproject.com Failed	onetag-sys.com
0	sync.1rx.io Failed	www.bg3.co public.servenobid.com
0	acdn.adnxs.com Failed	cdn.adpushup.com
0	dsum-sec.casalemedia.com Failed	googleads.g.doubleclick.net ssum-sec.casalemedia.com
0	id5-sync.com Failed	www.bg3.co
0	ce.lijit.com Failed	www.bg3.co public.servenobid.com
0	htlb.casalemedia.com Failed	cdn.adpushup.com
0	hb-api.omnitagjs.com Failed	cdn.adpushup.com
0	prebid.media.net Failed	cdn.adpushup.com
0	grid.bidswitch.net Failed	cdn.adpushup.com
0	a.teads.tv Failed	cdn.adpushup.com
0	static.bg3.co Failed	www.bg3.co
479	166

This site contains links to these domains. Also see Links.

Domain
dsp.logly.co.jp
a-great-intl-unsold-suvs.fyi
popup.taboola.com
www.tips-and-tricks.co
foodworldblog.com
redirectsystems.com
business-loans.world
dailyredirect.com
celebapex.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
cdn.adpushup.com R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com.ge GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-04-10` - `2023-07-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.a-mo.net R3	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
feebee.com.tw R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh

This page contains 62 frames:

Primary Page: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Frame ID: C857C9A92A573806FFA4702902F69832
Requests: 186 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 88360EDF443489BCF0D676406BDAE58E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: DB3AA251AE02B3FDBA6CFE9FEF287AD9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9CBF5E5E7143FA14E04AB0A37B3B7FCF
Requests: 10 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: BEF90297B74C3FEB1F50A41E54B10CD8
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 3F56A72BCE47499F104CB3CA87DBC781
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Frame ID: 84AAB2DCDFA5D2CCF66C02EA288601C9
Requests: 5 HTTP requests in this frame

Frame: https://691e9e2891f8a25b4776585bf50a05ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E912ADD37613034E2C3431415B9D1A01
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Frame ID: 899859A92A5D1FEF9715E61B33189C16
Requests: 5 HTTP requests in this frame

Frame: https://be0782d7f8c2998aa76bc9e852638eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 78874531BDD3A22D615DF6C6BFBD1857
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1685141455356&uv=131781256&tms=1685141455356&abt=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ac5c0029-7db2-4dd2-93b8-509ba87392bb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D93C754175592071D4B54BE2994DC8A9
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2CEDE37DF0B1EC64A2D9E25EA730AD65
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-355271638649975683&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3302&oid=2&is_amp=5&amp_v=2305051745001&d_imp=1&c=25177008260&ga_cid=amp-yruezQbeCIgT25YV1gk77w&ga_hid=8260&dt=1685141455336&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&bdt=5339&dtd=32&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: A8EAD8C39A930B32C1B3523723D8676F
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZHE30cCo5uYAALE-e7wAAAAA
Frame ID: 9F80B37D8AB527DEA1B9A039880205EC
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D0A3F2843766922E9483553D62988B7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D69E4EDD006703CB29D54BB736C67337
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2EAAD541E02741F77CC1F80B92D45CA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A78C78174DD758EA5841D617CE141F1A
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 86E629D1BFC07A300E3D95BEFB5DADB8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: AB4A3C68F8BF8C44B17AC9235F6551A1
Requests: 11 HTTP requests in this frame

Frame: https://66570716e3c675b4a2b3351a14a05cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BBD51A852E9B6C545F1031F04A15F8A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0EAC6E6BB10F20983A447A3ED52D3C7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F66670C3643584109879D6906D69968
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Frame ID: 2CF7D12D540A8242D3D79D7921295BF8
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSZVWkjYiXH3AXxfra5Ipb-jj_gX7wTZYtLtHxNBtuJnP_Bpcv4xnH-ZZ7FUYSeqqK-A_JOYBwNlJ79EZBiw97fB80UYuvmB44q_gwMEWolZ9ZCEDEuf7TK9mW23UNS3vT3C817ZaOlvDzP2s8nrBz5ByfjNOKywSf7vvIcOWiCNYNzLC-j8iPdja9eoL70JY71pCylGp0n0zZnMG0u-dOT6VamsZMLkEphYxXnrYZhLjgGL4xmv-4nfMMIFO2glzoA6ribynrgiG0J01z9OHOFZGCT95La99M8YDOMiYSvx9gXsNX7xmMKdjv&sai=AMfl-YTLCxhqH03alJPlZsniG7hvb4lOgErdd4NlSrflG2rDoJ05vN4sg0zQly-irGMTrWaMXlsYuLnn1aAV32RXXxK10BM4krHH_1z1pBb6lz36veCNGh1vuyJLpgC36g&sig=Cg0ArKJSzNNcWaIBx00REAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 081902F008441C0F95A00EAEE1A2F569
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiutpgCENGwxMYDGMSM_-ABMAE&v=APEucNUyq5yXy3tV-jnFqfJZr10emz-8ebyZVeA-J7UEm_YHsDSm5m9TsVOIZXiBn9ZU52OSLEpErtTqsK5OyUo8IEOIxcHPFA
Frame ID: 76E67E6E08DE2447DE1C4D885196ABEB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6DB8FB2E599F400C692DE5E5EDC8A22D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B07B275FD6E93743684417C2E1B72B0A
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/ysm_bg3.js
Frame ID: D633C46B01900D5BFA6B5129493BF08F
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Frame ID: ABA390F7DEF26659D48F1282A76BFF38
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F771BC92C9267F4C4E45E6E63FFFB216
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: B4F745CAB5C149E7356F1D08A8A27F1E
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1B37402303895CF38810919A59393F22
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E5240CD6D3BDF1D905F5F50E59DDDE73
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1685141455070
Frame ID: A37AAB5DA5D539C50912C20D2147C44D
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 946F3E5EC82160834A0566E539DAF8A2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 86E70C092A5BC617C4482E8D74E30A8B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 95C399A89F6F55B7FAF4A84E4A7CF501
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/index.html
Frame ID: 88930C8B5477D4B8806A73E37599FBED
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8F025A9683972FD1923E8925D869D5EE
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: FA143D2144A9C42D6983494D72E63AAC
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 61FC996355547F35C91774BA2562EA66
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: E701CC2104B88496375C288B04CE361C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 17BA9623F92BE28C4442EF93B2BE1FD3
Requests: 10 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
Frame ID: 693196C28FB4E91E7729949D8334735D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 916F94C26C900513AE27307263E214F3
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: A35055252BE6D1665F4A51BC40AE2223
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 3B38C8394099241611BF82542B2ECC27
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 0C4C8D93763B357922DC5DB4C897D9E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.aralego.com/sdk
Frame ID: BCEF9933AB1ED03A4E4EDD59C5982172
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 440B850E3EF5E7B8D1A350F3A4261090
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: CF4CDF7BEE4C58EE60E07FFF26F4B48D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 420330294B318631AE27A444ACF677C8
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
Frame ID: 4F1CCE05F72DEF1272422835BBEAE108
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=
Frame ID: 36108E6151149AADECA844D7140152BC
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 74CCA087B0F0D33F9FF8F21D4A6567AC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMGU0ZjE2MC0yYjIxLTRhNmYtOGYyNy0xY2RiNjI0ZjdmNTc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 6EA47D4538546311B30B42E293CC4DD6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZHE30cCo5uYAALE-e7wAAAAA
Frame ID: 09A7ACE5BAC73BB4945833B58D42CE82
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 5E19F52F0AFF3487D5D9CA5B8BDCC62D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 31A12C17CD068E0FEBAEDC62040E84A9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=2dSEJAJub1ah0FLYdSj4&pi=gumgum&tc=1
Frame ID: 6EA6949C9B61D1C38D0AB2151186CCF3
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Frame ID: 3CF0E3C6BE487F27004A79242B90D7C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

天寧各自爆緋聞　黃鐙輝勸雙方複合：一直希望他們和好 - 天天要聞

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

479
Requests

66 %
HTTPS

0 %
IPv6

96
Domains

166
Subdomains

93
IPs

15
Countries

3400 kB
Transfer

10480 kB
Size

127
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://dsp.logly.co.jp/click?ad=4AG4hpsDG-ThFG8Ali5jvV7w7uqTbvm6IZN8rbF1zoEEgm6_ppQpgD3AKw1PKJC2aglwBxzX6UYvqtnUEjU_92fRwdHfEaMb4FtSX4aoe8onN2P5fkrIHK-y4wMQTUS4Q7Npu43L-h3RTMZVqu02VJf6QbxKvHlCYX3FKltL8PG_564J9y0ls9qfhYwK9knnyvCGKUaFpcrDXuDMLBAOFkIPkgF1t4qPaU_sQF7Q8WuD_l8tRzdsNmg-J9okh-z8HZUH1TzTQu20zEUeIfobBf_h9peghk334c7sCU057pMXmhxqBo8FCx8cE1Nw1XXAa1C3x4B84VgdB7LHeqAgMDnWnczWqbl9_ihPlvW_8a26oGgGzHoBAIIR8NZv3IDS8e3tsyWpyeZs4nq2YRlkSZz2kQl0rkiPbknoG5opuhuNnuLct6Ay6zFrTwX6O9FEZyA96rNvgujlvhUH5JwR0mCpH3NX0FCBITx4C3Nd1-EXkmlnWhh3TrHtFvN7NJsoB8SXfdIcKLqbe5CUxgf5hpyN-iWYHA_GpzZDcAtY3-ip0-xNbRvpOQ

Search URL Search Domain Scan URL

URL: https://dsp.logly.co.jp/click?ad=4AG4hpsDG-ThFG8Ali5jvV7w7uqTbvm6EtJ5eLuJDWn_JXTZLGHZFHxDACayOF5C9ZfrF9v_Ux9Ti0q5vqwgJdUfxqmdLuFYvW6SPlUE1aRbAIJg-A3_y8_liT8nT_lgkoVk2X9rUyrtmyK8JWR51GnqFPva-C2iVmr77OjQLUSEsjx75n5xw580pFmw5Nrk6Scf6quvg2FG483LCfDnSWuccyoxRMNo47vwNEfaXTbz6b_s2rLUmH_HKOYpG8IrkSuS_a2jGZTtswUTSjAPrgJnDJAkBHl7fLQVMrvhv25XOE2GZ0PM2BWeFNocCFUGzHJsgUa5PqjBvpsMMPpG2ZLExCijoIS6LB2AZrZIo6G84i_nstpHUNpPM9YnEKMrwLh_daqfvu4feboiKm1jzEUJkiCYeR9DFl6m59-zF1JzugSGUJdN67ulYZ9NAJCgCxt8ySotvj9SdDQwTad3x6s6WVTAwvi--0KmdKV5TufMHYASTvlx17CLYiPiz8JX2S0uraTUQKlHcAzg-1YcGcfH0m3hoj7sh2kTkC3UUBg2y2kcJbk3Nw

Search URL Search Domain Scan URL

URL: https://dsp.logly.co.jp/click?ad=4AG4hpsDG-ThFG8Ali5jvV7w7uqTbvm6EtJ5eLuJDWnGpJT5-g4In4yHtvk5oon-FvKcBiYebTKre2uSY1b4AwhLe0OafsIrnRS59S_6GdrJFsm8w1TEvcapv6WzBknsneHl51wroeOxzbtSEcEIAi6AOYNWWcX2g5POkfUnDHjBg-vZGiQXgZh0UOtR96NNE6NRJiwYrEjv70qis4IZqiN6BLBIS3tenWsNlR2BZ_feXaqcjGDlRdCSl3s00hsd5YWZrBM5RzUBDOVC1qa7DMkVILGUUaLuFwmbsl6kp97EcT6lIA0pBBBSfTZnJkEQoGRul4_OpQ7vFgTwpJosvWrP_00hMgF5IAbU24nTwWN5oAxgtDjRyrBzIYILhWrU40V4SrE95azjHgnrCkF_wa8B5bhH_TD9EmrLN5w-7OmcGckzTfDU6XVmLctUU7xcON9VYuBpCmLp5lzV0ifE70B1uqDeVYpMt5ramKJEPBcozIcgfEDqgEFgJGWFGMVH0zBIjRc0ZaJOpSIImEJDWMBMCIHjSQX13S-sCG6253rlV7m4yvEJgA

Search URL Search Domain Scan URL

URL: https://a-great-intl-unsold-suvs.fyi/
Title: Unsold New SUV | Search

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.tips-and-tricks.co/home-and-garden/airplane-home/
Title: Tips and Tricks

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://foodworldblog.com/20-surprising-uses-of-banana-peel/
Title: Food World Blog.com

Search URL Search Domain Scan URL

URL: https://redirectsystems.com/
Title: Dubai Properties | Search Ads

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://business-loans.world/
Title: Business Loans | Search Ads

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://dailyredirect.com/
Title: Dubai Real Estate

Search URL Search Domain Scan URL

URL: https://celebapex.com/older-hollywood-stars-you-didnt-know-are-still-alive-and-kicking/
Title: CelebApex.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 72

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1685141453993&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&c8=%E5%A4%A9%E5%AF%A7%E5%90%84%E8%87%AA%E7%88%86%E7%B7%8B%E8%81%9E%E3%80%80%E9%BB%83%E9%90%99%E8%BC%9D%E5%8B%B8%E9%9B%99%E6%96%B9%E8%A4%87%E5%90%88%EF%BC%9A%E4%B8%80%E7%9B%B4%E5%B8%8C%E6%9C%9B%E4%BB%96%E5%80%91%E5%92%8C%E5%A5%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1685141453993&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&c8=%E5%A4%A9%E5%AF%A7%E5%90%84%E8%87%AA%E7%88%86%E7%B7%8B%E8%81%9E%E3%80%80%E9%BB%83%E9%90%99%E8%BC%9D%E5%8B%B8%E9%9B%99%E6%96%B9%E8%A4%87%E5%90%88%EF%BC%9A%E4%B8%80%E7%9B%B4%E5%B8%8C%E6%9C%9B%E4%BB%96%E5%80%91%E5%92%8C%E5%A5%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=

Request Chain 84

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1685141454&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685141453182&bpp=11&bdt=1576&idt=1207&shv=r20230523&mjsv=m202305230101&ptt=5&saldr=sa&correlator=4171900935031&frm=23&ife=1&pv=2&ga_vid=587629000.1685141454&ga_sid=1685141454&ga_hid=479827999&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3238&biw=1600&bih=1200&isw=336&ish=280&ifk=525238125&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44788441%2C44789779&oid=2&pvsid=3902658446120490&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j6ttd4fr04ee&btvi=1&fsb=1&dtd=1236 HTTP 302
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

Request Chain 118

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1685141454&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685141453099&bpp=11&bdt=1510&idt=1605&shv=r20230523&mjsv=m202305230101&ptt=5&saldr=sa&correlator=4171900935031&frm=23&ife=1&pv=1&ga_vid=1652516089.1685141455&ga_sid=1685141455&ga_hid=199517456&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=4105019100&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788441%2C44790154%2C44789816&oid=2&pvsid=2745031574711910&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.yx8i46g34zqh&fsb=1&dtd=1636 HTTP 302
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

Request Chain 176

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3

Request Chain 177

https://pr-bh.ybp.yahoo.com/sync/taboola/3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-3BEgIZ5E2oRbUOzV0._tXgDkcx2PNUN6gUWq0g--~A

Request Chain 178

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XDJq2P1E2uG0y_ZSr4oi1puO_WiAnwjl~A&gdpr_in_effect=0

Request Chain 186

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 189

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 191

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3

Request Chain 192

https://pr-bh.ybp.yahoo.com/sync/taboola/3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VgHV15BE2oSX2NyF5ffKGhmnf6Xty4uvjNhsag--~A

Request Chain 193

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=7683554565452013913&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183

Request Chain 201

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZHE30cCo5uYAALE-e7wAAAAA

Request Chain 202

https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=04e57c9ed2a3466fbb657efdde0f6047 HTTP 302
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=04e57c9ed2a3466fbb657efdde0f6047

Request Chain 204

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LI55POGL-P-CM9A

Request Chain 205

https://pr-bh.ybp.yahoo.com/sync/taboola/3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VgHV15BE2oSX2NyF5ffKGhmnf6Xty4uvjNhsag--~A

Request Chain 206

https://trace.mediago.io/ju/cs/taboola HTTP 302
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=fce66360a2846e66b67f606a073ad226

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEB_yj3_ttENKze87vmnW52Q&google_cver=1

Request Chain 209

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e

Request Chain 210

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3

Request Chain 214

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a

Request Chain 215

https://id5-sync.com/s/464/9.gif?puid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&ttl=%%TTL%% HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ff96r1YrY71pupNczxMSV4rM5LkNhfE-eOMSPzwp3w&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/3/5/3.gif?puid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/4/4.gif?puid=46b58532ddf468f20407502538777278&gdpr=0&gdpr_consent= HTTP 302
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/285.gif?puid=LI55POGL-P-CM9A&gdpr=0 HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=46b58532ddf468f20407502538777278&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=46b58532ddf468f20407502538777278&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/485/2/6.gif?puid=63688520227944709111107928925722670841&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/1/7.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/2/1/7.gif?puid=4527130612681197971&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/id5?uid=ID5-ff96r1YrY71pupNczxMSV4rM5LkNhfE-eOMSPzwp3w&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F464%2F121%2F0%2F8%2Fgif%2F0%2F0%2F HTTP 302
https://id5-sync.com/a/464/121/0/8/gif/0/0/ZGwAAmRxN9cAAAAIKlY8Aw==

Request Chain 216

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=d029fb03-12a7-5293-af8e-d646cbffe197&ssp=taboola&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183

Request Chain 217

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=280ffc3e-3a7c-46b3-9d50-6db7f323fd36 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=280ffc3e-3a7c-46b3-9d50-6db7f323fd36&tbid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&query=taboola_hm%3D280ffc3e-3a7c-46b3-9d50-6db7f323fd36&isDirect=0

Request Chain 219

https://eb2.3lift.com/xuid?mid=7772&xuid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&dongle=tbla&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

Request Chain 220

https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=clIfNpQGX-VGmsIYy0jvvFvvzpk

Request Chain 221

https://x.bidswitch.net/sync?dsp_id=453&user_id=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=707a5598-5816-46da-9ae1-f3aa7f052183 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=707a5598-5816-46da-9ae1-f3aa7f052183&crf=1

Request Chain 223

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=57931379-01f8-4ece-b4f9-af32fa4fc8f9

Request Chain 242

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XDJq2P1E2uG0y_ZSr4oi1puO_WiAnwjl~A&gdpr_in_effect=0

Request Chain 243

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=7eddbb1a-a488-470e-9fc1-4cc7c3819ae1&ssp=taboola&bsw_param=707a5598-5816-46da-9ae1-f3aa7f052183 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183

Request Chain 265

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LI55POGL-P-CM9A HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LI55POGL-P-CM9A&gdpr=0&us_privacy=1---

Request Chain 269

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTNlZDg0NGNlOTUwOWY0NDdjYWY2YTkzMjE4MTJhYzYxZjA1NjZlMQ&gdpr=0&us_privacy=1---

Request Chain 270

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEIJJY2opXsNCIy_1kvE_nKw&google_cver=1

Request Chain 271

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI55POGL-P-CM9A&gdpr=0&us_privacy=1---

Request Chain 272

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/4Ht7oIHGzwuFWpGMTVIXFQ?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C_HINM1E2oJBDX_.VPixpe6DvuaFB.2_kvxNuw--~A

Request Chain 273

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=&expires=30

Request Chain 274

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7Zm01dslTM2c7s9DcQue_A&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7Zm01dslTM2c7s9DcQue_A&gdpr=0

Request Chain 275

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEk1NVBPR0wtUC1DTTlB&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEARc1Zr6R6HvVWAjy4b2-GM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk1NVBPR0wtUC1DTTlB&google_push=&gdpr=0

Request Chain 276

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=InIecOuVQIOoGCK_Hresbg&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=InIecOuVQIOoGCK_Hresbg&gdpr=0

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJackjQX_bG6qOuonpWtJ7I&google_cver=1

Request Chain 303

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Z1RlX2dQVGJ6b0U

Request Chain 304

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5jnUqsQGET-P_29w4ogpI&google_cver=1

Request Chain 309

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 345

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fMsZwzKyXur5&ev=1&pid=560288&gdpr_consent=&gdpr=0

Request Chain 349

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=728058323622558445&gdpr=0&gdpr_consent=

Request Chain 351

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2ab36471-37d3-4f00-99c8-ae8998130313

Request Chain 353

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7683554565452013913

Request Chain 354

https://match.adsrvr.org/track/cmf/openx?oxid=d0a9f05a-ebf9-7f99-c657-aeb45b326c4d&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&ttd_puid=d0a9f05a-ebf9-7f99-c657-aeb45b326c4d&gdpr=0&gdpr_consent=

Request Chain 356

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJA53ZeOU07CJdOfPPmqv_o&google_cver=1

Request Chain 358

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=1&gdpr_consent=

Request Chain 360

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4527130612681197971

Request Chain 362

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiFpCF2Nuf44hrW1Tqo2YzK91KRzr4AxhkQ

Request Chain 365

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=2MhIf6ZHKaHaFgoxKn93-ih0RuQbla5pKJIp07MLr9s

Request Chain 367

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEHcj3YZQLh9HTaHJQ70HBZ0&google_cver=1

Request Chain 369

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=

Request Chain 372

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 373

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwNjg2OTk2NDI0MjI2Njc1NDYxMA%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 374

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOe58A2F9vvprRY8yqV_pqE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 375

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwNjg2OTk2NDI0MjI2Njc1NDYxMA%3D%3D

Request Chain 376

https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3206869964242266754610&dbredirect=true&gdpr=0&consent= HTTP 302
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3206869964242266754610&dbredirect=true&gdpr=0&consent=&cookiesTest=true

Request Chain 377

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3206869964242266754610&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=39e3809f-b454-4ef8-81c9-e847310d3f25&ssp=triplelift&expires=30&user_group=5&bsw_param=707a5598-5816-46da-9ae1-f3aa7f052183 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=707a5598-5816-46da-9ae1-f3aa7f052183&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 379

https://pr-bh.ybp.yahoo.com/sync/triplelift/3206869964242266754610?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-oEy3SaFE2oRx3hz5S7t3G5crYQsD3HD3mB6lvoKZiQ--~A&dongle=0883

Request Chain 381

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=4527130612681197971&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 384

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 388

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 394

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=4527130612681197971

Request Chain 400

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F421%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Deef16dff-db78-44cc-afab-810400740fe9%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0/421?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=eef16dff-db78-44cc-afab-810400740fe9&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=4527130612681197971 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F421%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Deef16dff-db78-44cc-afab-810400740fe9%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/1/421?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=eef16dff-db78-44cc-afab-810400740fe9&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=ZHE31dAtzw6ns4K4GYCKPgAA%263188 HTTP 302
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F421%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Deef16dff-db78-44cc-afab-810400740fe9%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID

Request Chain 401

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A

Request Chain 402

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-367b9236-709b-35d1-81f8-a0aea72d596a

Request Chain 403

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A

Request Chain 405

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=3281430614264990000V10

Request Chain 411

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a&gdpr=0&gdpr_consent=

Request Chain 413

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiFpCaAAtofXR-pNOHbyf6OYi1TQYdyZnYw

Request Chain 415

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=

Request Chain 417

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4527130612681197971

Request Chain 419

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=728058323622558445

Request Chain 420

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RMN5QHfAsEpjtFOOSF2i6L1scDnOHZR0xZcJNZ74q8M

Request Chain 421

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUNEQTk5QTMtMkQyMy00OTQ2LUE5MEEtMDU4OEYzN0JBRTBF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&uid=9CDA99A3-2D23-4946-A90A-0588F37BAE0E

Request Chain 422

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEHcj3YZQLh9HTaHJQ70HBZ0&google_cver=1

Request Chain 423

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A

Request Chain 424

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=

Request Chain 425

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=280ffc3e-3a7c-46b3-9d50-6db7f323fd36&ssp=onetag&gdpr=0 HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 434

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&expiration=1687733461&gdpr=0&gdpr_consent=

Request Chain 437

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZHE31dAtzw6ns4K4GYCKPQAADHQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELmqqRNUB92AbaRRvNtNPGc&google_cver=1

Request Chain 440

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZHE31dAtzw6ns4K4GYCKPQAA%263188&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e

Request Chain 445

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZHE31dAtzw6ns4K4GYCKPgAADHQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELmqqRNUB92AbaRRvNtNPGc&google_cver=1

Request Chain 446

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&expiration=1687733461&gdpr=0&gdpr_consent=

Request Chain 448

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=728058323622558445&gdpr=0&gdpr_consent=

Request Chain 455

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=707a5598-5816-46da-9ae1-f3aa7f052183

Request Chain 456

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-72521f36-9406-5fe5-469a-c218cb48efbc$ip$91.239.206.153

Request Chain 458

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=fMsZwzKyXur5&ev=1&pid=558355

Request Chain 460

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=2794542a-c3ec-47cf-a12c-be5993626d0b

Request Chain 461

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-dB.zVDBE2pe69dTPhqODuAR.RsMAKMe7szMW~A

Request Chain 465

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=9ca6004a-5304-42ce-820f-9d1c91e39d76

Request Chain 466

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=728058323622558445

Request Chain 471

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3

Request Chain 472

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=

Request Chain 475

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZHE30cCo5uYAALE-e7wAAAAA

Request Chain 478

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=2dSEJAJub1ah0FLYdSj4&pi=gumgum&tc=1

479 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html Show response
www.bg3.co/a/ 54 KB
16 KB 1567ms
945ms Document
text/html 84.17.37.44
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-37-44.cdn77.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aa68ed08f4d02e37ae3c678389cb97923a5120cc7dcbd15aca9bdf96b7d438c4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: max-age=900
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 26 May 2023 22:50:49 GMT
ETag: "d9bd-LJhdnEpXF0AgVWjzzU+AvOOMO4M"
Expires: Fri, 26 May 2023 23:05:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 637ms
288ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

daff8aabf176b66270a2ed05549b731cb25820c715497c703ef80cab1dc0a580

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 22:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72811
x-xss-protection: 0
server: sffe
etag: "03b53c6311d4295f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 26 May 2023 22:50:50 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 635ms
287ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

a2586cde6229481b56e7a8dbae2313a5c6fcc852c7377c998c16fc4c41f4f7ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 22:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9643
x-xss-protection: 0
server: sffe
etag: "2f39b6a21f0d4c9f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 26 May 2023 22:50:50 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
7 KB 670ms
350ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

1368da1e83df113f410875e4817af9df14edf91e7050f7b03298b141ede30fc7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 22:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7580
x-xss-protection: 0
server: sffe
etag: "6634af0015cff4b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 26 May 2023 22:50:50 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

500ms
213ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13476
alt-svc: h3=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQu3utxiQrC92H98USdcfL%2Fn5sj2kN2UuvY8m5r5JynJY1SuvJsEOCa439zSPLwzWVaSd8dfGyF6H%2FlmfnhIBLCS5mGvp1Mwp24WiJ9fZJi9AZdcEsVvWj1By2FISI8JjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7cd994568a249b31-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 614ms
136ms Script
application/javascript 23.50.131.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-209.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: aa74ec2d64c5a2de329092b7cf137fc5dd95107094f4226b3b987b50ba6c1e3c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: GE
date: Fri, 26 May 2023 22:50:50 GMT
content-encoding: br
last-modified: Fri, 26 May 2023 07:00:31 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: GE
content-length: 9979
expires: Fri, 26 May 2023 23:50:50 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 644 KB
140 KB 791ms
133ms Script
application/javascript 23.50.131.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-208.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 3e8a04aa6da962836e04232ed30ee6499ad034fb417d31f013d8da873b1b9a88

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: GE
date: Fri, 26 May 2023 22:50:50 GMT
content-encoding: br
last-modified: Thu, 25 May 2023 14:01:11 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="468094_388605776_264712066_132_1261_256_0";dur=1
x-cf-geodata: GE
content-length: 143042
expires: Fri, 26 May 2023 23:50:50 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 270 KB
44 KB 800ms
555ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a191d55f9058efbace2ed692f0184471aab389ec8163dbce42e113183a1111da

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ICCLrCPHI96Yb9J8MR.wF87oOLIUUtWW
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:50 GMT
x-amz-request-id: KNMMZY0CXQQJCCG5
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 44405
x-amz-id-2: A56o3RBik6p/A8/7e0W+cgfSSR+KwQEYZtd9fzSuVzG+WSYyFBqA8jh8ANqD54a7av8XraSifo8=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 09:53:10 GMT
server: AmazonS3
x-timer: S1685141451.638077,VS0,VE128
etag: "081803b9743ab11bdda950c0f4fba6da"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 77 KB
16 KB 1443ms
390ms Script
text/javascript 54.168.198.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.198.133 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-198-133.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 98b74791957dac4ea78deb4f6e232f9bd34af58610b5b92b403ad65b65aac389

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 401ms
132ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:50 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1685141450.dop229.ve1.t,1685141450.cds213.ve1.hn,1685141450.cds227.ve1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET af5a949f04eb05139e71630b42be6b67.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7fb053c724cb11d8d289c504a11a6106.jpg
static.bg3.co/imgs/202105/ 0
0

GET 59b1925c794f152c6af70a8a7eff5d16.jpg
static.bg3.co/imgs/202105/ 0
0

GET ffb5528d7f906f1ca854b36d8cdbc0ce.jpg
static.bg3.co/imgs/202105/ 0
0

GET 1255e41b84783fb1bb541e14e3d8a189.jpg
static.bg3.co/imgs/202105/ 0
0

GET e444d4187df62fbeff1c32fd9985cea0.jpg
static.bg3.co/imgs/202105/ 0
0

GET c7d1a7bb66fd1cccb15843901c7f2c0c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 35c5bcfa233b309dc0218f880287f3f8.jpg
static.bg3.co/imgs/202105/ 0
0

GET a4ec54e5f5df1c2340c051bcdcb6a40e.jpg
static.bg3.co/imgs/202105/ 0
0

GET fc850c2b257a80235258f8f0061b5e94.jpg
static.bg3.co/imgs/202107/ 0
0

GET 76530765c824dd31fc70c9fd190fdd07.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8af6d4973dc6e7ffeec9594b86b39d07.jpg
static.bg3.co/imgs/202105/ 0
0

GET a2ddd2c42c39061a86f4a6654d45b093.jpg
static.bg3.co/imgs/202105/ 0
0

GET 0b9a2515ad55b5ffb17a761a4bf41309.jpg
static.bg3.co/imgs/202105/ 0
0

GET 26117d3bb12d0dc1d583f29299bbc004.jpg
static.bg3.co/imgs/202106/ 0
0

GET 5b63dc9dbd9a4bd4184d440dfff9ddae.jpg
static.bg3.co/imgs/202105/ 0
0

GET 71735915d740e2288f6419889f895c16.jpg
static.bg3.co/imgs/202110/ 0
0

GET 8e96407f62573ac0557d2440e49fd040.jpg
static.bg3.co/imgs/202105/ 0
0

GET 65d4faf68de2ae294809e3518f36abde.jpg
static.bg3.co/imgs/202105/ 0
0

GET 46e5075610b19368ffb790f3d3294059.jpg
static.bg3.co/imgs/202105/ 0
0

GET 678faee8a12b0e6c6c832a9787494541.jpg
static.bg3.co/imgs/202105/ 0
0

GET cd4cdfbbf79eb17f94cb2cc2158d5601.jpg
static.bg3.co/imgs/202105/ 0
0

GET d8b6bd8f52f42f04480194e35df91aee.jpg
static.bg3.co/imgs/202106/ 0
0

GET 88e1c6bf73207e50359b6bb763b79ee5.jpg
static.bg3.co/imgs/202105/ 0
0

GET d24dce7d2bd784d875c213997e5ae5cd.jpg
static.bg3.co/imgs/202112/ 0
0

GET 05610479d3444d2d86a96e1bbd19c672.jpg
static.bg3.co/imgs/202106/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012305051745001/v0/ 8 KB
3 KB 799ms
215ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745001/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

1d6c917cea545cbcff8c7988de594c3e060694883165721b9fb9eafc5cc81f8f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 23:30:54 GMT
age: 256799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2994
x-xss-protection: 0
server: sffe
etag: "c3b4ae40123badc9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 23:30:54 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012305051745001/v0/ 82 KB
23 KB 591ms
162ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745001/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

23205dc8bb2f752461eab7cf823df6459634564948681a16acec2ee52c1e76bd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 23:31:00 GMT
age: 256793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23083
x-xss-protection: 0
server: sffe
etag: "ec60bd30329619a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 23:31:00 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
824 B 594ms
330ms Fetch
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

282057dd9bf8e2f008b00af38206a5f16ebf74893ed4f266ad80cf88eb57026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012305051745001/v0/ 12 KB
4 KB 581ms
151ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745001/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

c3de40caecf3f4e1897e809cc72606a83f3d83a580b037dc768cdac6192e8c5d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 23:30:54 GMT
age: 256799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "e0ed5b11537c8ca0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 23:30:54 GMT

GET
H2 200 impl.20230524-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 765 KB
159 KB 398ms
397ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 60bff1f3d1652febff5190c494944d027b4239d3d030d189763a8e923d8d40a7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9c_4eTLCJkkZxGNS45EGbBMSGhCnoTf0
content-encoding: br
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:53 GMT
x-amz-request-id: C2825YC864NEHJ1W
age: 19455
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 162878
x-amz-id-2: 29rdpm7l2ndU+9fiQny0bppaF1bXQnaXslRdUwAAvL4e4kZauTI7R1nqocHszXwnHgNoQJxGcA4=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 09:26:37 GMT
server: AmazonS3-br
x-timer: S1685141454.806079,VS0,VE0
etag: "8207c55f07b51b46234d18f87fca31ce"
vary: Accept-Encoding
content-type: application/javascript
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 80003

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 415ms
132ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:12:35 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 74299
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: OFgiMufYvbWmVDFUYfLV8iIZ4VFwVKxB_Qd5t1BMpSt2hj2UUnIkLw==

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 128ms
128ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:53 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1685141453.dop229.ve1.t,1685141453.cds213.ve1.hn,1685141453.cds210.ve1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 132ms
132ms Image
image/jpeg 23.50.131.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1685141451152
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-209.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: GE
date: Fri, 26 May 2023 22:50:53 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Fri, 26 May 2023 23:50:53 GMT

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012305051745001/v0/ 40 KB
10 KB 478ms
145ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745001/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

797f132f6e565fb3aa7b8c4816413a03596f0698a0226f7ce0c88546f36893dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 23:32:48 GMT
age: 256685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10292
x-xss-protection: 0
server: sffe
etag: "1f67409efc29664c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 23:32:48 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
617 B 159ms
147ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1231
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgrf6NWHWhRxWVfwUABDuGB5NiaUvCIZlQp4kndvT2wb3QQyr8s2mO27hTZKGMIgoIFmfXsEEZRIltUHFqbjJSnXzZra4ay%2B2H%2FbutoyFiGgYYSp0WNWw%2BtCsUkf50MSJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7cd99458dbe79b31-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 1564ms
512ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 437188c03d4888e1ef3b56de8235c7df66e16eeb0ead2ef1d532668d8fd52385

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:52 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 1873ms
709ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 437188c03d4888e1ef3b56de8235c7df66e16eeb0ead2ef1d532668d8fd52385

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:53 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 513 B
1 KB 745ms
313ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.926691365199342&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:52 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 513

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 513 B
1 KB 700ms
268ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.8987580433263032&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:52 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 513

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
681 B 442ms
132ms Script
text/javascript 23.36.163.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: private, no-store
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 4 KB
3 KB 1143ms
855ms Script
text/javascript 108.138.36.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4NTE0MTQ1MV8wXzQ3ZDYxZmM3NjE5OQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-44.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: fb05b670537df6c97d6f2e404a9e15f34ff47c262a716eaef3fd3cb8124e1c8e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:54 GMT
Content-Encoding: gzip
Via: 1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Connection: keep-alive
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: Frh1eK3eXlS8JpGKkexNAJBOBIwM5Hz6fbzjbG5MCQ66phWBXea42Q==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 8836 495 B
664 B 1490ms
744ms Document
text/html 54.65.183.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.183.34 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-183-34.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 26 May 2023 22:50:53 GMT
etag: "646ea748-1ef"
last-modified: Thu, 25 May 2023 00:09:44 GMT
server: nginx

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DB3A 92 KB
32 KB 635ms
357ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1e737cb70c5600e8176fb678cd23d2b1c607f9cb4313e69dbc986714df91dfcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32372
x-xss-protection: 0
server: cafe
etag: 445534829423517096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:52 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9CBF 92 KB
32 KB 394ms
157ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d624d73020496137fb703c9c176de6fe9d6b71605213e4584edc0223dbeccb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32373
x-xss-protection: 0
server: cafe
etag: 5099751241046319053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:52 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ Frame 9CBF 350 KB
117 KB 279ms
275ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8f5b5d6f6720286a6dc28d6e5d127372a201743e15e338380fb41ecb74a630ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120268
x-xss-protection: 0
server: cafe
etag: 9411395704112212083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:54 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame BEF9 714 B
788 B 146ms
146ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
age: 12882
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7cd99462adf02c2d-FRA
content-encoding: br
content-type: text/html
date: Fri, 26 May 2023 22:50:53 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4X%2BxFiDPZaXoGJXEXDbNcHhZpe%2FlK8FZJhOvhYbPFhCwoc%2FlX4SCbMhGhRXWSKbX6eEIZZg%2Fd%2FiqNbz%2BS%2F7VsUM0onIL2dBwZGMTAcQj04pUBDx%2BtqZU1qQLUNUCrcEe3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 969ms
224ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:54 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ Frame DB3A 350 KB
117 KB 199ms
196ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

bb0ceb16cda37d8f04287ee88f24bf3362e1fe0b7e0656a47eddd8fef6e477b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120268
x-xss-protection: 0
server: cafe
etag: 14471158697109572079
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:53 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BEF9 75 KB
25 KB 752ms
155ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8e069f8c722538db5324c0a3f58fa7a129f21f9fac0b5342c07c3817ccfc498f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25138
x-xss-protection: 0
server: cafe
etag: 458 / 19503 / m202305230101 / config-hash: 5486929009166019583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:53 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 3F56 714 B
745 B 144ms
144ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
age: 12882
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7cd99464bf9c2c2d-FRA
content-encoding: br
content-type: text/html
date: Fri, 26 May 2023 22:50:53 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqjBCLZ0sv1M%2Fy%2Ffw2Yt84bXZrZIIEewroFaAzn8Epz5VQXDYVQ5RknLpXrsfe%2B3XvVmyR1q3FTkBPNkWlL4Lwy%2B1riTb9zZbn1h6nETVr0GjVmIjMpGJCsngXtcudNx1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3F56 75 KB
25 KB 501ms
231ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8139a8c30c1cacaf38528bab917738fb1acffb9929a0b60c039e2d6795569a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25138
x-xss-protection: 0
server: cafe
etag: 818 / 19503 / m202305230101 / config-hash: 5486929009166019583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:53 GMT

GET
H2 200 pb.42753.1674819540207.js Show response
cdn.adpushup.com/prebid/ 349 KB
94 KB 415ms
133ms Script
application/javascript 23.50.131.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-208.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: GE
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
last-modified: Fri, 27 Jan 2023 11:39:13 GMT
server: nginx/1.18.0
etag: W/"63d3b7e1-5744c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468094_388605776_264712709_65_1171_63_0";dur=1
content-length: 95255
expires: Sat, 25 May 2024 22:50:54 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
552 B 656ms
374ms Script
application/javascript 23.50.131.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-208.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: GE
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468094_388605776_264712711_56_695_63_0";dur=1
content-length: 211
expires: Sat, 25 May 2024 22:50:54 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 635ms
353ms Script
application/javascript 23.50.131.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-208.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: GE
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="468094_388605776_264712710_130_1153_63_0";dur=1
content-length: 18371
expires: Fri, 26 May 2023 23:50:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 396ms
340ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e6684f23a237776b9bbcf8f28c143d8d0ea7ac4b6062c44d206cbab2faaa9b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25142
x-xss-protection: 0
server: cafe
etag: 633 / 19503 / 31074874 / config-hash: 5486929009166019583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:54 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 435ms
142ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODUxNDE0NTM3ODksInBhY2tldElkIjoiMDAwMEE3MDEtNDRmYWM4MTctZGFhOC00OGYyLTlmN2UtYzU1N2FlNGZhM2JjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RpYW4temh1LWdlLXppLWJhby1mZWktd2VuLWh1YW5nLWRlbmctaHVpLXF1YW4tc2h1YW5nLWZhbmctZnUtaGUteWktemhpLXhpLXdhbmctdGEtbWVuLWhlLWhhby5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJHRSJ9&c_b=5369.900001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 393ms
141ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 8836 0
240 B 367ms
367ms Script
text/javascript 54.65.183.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.183.34 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-183-34.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 May 2023 22:50:54 GMT
cache-control: private, max-age=86400
content-type: text/javascript
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 460ms
247ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2ODUxNDE0NTM4OTQsInBhY2tldElkIjoiMDAwMEE3MDEtNDRmYWM4MTctZGFhOC00OGYyLTlmN2UtYzU1N2FlNGZhM2JjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RpYW4temh1LWdlLXppLWJhby1mZWktd2VuLWh1YW5nLWRlbmctaHVpLXF1YW4tc2h1YW5nLWZhbmctZnUtaGUteWktemhpLXhpLXdhbmctdGEtbWVuLWhlLWhhby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkdFIn0%3D&c_b=5474.900001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 295ms
142ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2ODUxNDE0NTM4OTksInBhY2tldElkIjoiMDAwMEE3MDEtNDRmYWM4MTctZGFhOC00OGYyLTlmN2UtYzU1N2FlNGZhM2JjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RpYW4temh1LWdlLXppLWJhby1mZWktd2VuLWh1YW5nLWRlbmctaHVpLXF1YW4tc2h1YW5nLWZhbmctZnUtaGUteWktemhpLXhpLXdhbmctdGEtbWVuLWhlLWhhby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiR0UifQ%3D%3D&c_b=5479.400001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 379ms
246ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODUxNDE0NTM4OTQsInBhY2tldElkIjoiMDAwMEE3MDEtNDRmYWM4MTctZGFhOC00OGYyLTlmN2UtYzU1N2FlNGZhM2JjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RpYW4temh1LWdlLXppLWJhby1mZWktd2VuLWh1YW5nLWRlbmctaHVpLXF1YW4tc2h1YW5nLWZhbmctZnUtaGUteWktemhpLXhpLXdhbmctdGEtbWVuLWhlLWhhby5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJHRSJ9&c_b=5484.799999237061
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1685141453993&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-qu...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1685141453993&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-q...

0
225 B

132ms
132ms

Image
text/plain

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1685141453993&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&c8=%E5%A4%A9%E5%AF%A7%E5%90%84%E8%87%AA%E7%88%86%E7%B7%8B%E8%81%9E%E3%80%80%E9%BB%83%E9%90%99%E8%BC%9D%E5%8B%B8%E9%9B%99%E6%96%B9%E8%A4%87%E5%90%88%EF%BC%9A%E4%B8%80%E7%9B%B4%E5%B8%8C%E6%9C%9B%E4%BB%96%E5%80%91%E5%92%8C%E5%A5%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: d9oy9XT61t9U3cB-eQf6KDnEbXm5cLE8qcTlWX3yGAu3XExRxQADQg==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 26 May 2023 22:50:54 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
location: /b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1685141453993&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&c8=%E5%A4%A9%E5%AF%A7%E5%90%84%E8%87%AA%E7%88%86%E7%B7%8B%E8%81%9E%E3%80%80%E9%BB%83%E9%90%99%E8%BC%9D%E5%8B%B8%E9%9B%99%E6%96%B9%E8%A4%87%E5%90%88%EF%BC%9A%E4%B8%80%E7%9B%B4%E5%B8%8C%E6%9C%9B%E4%BB%96%E5%80%91%E5%92%8C%E5%A5%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
content-length: 0
x-amz-cf-id: MrdcJLJXhu0rdS0lFUA7AuQv9eiEO6AWZ-O5yi-Qc3wMVSJz6KV92A==

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 585ms
144ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 301774
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 74 KB
21 KB 761ms
752ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=22%3A50%3A54.073&lti=deflated&data=%7B%22id%22%3A951%2C%22ii%22%3A%22%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1684921981509%2C%22vi%22%3A1685141454071%2C%22cv%22%3A%2220230524-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html%22%2C%22vpi%22%3A%22%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3642%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3521.828125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ccebd6eaa8c3b5dcccebcd861e06f4375eeb5cc4bffc59621f6ba1ebf494852

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 629
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-sof1510034-SOF
server: nginx
x-timer: S1685141454.132900,VS0,VE629
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ Frame 9CBF 0
0 446ms
445ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/ Frame BEF9 403 KB
125 KB 142ms
140ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7954
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127382
x-xss-protection: 0
server: cafe
etag: 12178286523779166803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 25 May 2024 20:38:20 GMT

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 136ms
136ms Script
application/javascript 23.36.163.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding: gzip
Date: Fri, 26 May 2023 22:50:54 GMT
Last-Modified: Fri, 21 Apr 2023 06:05:08 GMT
ETag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2434

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/ Frame 3F56 403 KB
125 KB 251ms
251ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7954
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127382
x-xss-protection: 0
server: cafe
etag: 12178286523779166803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 25 May 2024 20:38:20 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/ 405 KB
125 KB 321ms
319ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

64844f8925b251163ea6b1ce7684859a3c1cc2fd394e68b5406214fb8dc53750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:39:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18694
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127947
x-xss-protection: 0
server: cafe
etag: 6651312291549162462
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 25 May 2024 17:39:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
102 B 414ms
141ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
x-xss-protection: 0
expires: Fri, 26 May 2023 22:50:54 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DB3A 379 B
600 B 442ms
144ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a4141c2367637ec9020460c5d68a52cd3e4eb21f542a1605fbf3589fe0f5cb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ Frame DB3A 107 B
165 B 431ms
139ms Script
application/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DB3A 107 B
165 B 432ms
141ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html Show response
adx.holmesmind.com/adx-file/20230307/ Frame 84AA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168514...
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

463 B
875 B

446ms
132ms

Document
text/html

18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ca78e8d1923a071bc5fa4b68044bc5644a11b856668a24814f1e9a56e9bf8d0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 253
content-length: 463
content-type: text/html
date: Fri, 26 May 2023 22:46:50 GMT
etag: "291c872afa27e30cecfbd80c44ce20b8"
last-modified: Tue, 07 Mar 2023 12:41:13 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-amz-cf-id: nw2bg5s5DoSM_x_KZp4hpU295xypaZYZgL7rvoahxSh6EAm1WEtM3g==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: L7mKK4pQTVO2vey7TX8zPKwpCVXg3Qid
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:54 GMT
location: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 687ms
377ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H1D43ZK4HV3YHN99RWE9KCXP
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 26 May 2023 22:50:54 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 377ms
119ms XHR
application/json 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230526

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5547ccd000f55d51916dde9e7ba9e0c34b77445032d345abdfdbb25cc3d0b337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 22:50:54 GMT
x-content-type-options: nosniff
content-encoding: br
age: 24606
x-jsd-version: 1.0.1706
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 851
x-served-by: cache-fra-eddf8230103-FRA, cache-mxp6976-MXP
x-jsd-version-type: version
etag: W/"640-J/bDiMmADhbOR0K46f1BfsfxsyQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 arj Show response
adpushup-d.openx.net/w/1.0/ 64 KB
12 KB 548ms
278ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2fd24c43-8fb8-4455-afd7-074f682e6ff2%2C64290fb3-8d60-4053-b726-bd8bda5394bb&nocache=1685141454572&pubcid=0305cf03-427e-406e-9c81-665c3f155fb0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&aucs=%2C&auid=545618347%2C545618347
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 5d468ecdf73315b4cc8c3a7975de8a1573c1bcfbc9c07a9e0bde113754c47fda

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bg3.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11893
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 avjp Show response
adpushup-d.openx.net/v/1.0/ 106 B
504 B 417ms
148ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d8e6d3ca-81e4-4d0a-a04f-d2c33ae2f476&nocache=1685141454573&pubcid=0305cf03-427e-406e-9c81-665c3f155fb0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bg3.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 avjp Show response
adpushup-d.openx.net/v/1.0/ 106 B
296 B 417ms
148ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=96e6e4dc-7fc2-4b0c-8fed-7f26014c3c45&nocache=1685141454573&pubcid=0305cf03-427e-406e-9c81-665c3f155fb0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bg3.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
406 B 419ms
142ms XHR
application/json 35.156.69.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.69.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-69-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 284a15abaa50d9f7160c5e84df25030e811179539a5112add89415198fb92713

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
407 B 417ms
141ms XHR
application/json 35.156.69.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.69.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-69-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7468580033ac8a046998cbe5610fbce05da0da545c9da12326b8117e76714038

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 23 KB
9 KB 692ms
217ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=0305cf03-427e-406e-9c81-665c3f155fb0%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=8153705d-2d6d-4497-9aa8-36ad90135fae%3B67c020f0-923a-42fe-8ab3-f6cce6ed97b8&l_pb_bid_id=7b0d989180ca59%3B81db6e8bee7de2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.7020357274815237
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c7f054101f77558c19041c38f048c80ff4ee7554db4606298f88211c325c5afb

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
10 KB 551ms
247ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ce96b7455707acb927c6898bf4f93639954c1eaca2c7addf48f97e51bddec7f2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 26 May 2023 22:50:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.153; 91.239.206.153; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 410929fe-05d3-43f4-8472-8a76bbd9bae5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 633 B
2 KB 553ms
226ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 555f0737b5f8db31c1cc839a2b385e0f367fa6cf1bdd1dec5161ce76099797ed

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 915 B
2 KB 537ms
210ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 1b20082cbcce0fdcfc56d6af332c757d8bb1b7df96dcdbccbf3679bda6e3fa66

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 976 B
2 KB 558ms
232ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 968cc7900177ffa477dad5edb28e891902a920638439e503a26d360101ba0ba7

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 964 B
2 KB 538ms
212ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0112171d171eee1e3283993a8c01cb478032895f9ddd70238ed7d06cbc717567

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
498 B 467ms
142ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
664 B 458ms
141ms XHR
application/json 52.58.86.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&tmax=3000

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.86.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-86-197.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:54 GMT
accept-ch: user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
x-auction-status: 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST bid-request
a.teads.tv/hb/ 0
0

POST hbjson
grid.bidswitch.net/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
167 B 457ms
143ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Fri, 26 May 2023 22:50:54 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST prebid
prebid.media.net/rtb/ 0
0

POST v1
hb-api.omnitagjs.com/hb-api/prebid/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 697ms
159ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=68498732241

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 26 May 2023 22:50:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET cygnus
htlb.casalemedia.com/ 0
0

POST adreq
ads.servenobid.com/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ Frame BEF9 107 B
531 B 185ms
139ms Script
application/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BEF9 107 B
456 B 186ms
141ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BEF9 492 B
264 B 181ms
181ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=185763171046057&correlator=2322538135923500&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1685141454663&lmt=1644386353&dlt=1685141453305&idt=1330&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=rdraj5myrnyr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1154059003.1685141455&ga_sid=1685141455&ga_hid=1960970603&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6eb1bf07cd76fdce9fc2081b02dd0ebd9e6e4f4b1fcc507fd9607715ba799c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
691e9e2891f8a25b4776585bf50a05ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E912 6 KB
3 KB 1447ms
138ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://691e9e2891f8a25b4776585bf50a05ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:56 GMT
expires: Sat, 25 May 2024 22:50:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012305051745001/v0/ 214 KB
57 KB 141ms
141ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745001/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

acb155ffcece7a604401c12fc986b266451dd4442e5aa5df45bcc294bb2ac25a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 23:40:36 GMT
age: 256218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58053
x-xss-protection: 0
server: sffe
etag: "e0077f4dc72b7517"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 23:40:36 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 3516ms
197ms Script
application/javascript 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 02 Jun 2023 22:50:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9CBF 379 B
313 B 195ms
178ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e46b3fe6d0dc58c0831f4fb756c3f028147fffa55f4e3b2e01b5c001e7d283ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ Frame 9CBF 107 B
165 B 143ms
136ms Script
application/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9CBF 107 B
165 B 150ms
144ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html Show response
adx.holmesmind.com/adx-file/20230307/ Frame 8998
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168514...
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

463 B
875 B

451ms
132ms

Document
text/html

18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ca78e8d1923a071bc5fa4b68044bc5644a11b856668a24814f1e9a56e9bf8d0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 253
content-length: 463
content-type: text/html
date: Fri, 26 May 2023 22:46:50 GMT
etag: "291c872afa27e30cecfbd80c44ce20b8"
last-modified: Tue, 07 Mar 2023 12:41:13 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-amz-cf-id: UOqx-2F87j2MWSBWWCcvluM9oexHVLgirrD-DCekdyACUp_NQtFYVQ==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: L7mKK4pQTVO2vey7TX8zPKwpCVXg3Qid
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:54 GMT
location: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ Frame 3F56 107 B
165 B 139ms
137ms Script
application/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3F56 107 B
165 B 140ms
139ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3F56 492 B
264 B 172ms
171ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3017211078063100&correlator=1263551495814114&eid=31074946&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1685141454769&lmt=1644386353&dlt=1685141453632&idt=1122&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=cc4gnwj03ncz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1687215883.1685141455&ga_sid=1685141455&ga_hid=1945332495&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b9759af81dcc8a4227ccf3302eb6cc3a8fe834eda47b8ef8aa5affa97abbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
be0782d7f8c2998aa76bc9e852638eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7887 6 KB
3 KB 448ms
142ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be0782d7f8c2998aa76bc9e852638eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:55 GMT
expires: Sat, 25 May 2024 22:50:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 floating-unit.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 119ms
118ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a885ac1238669b388d2db29120b8251134d73a975039d620b8fc2c47bae76795

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ThH6MBnq4XaEkCYKoKfIAAR6wOxG3dDz
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:54 GMT
x-amz-request-id: ZB8GXFG4DQAAPWX3
age: 217887
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: 5qKFrP90yJmVP2Yrk6kpdOD+Rgh6F4h/zOovTm7DJGKao+dmtknsDtktxTzJPRyvhqn61JI5nWA=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 10:19:28 GMT
server: AmazonS3
x-timer: S1685141455.933718,VS0,VE0
etag: "0e7af323805297da85f8c277cbf794ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 74124

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.1/ 111 KB
31 KB 125ms
118ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:54 GMT
via: 1.1 31035bb61f7468c9d95f8f0f36403248.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
age: 1518200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 31023
x-served-by: cache-sof1510034-SOF
last-modified: Tue, 09 May 2023 09:06:26 GMT
server: AmazonS3
x-timer: S1685141455.944252,VS0,VE0
etag: "f42b894e197d2128ee7d3b438e0ac56d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aY7NXF7zeUsW8rBTSv9KNLwtWCqmH-hX4KOvDNHDDauOB7LLZw-vow==
x-cache-hits: 42686

GET
H2 200 feed-card-placeholder.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 117ms
116ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 330b1e9ee51be3e724fa47637a4e97cf7e2f3c8ae353f439282799f15a0f6bfc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lfyBrVDsJa7qlWsoOF.wz8w.10rCEPsF
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:54 GMT
x-amz-request-id: CYW732YTT6G4CFVK
age: 217902
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: tgWLn68XZ7jvFtp3Tbgsqw4C2ZU2pxtimg8xQ56JhZInbLb5pEAAuKznSrLJH82ePYjcckK4h8g=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 10:19:13 GMT
server: AmazonS3
x-timer: S1685141455.938217,VS0,VE0
etag: "45f1858ac9ef49fde8fa2f2e55fb2751"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 709597

GET
H2 200 userx.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 122ms
121ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 332178c76008a6c2d64d1956767df4abcba64c510ba40e92b8cbf374a8ac6ab5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: k1_fan7vgmB_3l9kVjDOu92GBUoHLR2m
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:54 GMT
x-amz-request-id: SQKAAWRQ5YZZDTHK
age: 217814
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: OXQZaybb6hiKC3UcY2HUZji4s0jlEhUB05K2kxO+mkL5fVpjDa6qWrHCfIbN/Me9RH4gIuVQi3I=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 10:20:41 GMT
server: AmazonS3
x-timer: S1685141455.952425,VS0,VE0
etag: "6ee9fb9d16a15b75f76ac022d727fe97"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 104215

GET
H2 200 distance-from-article.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 122ms
121ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c93794353afab50509f28bb4792ed22d0e5038b15040fe3a05ba1296b5cc1193

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mM6nF6tDgjvAkw2DzRZp5uUOH.yu_c8f
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:54 GMT
x-amz-request-id: BAS1QABN689E0PTD
age: 217916
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1135
x-amz-id-2: VZhwT0fuN+srpqL7WL7Taz0E0ItnZ0jmMOeuqt3wBcSFNXYcKbfnCeqHt52R/AYE5dxc/KfEaRY=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 10:18:59 GMT
server: AmazonS3
x-timer: S1685141455.952569,VS0,VE0
etag: "936b35b504500dd1f56b68c34c54bdcb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 847332

GET
H2 200 article-detection.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 123ms
123ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6be2f75adb91ea6250947c3508fa1a8e76a88c8ac755061454f7cd91fcc04966

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Qwxwh709e4NMP8PyIc2WYzOBW1LF3PPw
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:54 GMT
x-amz-request-id: KF42X09HX0MDTCC4
age: 217937
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1235
x-amz-id-2: OmlEEU4G8kFEA3TlFNjA1vloNi4Gt5eTRypco+3ihHFIulI9hEXPC12pbGb3aopYlDFD5Tw3hII=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 10:18:38 GMT
server: AmazonS3
x-timer: S1685141455.952742,VS0,VE0
etag: "f76b2117c2ef4e16f0c8ba3c4b1c37d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 876282

GET
H2 200 explore-more.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 28 KB
8 KB 123ms
119ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ffe02e100446a078afa22e54d347694b5c6e695d1276a3222253bd7a0f6dfdb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: t3AX4xOR4JU2thJUC8bJQUlYYv6q09r2
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:54 GMT
x-amz-request-id: X1GBPY63SKBY4089
age: 217906
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8146
x-amz-id-2: Zbq7N3eA1OrhIw5LDMOHN47ysoA62dt1cQadn2tnk/64s2uMzCcsiP7NplCC2FfVuM6YqQjDV8s=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 10:19:08 GMT
server: AmazonS3
x-timer: S1685141455.962671,VS0,VE0
etag: "7535e0fa059096b4d0c736b13a674442"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 507657

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 615ms
248ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=22%3A50%3A54.881&id=6991&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 616ms
249ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1685141454882%7D&tim=22%3A50%3A54.883&id=394&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 616ms
249ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-skip-vignette%22%2C%22type%22%3A%22%7B%5C%22skipVignette%5C%22%3A%7B%5C%22reason%5C%22%3A%5C%22no%20recommendations%5C%22%2C%5C%22details%5C%22%3A%5C%22%5C%22%7D%7D%22%2C%22eventTime%22%3A1685141454883%7D&tim=22%3A50%3A54.883&id=5185&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 616ms
249ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1685141454893%7D&tim=22%3A50%3A54.894&id=713&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
91 B 614ms
247ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A54.906&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-a-delta&llvl=2&id=414&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 616ms
250ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A50%3A54.907&id=7828&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 237ms
234ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A54.912&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6006&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 237ms
234ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A54.913&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1700&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 237ms
235ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A54.914&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=9539&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 237ms
235ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A54.915&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-y-delta&llvl=2&id=2672&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 240ms
238ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A54.916&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-y-em-delta&llvl=2&id=6499&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 370ms
368ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A54.917&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01-y-em-delta&llvl=2&id=4873&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 370ms
368ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A54.918&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8931&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 117ms
116ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:54 GMT
x-amz-request-id: DKWHBZA6EDB45JGV
age: 14
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: FIJvtcR4Qgl/Dvj+kTUODH/tgrcfPeD3Gv/ev/Faq7FQFYwPfSXV58/ZdOuypiTmhHvfvgzkoZg=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1685141455.972870,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 24
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4

GET
H2 200 8d8b4f12fe60cd2d5a1635b104671c92.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 51 KB
52 KB 143ms
137ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d8b4f12fe60cd2d5a1635b104671c92.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c9ddd5ff1645b8c3521d0cfd0198e84e27f7ab1dee9255835af969b6a448f80

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 26 May 2023 22:50:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d8b4f12fe60cd2d5a1635b104671c92.jpg
age: 1528367
edge-cache-tag: 536931861862581473488622915512238924079,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 536931861862581473488622915512238924079,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 148
req-referer: https://elecbean.com/
content-length: 52184
x-request-id: 2c8b330fa41eb3aab1caa708af26ffb9
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100176-IAD, cache-iad-kiad7000155-IAD, cache-lax10653-LGB, cache-iad-kcgs7200130-IAD, cache-sof1510034-SOF
last-modified: Sat, 22 Apr 2023 12:55:10 GMT
server: nginx
x-timer: S1685141455.994871,VS0,VE1
etag: "3ec771bf9ae7ba79d7e9fcc92715338b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 7, 1

GET
H2 200 044089180313ed8dc6394e1f03d46aff.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
28 KB 129ms
123ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/044089180313ed8dc6394e1f03d46aff.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ae3fe956f01d67dac4ad2dea27165d9c2e3f24c96277bd0f6d65f20a8107a60f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 26 May 2023 22:50:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/044089180313ed8dc6394e1f03d46aff.jpeg
age: 3919866
edge-cache-tag: 483554285629618842250207813029163678919,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 483554285629618842250207813029163678919,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 152
expiration: expiry-date="Wed, 12 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://londoninsider.co.uk/liverpool-icon-delivers-alexander-arnold-verdict-after-the-right-back-stars-in-midfield/
content-length: 27620
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kcgs7200137-IAD, cache-lax10675-LGB, cache-iad-kcgs7200114-IAD, cache-sof1510034-SOF
last-modified: Sun, 12 Mar 2023 03:28:12 GMT
server: nginx
x-timer: S1685141455.994857,VS0,VE1
etag: "55694be941ac704e6a15a1ce31371624"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 50, 1

GET
H2 200 485041c1-0c09-4726-94fe-95b453232e17_1000x600_04d0417975bf2a3ccf3ae1000f950972.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 22 KB
23 KB 123ms
120ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/485041c1-0c09-4726-94fe-95b453232e17_1000x600_04d0417975bf2a3ccf3ae1000f950972.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d86d18bdd18b25ed9084e7ca8f406ff01c070dd4a15c259d926fcdaacbe9f4bb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 26 May 2023 22:50:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/485041c1-0c09-4726-94fe-95b453232e17_1000x600_04d0417975bf2a3ccf3ae1000f950972.png
age: 2610011
edge-cache-tag: 351075301928613690841866466261633003872,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 351075301928613690841866466261633003872,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 226
expiration: expiry-date="Tue, 16 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://mgronline.com/
content-length: 22726
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000164-IAD, cache-iad-kcgs7200054-IAD, cache-lax10664-LGB, cache-iad-kjyo7100023-IAD, cache-sof1510034-SOF
last-modified: Sat, 15 Apr 2023 14:56:22 GMT
server: nginx
x-timer: S1685141455.069706,VS0,VE1
etag: "3851319c16f1c3a83c7d53409688f034"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 56, 1

GET
H2 200 39f32e6ae0dc815c5d27bb3f67257bc3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 61 KB
62 KB 121ms
121ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39f32e6ae0dc815c5d27bb3f67257bc3.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd5614c135b5affbbdfe242efdfb1dbc185d2603464a85a12322420f6ac26f9b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 26 May 2023 22:50:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39f32e6ae0dc815c5d27bb3f67257bc3.jpg
age: 4533479
edge-cache-tag: 461996418645483192380705983002511743342,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461996418645483192380705983002511743342,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 207
expiration: expiry-date="Thu, 04 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 62870
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200116-IAD, cache-iad-kcgs7200142-IAD, cache-lga21971-LGA, cache-iad-kiad7000127-IAD, cache-sof1510034-SOF
last-modified: Mon, 03 Apr 2023 14:13:43 GMT
server: nginx
x-timer: S1685141455.136306,VS0,VE1
etag: "cc55897e96554c615b72ada04774bba9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 158, 1

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012305051745001/v0/ 110 KB
31 KB 140ms
140ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745001/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

117d672d13737b9fd296dbf791dfcb05ba56c07786fe50973fa48f2d06b30a5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 23:30:45 GMT
age: 256810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32034
x-xss-protection: 0
server: sffe
etag: "77f92c2e94d638aa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 23:30:45 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
219 B 139ms
138ms Fetch
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-1405376643990224854.ampproject.net/2305051745001/ 0
0 869ms
140ms Other
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-1405376643990224854.ampproject.net/2305051745001/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 bc
b.logly.co.jp/ 43 B
384 B 1183ms
393ms Image
image/gif 13.113.148.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.logly.co.jp/bc?ac=PBmw34K1iUqWhjj-WJQDWw&ad=3332130
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.148.165 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-148-165.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 bc
b.logly.co.jp/ 43 B
249 B 1123ms
391ms Image
image/gif 13.113.148.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.logly.co.jp/bc?ac=PBmw34K1iUqWhjj-WJQDWw&ad=2948377
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.148.165 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-148-165.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 bc
b.logly.co.jp/ 43 B
248 B 1053ms
394ms Image
image/gif 13.113.148.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.logly.co.jp/bc?ac=PBmw34K1iUqWhjj-WJQDWw&ad=3447836
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.148.165 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-148-165.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 next-up-widget.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 118ms
117ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1853387bfb1697d08611e99356e428d09c9ed6242cb8cd7aad96f6add47c8a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: aqBhdLoi8eq6Y0e.xuLLarty8XeZRQvB
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:55 GMT
x-amz-request-id: 1JBS8H43B6RTF17T
age: 217877
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: vS4pk1Kjk54OJVfn1sRTBHygwYOGhLn+tlF3xrgLcmi2camDxPP9TcxcFtIlucG4nMpPfLK5ldA=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 10:19:38 GMT
server: AmazonS3
x-timer: S1685141455.063914,VS0,VE0
etag: "3f5202bf36a7c2f556ab37024a4f8e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 73540

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 370ms
368ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A50%3A55.055&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5539&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 109708

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 371ms
369ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22304.828125%22%2C%22eventTime%22%3A1685141455104%7D&tim=22%3A50%3A55.104&id=432&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 spa-detector.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 121ms
117ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbeeb1bfc48b4211161d49425bf79a1520b30e948f00a84397798ac553512321

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: t9UNOGd4.119syoZ_uyilVm0R50fvWFG
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:55 GMT
x-amz-request-id: G3T5MNF5RAEJ0Z9D
age: 217852
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: WMwzlB5fdFwurlDIy5+9wBgngAIFSODHjiFkWaVRnVx22SWCVIT1gqcVolUBceVYHDFpvQGpKmY=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 May 2023 10:20:03 GMT
server: AmazonS3
x-timer: S1685141455.192460,VS0,VE0
etag: "f86d33dc59d6b873a467454ebd750baa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 509000

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 372ms
370ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A50%3A55.132&id=3764&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 371ms
369ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1685141455133%7D&tim=22%3A50%3A55.133&id=7777&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 371ms
369ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%2C%20%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A50%3A55.135&id=53&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
363 B 372ms
370ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=98bf7a66a951be716ea42e1e56f58a16&sd=v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&pi=/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&wi=-3228186548808802306&pt=text&vi=1685141454071&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1685141455136%7D&tim=22%3A50%3A55.137&id=6056&llvl=2&cv=20230524-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 May 2023 22:50:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012305051745001/v0/analytics-vendors/ 2 KB
812 B 140ms
140ms Fetch
application/json 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745001/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 23:31:05 GMT
age: 256790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "3835e66b3509ad97"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 23:31:05 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 5 KB
2 KB 974ms
143ms Fetch
application/json 172.64.161.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.161.31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:56 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only, master-only
age: 20542
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: same-origin, same-origin
last-modified: Fri, 26 May 2023 17:08:34 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Bq1LWeNGilTQYI8joEopXJtgdpOD%2FGesCCxntcnw3BSNecV7LrG6M%2FHMBoP11dHRMD63QQ391KI8sQXfA5Ufkn1eMuZHAl8%2B98aasYo8axU3h6v8od26RC2e8Gi2pV0rJjkovChzaWOX5qY6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230423b
cf-ray: 7cd99474a8011e54-FRA

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012305051745001/v0/analytics-vendors/ 2 KB
931 B 138ms
138ms Fetch
application/json 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745001/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 23:30:46 GMT
age: 256809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 901
x-xss-protection: 0
server: sffe
etag: "d21cb8bddfe3c6ca"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 23:30:46 GMT

GET
H2 200 d6bdf04dd27afbb0b3f6b49204d30539.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 239ms
236ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6bdf04dd27afbb0b3f6b49204d30539.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b00a30ddc758e8acae56a71f3061f00d16e2abc0b17fe59f23c2b2dafc992316

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 120
date: Fri, 26 May 2023 22:50:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6bdf04dd27afbb0b3f6b49204d30539.jpg
age: 1339883
edge-cache-tag: 448536022795924765863538358553015590699,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 448536022795924765863538358553015590699,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 247
expiration: expiry-date="Sat, 20 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.larousse.fr/
content-length: 2852
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200094-IAD, cache-iad-kjyo7100120-IAD, cache-lax10642-LGB, cache-iad-kcgs7200085-IAD, cache-sof1510034-SOF
last-modified: Wed, 19 Apr 2023 12:09:59 GMT
server: nginx
x-timer: S1685141456.597696,VS0,VE120
etag: "cfa2098639ab29e4c3857cbe909a4002"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 40, 0

GET
H2 200 b016efd99166eb03ee5590e1f6e11196.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 117ms
116ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b016efd99166eb03ee5590e1f6e11196.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 03853dc53fb780a8ece5cd8f5ef799729a85932b58b87c78c67fe73f8be95350

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 26 May 2023 22:50:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b016efd99166eb03ee5590e1f6e11196.jpg
age: 867716
edge-cache-tag: 297585155888815719709951288742620753257,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 297585155888815719709951288742620753257,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 134
expiration: expiry-date="Tue, 13 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.srherald.com/columns/2023/05/21/het-gezicht-van-leugens-hikmat-mahawat-khan-inzake-oppenheimer-leningen/?utm_source=rss&utm_medium=rss&utm_campaign=het-gezicht-van-leugens-hikmat-mahawat-khan-inzake-oppenheimer-leningen
content-length: 6476
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100101-IAD, cache-iad-kiad7000111-IAD, cache-lax10664-LGB, cache-iad-kcgs7200021-IAD, cache-sof1510034-SOF
last-modified: Sat, 13 May 2023 12:35:15 GMT
server: nginx
x-timer: S1685141456.597845,VS0,VE0
etag: "ff1aa8ac4108c4294bdaf75114231b62"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 39, 338

GET
H2 200 3242614a2ea15b334741ce58c08e3860.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 186ms
184ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3242614a2ea15b334741ce58c08e3860.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f6730c15db80fe82a65709b12516db931af231d96c057f1b7f735e5b935c012f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 26 May 2023 22:50:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3242614a2ea15b334741ce58c08e3860.jpg
age: 1103817
edge-cache-tag: 371508945501014773120715978856261569844,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371508945501014773120715978856261569844,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 189
expiration: expiry-date="Sun, 04 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://yoshare.net/
content-length: 4972
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200039-IAD, cache-iad-kjyo7100136-IAD, cache-chi-kigq8000098-CHI, cache-iad-kjyo7100084-IAD, cache-sof1510034-SOF
last-modified: Thu, 04 May 2023 07:58:28 GMT
server: nginx
x-timer: S1685141456.597899,VS0,VE1
etag: "09468bbe74fc8766f46be4c2242aad01"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 18, 1

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3F56 15 KB
11 KB 157ms
156ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

050abc1b9cd0d46e15042902b72f457eca5be10d82a5562b3ea44b8d40a342d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11377
x-xss-protection: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame D93C 439 B
353 B 155ms
153ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1685141455356&uv=131781256&tms=1685141455356&abt=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ac5c0029-7db2-4dd2-93b8-509ba87392bb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd5e797ea55318cb551cad54e7a85c301782e6119dc50159104e35853ded0e2f

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 26 May 2023 22:50:55 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510034-SOF
x-timer: S1685141455.419621,VS0,VE37

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 2CED 422 B
517 B 770ms
139ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 7e568c30edf804cc98633ab5ae2276b00cffd465216cb285624921fbe84f2f45

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 26 May 2023 22:50:56 GMT
machineid: 3401
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
740 B 191ms
173ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1685141455366&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1521&pt=-1420458221&tz=0&viewable=true&ddast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24fe78f1280f51c6051b193b5649f2501922d573c810cc60e330e26e8438b6a1

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 26 May 2023 22:50:55 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1419
x-cache: MISS
x-served-by: cache-sof1510034-SOF
pragma: no-cache
server: nginx
x-timer: S1685141455.437625,VS0,VE56
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 675ms
138ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&cmcv=&pix=31589837&cb=1685141455356&uv=131781256&tms=1685141455356&abt=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1685141448420.5!ts:1685141455356&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:56 GMT
content-length: 0
server: nginx

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 613 B
716 B 490ms
142ms Fetch
application/json 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 26 May 2023 22:50:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 84AA 31 KB
10 KB 396ms
128ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:25:46 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 11 Apr 2023 09:02:41 GMT
server: nginx/1.12.1 (Ubuntu)
age: 23109
etag: W/"64352231-7a34"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9891
expires: Sat, 27 May 2023 16:25:46 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 8998 31 KB
10 KB 411ms
143ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:25:46 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 11 Apr 2023 09:02:41 GMT
server: nginx/1.12.1 (Ubuntu)
age: 23109
etag: W/"64352231-7a34"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9891
expires: Sat, 27 May 2023 16:25:46 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D93C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3

0
65 B

209ms
208ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1685141455356&uv=131781256&tms=1685141455356&abt=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ac5c0029-7db2-4dd2-93b8-509ba87392bb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Fri, 26 May 2023 22:50:56 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1685141456.277524,VS0,VE93
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-sof1510034-SOF

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D93C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-3BEgIZ5E2oRbUOzV0._tXgDkcx2PNUN6gUWq0g--~A

0
231 B

157ms
140ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-3BEgIZ5E2oRbUOzV0._tXgDkcx2PNUN6gUWq0g--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1685141455356&uv=131781256&tms=1685141455356&abt=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ac5c0029-7db2-4dd2-93b8-509ba87392bb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69644

Redirect headers

date: Fri, 26 May 2023 22:50:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-3BEgIZ5E2oRbUOzV0._tXgDkcx2PNUN6gUWq0g--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame D93C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XDJq2P1E2uG0y_ZSr4oi1puO_WiAnwjl~A&gdpr_in_effect=0

0
231 B

143ms
138ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XDJq2P1E2uG0y_ZSr4oi1puO_WiAnwjl~A&gdpr_in_effect=0
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1685141455356&uv=131781256&tms=1685141455356&abt=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ac5c0029-7db2-4dd2-93b8-509ba87392bb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69641

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XDJq2P1E2uG0y_ZSr4oi1puO_WiAnwjl~A&gdpr_in_effect=0
date: Fri, 26 May 2023 22:50:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F56 17 KB
7 KB 1677ms
148ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 May 2023 22:50:57 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/131781_256/infra/ 890 KB
147 KB 1435ms
142ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/131781_256/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f7dac3af3c01cb6b74ccf5cd9d195a76fd90acfe304caecf5c3c6e1f66f5f93e

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1679929932
date: Fri, 26 May 2023 22:50:56 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 9X8K81JV5H2JPKCE
age: 766313
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1679929932
x-amz-meta-mode: 33188
content-length: 150294
x-amz-id-2: WhLdjaodY2EwWp49YKNk6Fk86H7asUwYdleg6Ac5jWzgzWqtdlPL+Zi9NpAAtBTDDTAxK6qc3k4=
x-served-by: cache-fra-eddf8230093-FRA
last-modified: Mon, 27 Mar 2023 15:12:13 GMT
server: AmazonS3-br
x-timer: S1685141457.925338,VS0,VE7
etag: "1dfff0d9a8eb187c2a86abab0d62c841"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/131781_256/assets/css/ 60 KB
8 KB 168ms
167ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/131781_256/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1679929949
date: Fri, 26 May 2023 22:50:55 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 3VMFSKMQNQ1ABX7Q
age: 27377
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1679929950
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: 2ws0vdu9lSqIohMO04/LuedWTHGTgKzio5CV1BFyph2QpwbqfYA2cZ3hhh4qs/6U6YCnm+2obtc=
x-served-by: cache-sof1510034-SOF
last-modified: Mon, 27 Mar 2023 15:12:31 GMT
server: AmazonS3-br
x-timer: S1685141456.615719,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 901

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 9CBF 0
0 167ms
166ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 747ms
256ms Fetch
application/json 3.233.146.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.146.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-146-109.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 May 2023 22:50:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvdGlhbi16aHUtZ2UtemktYmFvLWZlaS13ZW4taHVhbmctZGVuZy1odWktcXVhbi1zaHVhbmctZmFuZy1mdS1oZS15aS16aGkteGktd2FuZy10YS1tZW4taGUtaGFvLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
868 B 499ms
499ms XHR
text/html 23.50.131.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvdGlhbi16aHUtZ2UtemktYmFvLWZlaS13ZW4taHVhbmctZGVuZy1odWktcXVhbi1zaHVhbmctZmFuZy1mdS1oZS15aS16aGkteGktd2FuZy10YS1tZW4taGUtaGFvLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-208.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: GE
date: Fri, 26 May 2023 22:50:56 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=362, ak_p; desc="468094_388605776_264713046_36633_1115_64_0";dur=1
content-length: 555
expires: Fri, 26 May 2023 23:50:56 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 412ms
138ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%A4%A9%E5%AF%A7%E5%90%84%E8%87%AA%E7%88%86%E7%B7%8B%E8%81%9E%E3%80%80%E9%BB%83%E9%90%99%E8%BC%9D%E5%8B%B8%E9%9B%99%E6%96%B9%E8%A4%87%E5%90%88%EF%BC%9A%E4%B8%80%E7%9B%B4%E5%B8%8C%E6%9C%9B%E4%BB%96%E5%80%91%E5%92%8C%E5%A5%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-yruezQbeCIgT25YV1gk77w&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.3052591832194631&gjid=0.6976120027370785&_r=1&a=8260&z=0.16918812318968324&gtm=45De000

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 84AA
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

144ms
143ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6408
alt-svc: h3=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uqu7zqoexlNgLmg8XBMZEdDznqDHv0kEAoJKs6LANZBTBpTqtl88h5PrACxsZZYpaiqvsk%2F5UrMwZ5sTAwlTac3mWXdB%2FCojyVBQrahvZ1L8gzS%2F%2B0INXUTTespnzmsKTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7cd9947b68642c2d-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
430 B 234ms
233ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 100
pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
via: 1.1 varnish
x-served-by: cache-sof1510034-SOF
server: nginx
x-timer: S1685141456.003369,VS0,VE100
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vbc
b.logly.co.jp/ 0
187 B 388ms
388ms Image
text/plain 13.113.148.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.logly.co.jp/vbc?ac=PBmw34K1iUqWhjj-WJQDWw&sp=4308934&ia=0&at=1685141454
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.148.165 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-148-165.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 8998
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

142ms
142ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6408
alt-svc: h3=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3DclV%2FPhZ8E5JTMZnLV3Q4QJ2lp1kpVRsI0FHMEJSpKyz3YhOAe2nwbLgpWNEu7YoOBVW4HlVNkxvyHBK7l2%2F%2BXpaJtRKOkcvut%2FwNqpJuSWozd7xzeFJJEEwKNNzTCLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7cd9947efb102c2d-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
715 B 117ms
116ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 26 May 2023 22:50:56 GMT
via: 1.1 varnish
x-amz-request-id: H4VMMJK5BJ28AACK
age: 21267
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: wqrzUZj+PyXQbx7NPs6XGJfTXcmyC5kCorij+F2vG2VSm+8WFlX2ukfx9t9vXOfg0fyCCarOedI=
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1685141456.106427,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 7320

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2CED
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3

0
60 B

210ms
209ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Fri, 26 May 2023 22:50:56 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1685141456.376077,VS0,VE94
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-sof1510034-SOF

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 2CED
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VgHV15BE2oSX2NyF5ffKGhmnf6Xty4uvjNhsag--~A

0
231 B

156ms
139ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VgHV15BE2oSX2NyF5ffKGhmnf6Xty4uvjNhsag--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69644

Redirect headers

date: Fri, 26 May 2023 22:50:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VgHV15BE2oSX2NyF5ffKGhmnf6Xty4uvjNhsag--~A
content-length: 0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 2CED
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=70&user_id=7683554565452013913&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183

0
231 B

178ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69633

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183
date: Fri, 26 May 2023 22:50:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BEF9 15 KB
11 KB 154ms
154ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

930c92b1c71d3d7a6ec973ad3c36f52a541c14c3815b46677ea010bf4f5c5f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11347
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A8EA 603 B
368 B 298ms
295ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-355271638649975683&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3302&oid=2&is_amp=5&amp_v=2305051745001&d_imp=1&c=25177008260&ga_cid=amp-yruezQbeCIgT25YV1gk77w&ga_hid=8260&dt=1685141455336&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&bdt=5339&dtd=32&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305051745001/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:56 GMT
expires: Fri, 26 May 2023 22:50:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
106 B 138ms
138ms Ping
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=8260&cid=amp-yruezQbeCIgT25YV1gk77w&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&dr=&dt=%E5%A4%A9%E5%AF%A7%E5%90%84%E8%87%AA%E7%88%86%E7%B7%8B%E8%81%9E%E3%80%80%E9%BB%83%E9%90%99%E8%BC%9D%E5%8B%B8%E9%9B%99%E6%96%B9%E8%A4%87%E5%90%88%EF%BC%9A%E4%B8%80%E7%9B%B4%E5%B8%8C%E6%9C%9B%E4%BB%96%E5%80%91%E5%92%8C%E5%A5%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1685141456&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305051745001/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 1443ms
140ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-yruezQbeCIgT25YV1gk77w&aip=1&sid=1685141456&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305051745001/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 154ms
153ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

62ec5eee82ce6141d1ccafe647de368c6d8eeca50b121815d587fe69cb4f3ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 22:50:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BEF9 17 KB
6 KB 941ms
166ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 May 2023 22:50:57 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 139ms
138ms Ping
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je35o0&_p=8260&cid=650163583.1685141457&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685141456&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&dt=%E5%A4%A9%E5%AF%A7%E5%90%84%E8%87%AA%E7%88%86%E7%B7%8B%E8%81%9E%E3%80%80%E9%BB%83%E9%90%99%E8%BC%9D%E5%8B%B8%E9%9B%99%E6%96%B9%E8%A4%87%E5%90%88%EF%BC%9A%E4%B8%80%E7%9B%B4%E5%B8%8C%E6%9C%9B%E4%BB%96%E5%80%91%E5%92%8C%E5%A5%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 9F80
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZHE30cCo5uYAALE-e7wAAAAA

0
231 B

137ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZHE30cCo5uYAALE-e7wAAAAA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69619

Redirect headers

X-SO-Cluster-ID: 0
Date: Fri, 26 May 2023 22:50:57 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"91.239.206.153","key":"ZHE30cCo5uYAALE-e7wAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad358"}
X-SO-Key: ZHE30cCo5uYAALE-e7wAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad358
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZHE30cCo5uYAALE-e7wAAAAA
Cache-Control: private
X-SO-HostName: m-ad358.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 0
X-SO-LB-Hostname: a-tgng40015.dc2p.scaleout.jp
X-SO-IP: 91.239.206.153

GET
H2

204

/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 9F80
Redirect Chain

https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=04e57c9ed2a3466fbb...
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=04e57c9ed2a3466fbb657efdde0f6047

0
222 B

139ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=04e57c9ed2a3466fbb657efdde0f6047
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69644

Redirect headers

location: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=04e57c9ed2a3466fbb657efdde0f6047
date: Fri, 26 May 2023 22:50:57 GMT
content-length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 9F80 0
0 3780ms
203ms Image
text/html 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 9F80
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LI55POGL-P-CM9A

0
231 B

139ms
138ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LI55POGL-P-CM9A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69641

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LI55POGL-P-CM9A
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9F80
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e?gdpr=0&gdpr_consent=&us_privacy=
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VgHV15BE2oSX2NyF5ffKGhmnf6Xty4uvjNhsag--~A

0
231 B

137ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VgHV15BE2oSX2NyF5ffKGhmnf6Xty4uvjNhsag--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69638

Redirect headers

date: Fri, 26 May 2023 22:50:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VgHV15BE2oSX2NyF5ffKGhmnf6Xty4uvjNhsag--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 9F80
Redirect Chain

https://trace.mediago.io/ju/cs/taboola
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=fce66360a2846e66b67f606a073ad226

0
230 B

137ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=fce66360a2846e66b67f606a073ad226
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 76866

Redirect headers

location: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=fce66360a2846e66b67f606a073ad226
date: Fri, 26 May 2023 22:51:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
content-type: text/plain; charset=utf-8

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 9F80
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEB_yj3_ttENKze87vmnW52Q&google_cver=1

0
194 B

209ms
209ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEB_yj3_ttENKze87vmnW52Q&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Fri, 26 May 2023 22:50:57 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1685141458.903089,VS0,VE93
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-sof1510034-SOF

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEB_yj3_ttENKze87vmnW52Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 9F80 42 B
245 B 1698ms
144ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e:$UID
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 26 May 2023 22:50:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9F80
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e

170 B
243 B

416ms
146ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e
date: Fri, 26 May 2023 22:50:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69639

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9F80
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3

0
276 B

209ms
209ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Fri, 26 May 2023 22:50:57 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1685141457.114820,VS0,VE93
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-sof1510034-SOF

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET merge
ce.lijit.com/ Frame 9F80 0
0

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 9F80 49 B
863 B 1702ms
141ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: ka-GE
content-type: image/gif
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-m6fd8
expires: -1

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 9F80 43 B
361 B 439ms
141ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 26 May 2023 22:50:57 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9F80
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a

0
231 B

138ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69621

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 943023
content-length: 0
expires: Fri, 26 May 2023 00:00:00 GMT

GET

ZGwAAmRxN9cAAAAIKlY8Aw==
id5-sync.com/a/464/121/0/8/gif/0/0/ Frame 9F80
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&ttl=%%TTL%%
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ff96r1YrY71pupNczxMSV4rM5LkNhfE-eOMSPzwp3w&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/464/3/5/3.gif?puid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://id5-sync.com/c/464/19/4/4.gif?puid=46b58532ddf468f20407502538777278&gdpr=0&gdpr_consent=
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
https://id5-sync.com/k/285.gif?puid=LI55POGL-P-CM9A&gdpr=0
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=46b58532ddf468f20407502538777278&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=46b58532ddf468f20407502538777278&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7...
https://id5-sync.com/c/464/485/2/6.gif?puid=63688520227944709111107928925722670841&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/1/7.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/464/2/1/7.gif?puid=4527130612681197971&gdpr=0&gdpr_consent=
https://sync.sharethis.com/id5?uid=ID5-ff96r1YrY71pupNczxMSV4rM5LkNhfE-eOMSPzwp3w&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F464%2F121%2F0%2F8%2Fgif%2F0%2F0%2F
https://id5-sync.com/a/464/121/0/8/gif/0/0/ZGwAAmRxN9cAAAAIKlY8Aw==

0
0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9F80
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26u...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26u...
https://x.bidswitch.net/sync?dsp_id=429&user_id=d029fb03-12a7-5293-af8e-d646cbffe197&ssp=taboola&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183

0
231 B

138ms
138ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69633

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183
date: Fri, 26 May 2023 22:50:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9F80
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=280ffc3e-3a7c-46b3-9d50-6db7f323fd36
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=280ffc3e-3a7c-46b3-9d50-6db7f323fd36&tbid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&query=taboola_hm%3D280ffc3e-3a7c-...

0
68 B

151ms
150ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=280ffc3e-3a7c-46b3-9d50-6db7f323fd36&tbid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&query=taboola_hm%3D280ffc3e-3a7c-46b3-9d50-6db7f323fd36&isDirect=0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 26 May 2023 22:50:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1685141459.228479,VS0,VE34
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-sof1510034-SOF

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=280ffc3e-3a7c-46b3-9d50-6db7f323fd36&tbid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&query=taboola_hm%3D280ffc3e-3a7c-46b3-9d50-6db7f323fd36&isDirect=0
date: Fri, 26 May 2023 22:50:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69621

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 9F80 43 B
122 B 141ms
140ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9F80
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&dongle=tbla&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

153ms
153ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 26 May 2023 22:50:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date: Fri, 26 May 2023 22:50:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 9F80
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=140
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=clIfNpQGX-VGmsIYy0jvvFvvzpk

0
221 B

137ms
136ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=clIfNpQGX-VGmsIYy0jvvFvvzpk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 79073

Redirect headers

Location: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=clIfNpQGX-VGmsIYy0jvvFvvzpk
Date: Fri, 26 May 2023 22:51:00 GMT
Connection: keep-alive
Content-Length: 119
Content-Type: text/html; charset=utf-8

GET
H2

200

match
ads.betweendigital.com/ Frame 9F80
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=453&user_id=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&gdpr=0&gdpr_consent=&us_privacy=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=707a5598-5816-46da-9ae1-f3aa7f052183
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=707a5598-5816-46da-9ae1-f3aa7f052183&crf=1

68 B
598 B

138ms
136ms

Image
image/png

188.42.34.64
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=707a5598-5816-46da-9ae1-f3aa7f052183&crf=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=22&external_user_id=707a5598-5816-46da-9ae1-f3aa7f052183&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 sync
t.adx.opera.com/ Frame 9F80 35 B
467 B 1693ms
142ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60151&uid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 9F80
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=57931379-01f8-4ece-b4f9-af32fa4fc8f9

0
231 B

137ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=57931379-01f8-4ece-b4f9-af32fa4fc8f9
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69621

Redirect headers

date: Fri, 26 May 2023 22:50:58 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=57931379-01f8-4ece-b4f9-af32fa4fc8f9
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 117ms
116ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:56 GMT
x-amz-request-id: Y9HM0FG4CEQVXQW5
age: 216
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: L1qJGtGoLr2a/9G/fjQBT+Qy6sxprAItOBmFc1iVgIqFJeLifbQzKhzoFLr/3xtR/NdHYx1LTx6wha/vQZeRsQ==
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1685141457.938243,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 24
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 920

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
431 B 118ms
117ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:56 GMT
x-amz-request-id: P6T6PP6XFNH8SVTF
age: 15812
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: Qmf1NzI8yZUZdy3o4PM32OD+iPFg9AS3wHasA/5wQAh4nA5dhO9GxDqQXRemtlNTNVLhMEvebAU=
x-served-by: cache-sof1510034-SOF
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-timer: S1685141457.938323,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 83914

GET
H2 200 eidf.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 118ms
117ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eidf.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 May 2023 22:50:56 GMT
x-amz-request-id: 7QVH5HCARX8WBYH3
age: 3536
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6467
x-amz-id-2: XHEpN8NTCiFG8dCTiOn5f9Rdu5JwzWZMk+3GIoygxIcVkWruLwdnVCiLFbMy0/04g+EPkvpy29s=
x-served-by: cache-sof1510034-SOF
last-modified: Sun, 02 Apr 2023 13:49:08 GMT
server: AmazonS3
x-timer: S1685141457.938411,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 9789

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 270ms
264ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230093-FRA
date: Fri, 26 May 2023 22:50:57 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D0A 13 KB
5 KB 130ms
129ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 7626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 20:43:51 GMT
expires: Sat, 25 May 2024 20:43:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D69E 783 B
1 KB 432ms
149ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

3d327d5c64fb137f28739815f35d7093f5f131adceb8c8b13bcd5eea29038fa1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TjV9KzPqYcMtsxbTfm6frQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-TjV9KzPqYcMtsxbTfm6frQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:57 GMT
expires: Fri, 26 May 2023 22:50:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 900ms
215ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 May 2023 22:50:58 GMT
cache-control: no-store
server: nginx

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2EA 13 KB
5 KB 132ms
131ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 7626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 20:43:51 GMT
expires: Sat, 25 May 2024 20:43:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A78C 783 B
740 B 399ms
149ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

8383516338f5835732c6de7d6ec893a86fd895cd4476e4e154cc97a8ee892bfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EJ1-ma7w8SJOovgKTn0jAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-EJ1-ma7w8SJOovgKTn0jAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:57 GMT
expires: Fri, 26 May 2023 22:50:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 117ms
116ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/131781_256/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
via: 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: VIE50-C2
age: 1284636
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-sof1510034-SOF
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1685141457.463656,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: YyL9Y-P-0uoPuNAbLSUf938w9jdvxVLEsaFVMHVP8nvgzc7ZbDPBQQ==
x-cache-hits: 95911

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 86E6 517 B
602 B 145ms
144ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/131781_256/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3f12d3a041ced1e53fad6e9f33a1983fdc7132a99957acd0390c41181dcb60ff

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 26 May 2023 22:50:57 GMT
machineid: 3402
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 124ms
118ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 26 May 2023 22:50:59 GMT
via: 1.1 3d4555926457517be3e728d2175d92a2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: VIE50-C2
age: 2917281
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-sof1510034-SOF
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1685141459.174187,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 6RrWc2x4zaGe7BI0hmFGsUr1huLkLXjkJxFg2dogjaq2AdwguPqLpg==
x-cache-hits: 311274

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.2.1/ 451 KB
85 KB 116ms
116ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.2.1/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/131781_256/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 46df493ce0b3cfef85a95ca969ae64517f79066ab7b23958216dbd757c1837af

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1684846295
date: Fri, 26 May 2023 22:50:57 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: RWXQJRH57RVFEKZX
age: 295095
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1684846309
x-amz-meta-mode: 33188
content-length: 86474
x-amz-id-2: jjnm6cJgOI+bcj5qHfwHGkoD+TMPzNo4Ym7rN4GcJAvtno0OoguHCz2UFKAg0bklmpfkBWymFeM=
x-served-by: cache-sof1510034-SOF
last-modified: Tue, 23 May 2023 12:51:50 GMT
server: AmazonS3-br
x-timer: S1685141458.500723,VS0,VE0
etag: "c86a2f6f01c770ca81ae8eeecf42d184"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 513630

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 143ms
142ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&cmcv=&pix=31579697&cb=1685141457455&uv=131781256&tms=1685141457455&su=3&abt=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
content-length: 0
server: nginx

GET
H3 200 1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D0A 37 KB
14 KB 140ms
138ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 16:34:33 GMT

GET
H3 200 1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js Show response
pagead2.googlesyndication.com/bg/ Frame A2EA 37 KB
14 KB 140ms
139ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 16:34:33 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 84AA 975 B
745 B 145ms
144ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11709
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSpzxP4WQS4QB5hnK3by%2FKaoj4i3hl5lUojTpDOCKuPPX4sTg6u86Y5sfxrc0MUhtaFKcJtyhgGRfTauSUoSNE4illh6UBjvSCCuHOFINq%2FK7s6fSz68P79A7B0drol31w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7cd9947e1a672c2d-FRA

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 84AA 375 B
1 KB 1365ms
931ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.32932769829872255&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 487f9625d6d17402d2907c65a39e0b5044a1188bab736fe3775b5a4abde12930

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:58 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 441ff555-4d5e-3c04-b70c-3b397e08b3a3
X-Adtype: html
Connection: close
Content-Length: 375

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 86E6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XDJq2P1E2uG0y_ZSr4oi1puO_WiAnwjl~A&gdpr_in_effect=0

0
231 B

137ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XDJq2P1E2uG0y_ZSr4oi1puO_WiAnwjl~A&gdpr_in_effect=0
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69644

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-XDJq2P1E2uG0y_ZSr4oi1puO_WiAnwjl~A&gdpr_in_effect=0
date: Fri, 26 May 2023 22:50:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 86E6
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=7eddbb1a-a488-470e-9fc1-4cc7c3819ae1&ssp=taboola&bsw_param=707a5598-5816-46da-9ae1-f3aa7f052183
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183

0
231 B

139ms
138ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 80415

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=707a5598-5816-46da-9ae1-f3aa7f052183
date: Fri, 26 May 2023 22:50:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AB4A 281 B
554 B 417ms
132ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 May 2023 22:50:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 143ms
142ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS90aWFuLXpodS1nZS16aS1iYW8tZmVpLXdlbi1odWFuZy1kZW5nLWh1aS1xdWFuLXNodWFuZy1mYW5nLWZ1LWhlLXlpLXpoaS14aS13YW5nLXRhLW1lbi1oZS1oYW8uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTQ0ZmFjODE3LWRhYTgtNDhmMi05ZjdlLWM1NTdhZTRmYTNiYyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNWRiZDhjZGMtZDFkYS00MGJiLWFhMjUtNTYwMjA2YmM0YmUyIiwidGltZU9mQXVjdGlvbiI6MTY4NTE0MTQ1NDU2MiwiYmlkcyI6W3siY3BtIjowLjAyNSwiYWRJZCI6Ijc0ZTM5OWQwZjM5Y2EwMSIsIm9yaWdpbmFsQ3BtIjowLjAyNSwiYmlkZGVyIjoib3BlbngiLCJyZXZlbnVlIjowLjAwMDAyNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTc0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY4NTE0MTQ1NTE0NX0seyJjcG0iOjAuMDM4ODQ2LCJhZElkIjoiNzg2MWZiZGM0ZTg2Y2ZhIiwib3JpZ2luYWxDcG0iOjAuMDM4ODQ2LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMzg4NDYsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjcyNiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2ODUxNDE0NTUzMDF9XSwidGltZWRPdXRCaWRkZXJzIjpbInRlYWRzIiwidGVhZHMiLCJ0ZWFkcyIsInRlYWRzIiwidGVhZHMiLCJ0ZWFkcyIsInRlYWRzIiwiYWRsaXZldGVjaCIsIm1lZGlhbmV0IiwiYWR5b3VsaWtlIiwiYWR5b3VsaWtlIiwiYWR5b3VsaWtlIiwiYWR5b3VsaWtlIiwiaXgiLCJpeCIsIml4IiwiaXgiLCJpeCIsIml4IiwiaXgiLCJub2JpZCJdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJydWJpY29uIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3ODYxZmJkYzRlODZjZmEiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDM4ODQ2fSx7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjVkYmQ4Y2RjLWQxZGEtNDBiYi1hYTI1LTU2MDIwNmJjNGJlMiIsInRpbWVPZkF1Y3Rpb24iOjE2ODUxNDE0NTQ1NjIsImJpZHMiOlt7ImNwbSI6MC4wMjEsImFkSWQiOiI3NWVlYWM1NzJjNzk4YTIiLCJvcmlnaW5hbENwbSI6MC4wMjEsImJpZGRlciI6Im9wZW54IiwicmV2ZW51ZSI6MC4wMDAwMjEwMDAwMDAwMDAwMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjU3NSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2ODUxNDE0NTUxNDZ9LHsiY3BtIjowLjA0NTc0OSwiYWRJZCI6Ijc2OWZhYWMxMjUzZTgwYiIsIm9yaWdpbmFsQ3BtIjowLjA0NTc0OSwiYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDA0NTc0OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTY4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY4NTE0MTQ1NTE0OX0seyJjcG0iOjAuMDYsImFkSWQiOiI3N2VjMGFkZWQ4ODdmOGMiLCJvcmlnaW5hbENwbSI6MC4wNiwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo3MjYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjg1MTQxNDU1MzAxfV0sInRpbWVkT3V0QmlkZGVycyI6WyJ0ZWFkcyIsInRlYWRzIiwidGVhZHMiLCJhZGxpdmV0ZWNoIiwibWVkaWFuZXQiLCJhZHlvdWxpa2UiLCJpeCIsIml4IiwiaXgiLCJub2JpZCJdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJydWJpY29uIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3N2VjMGFkZWQ4ODdmOGMiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1fV0sImNvdW50cnkiOiJHRSJ9&c_b=9168.400001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:57 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
296 B 446ms
132ms Image
image/gif 2.21.20.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=5dbd8cdc-d1da-40bb-aa25-560206bc4be2&cid=8CUPEPKI9&crid=222574718|222574718&adunit_count=2&dn=www.bg3.co&requrl=https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&istop=true&event=client_timeout&value=2&rd=3000
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:50:59 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 26 May 2023 22:50:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
165 B 137ms
136ms Script
application/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 139ms
139ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
23 KB 685ms
684ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3804659467494742&correlator=3699610141715706&eid=31074874%2C44793316%2C21065724&output=ldjh&gdfp_req=1&vrg=202305240101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=1&adks=1420297610%2C2857874404&sfv=1-0-40&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D7861fbdc4e86cfa%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.06%26hb_ap_adid%3D77ec0aded887f8c%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse&sc=1&cookie=ID%3D6bfefe051a28daf3-22932832c3e00048%3AT%3D1685141454%3ART%3D1685141454%3AS%3DALNI_MZojeZnv05tFYRVVBno1Gio-IHLpg&gpic=UID%3D00000c37ca7cbd5f%3AT%3D1685141454%3ART%3D1685141454%3AS%3DALNI_MY2NaHQqVAJVHWpiqv-JsjB3gVTFA&arp=1&abxe=1&dt=1685141457621&lmt=1685141457&dlt=1685141449997&idt=4788&adxs=236%2C436&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&frm=20&vis=1&psz=728x-1%7C728x-1&msz=728x-1%7C728x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=650163583.1685141457&ga_sid=1685141458&ga_hid=8260&ga_fc=true&ga_cid=amp-yruezQbeCIgT25YV1gk77w

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6fa0dc7a67252172df21e60b47265d378fff05207134366c5c57babaca609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23302
x-xss-protection: 0
google-lineitem-id: -1,5221734842
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138294149007
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
66570716e3c675b4a2b3351a14a05cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BBD 6 KB
3 KB 166ms
138ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://66570716e3c675b4a2b3351a14a05cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:57 GMT
expires: Sat, 25 May 2024 22:50:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 485ms
208ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 22:50:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DB3A 15 KB
11 KB 150ms
149ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230523&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef97770ddc1eb372523c9e0f547138c0a2abae4b4dcabf659a1d2c231ab497f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11263
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D69E 0
0 171ms
170ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305230101&jk=3017211078063100&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A78C 0
0 172ms
171ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305230101&jk=185763171046057&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D0A 0
10 B 129ms
129ms Image
text/plain 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AM7vIg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A2EA 0
10 B 129ms
129ms Image
text/plain 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?X5r7XQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1 KB 173ms
172ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1685141457872&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1521&pt=844945065&tz=0&viewable=true&ddast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38b589bc56ec20453b96771f6cb0c18e9bc76fa71459e9656b785b812fd49cf8

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 26 May 2023 22:50:57 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1464
x-cache: MISS
x-served-by: cache-sof1510034-SOF
pragma: no-cache
server: nginx
x-timer: S1685141458.924302,VS0,VE56
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DB3A 17 KB
6 KB 138ms
137ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 May 2023 22:50:57 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 8998 975 B
749 B 143ms
142ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11710
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhNQ%2F18VKQvedNR2UVSDf2JER62Pv4yHYCKD1d%2FsASXiMiNbumkPcjwNnB8bjnQsufXhs731xLK4jj3%2F8XZg3uIpMi%2F3kUhWpHlHp9jTtQai5uz3mmi1HRVhFcwwzmM2sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7cd99480bc7b2c2d-FRA

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 8998 638 B
1 KB 3719ms
256ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6243564343920691&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 15b28511b14bb31f527775102771a551335be9b80177d00395c3ebf2f5e9b12a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:51:01 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 441ff555-4d5e-3c04-b70c-3b397e08b3a3
X-Adtype: html
Connection: close
Content-Length: 638

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AB4A 34 KB
10 KB 144ms
144ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e9a83c407934c3ccb3f2c664afaa35b5f7e86788415e58c8ec300d5d6f49c51b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2023 14:04:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54777
Connection: keep-alive
Content-Length: 10085
Expires: Sat, 27 May 2023 14:03:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0EA 13 KB
5 KB 131ms
129ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 7627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 20:43:51 GMT
expires: Sat, 25 May 2024 20:43:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F66 783 B
759 B 167ms
167ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

36326e3d5288ee0e69db6442325fd10eefcdb7fc051d1594713370270f68d400

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hnAdn4ycqplZd7466lF7mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hnAdn4ycqplZd7466lF7mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:58 GMT
expires: Fri, 26 May 2023 22:50:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9CBF 15 KB
11 KB 146ms
146ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230523&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c65c5526041cd9324c68c18d951d19d1afc8f8b4c4ec3f78517aeb6f6535dc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11317
x-xss-protection: 0

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame AB4A
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LI55POGL-P-CM9A
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LI55POGL-P-CM9A&gdpr=0&us_privacy=1---

0
231 B

137ms
137ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LI55POGL-P-CM9A&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69623

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LI55POGL-P-CM9A&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
Expires: 0

GET
H3 200 1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js Show response
pagead2.googlesyndication.com/bg/ Frame B0EA 37 KB
14 KB 138ms
138ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 16:34:33 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 1440ms
135ms Script
application/javascript 99.84.88.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-56.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:22:28 GMT
via: 1.1 24615eefe0727e5d65935ccaddca2f78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 1713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: pMWWSbg71Ic2vA5E0ScsfcNlWhlzWnUO_OZkjPiUcpiha7jHHaFilg==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F66 0
0 172ms
172ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230523&jk=3902658446120490&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB4A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTNlZDg0NGNlOTUwOWY0NDdjYWY2YTkzMjE4MTJhYzYxZjA1NjZlMQ&gdpr=0&us_privacy=1---

170 B
188 B

139ms
139ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTNlZDg0NGNlOTUwOWY0NDdjYWY2YTkzMjE4MTJhYzYxZjA1NjZlMQ&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTNlZDg0NGNlOTUwOWY0NDdjYWY2YTkzMjE4MTJhYzYxZjA1NjZlMQ&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AB4A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEIJJY2opXsNCIy_1kvE_nKw&google_cver=1

42 B
678 B

133ms
132ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEIJJY2opXsNCIy_1kvE_nKw&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEIJJY2opXsNCIy_1kvE_nKw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame AB4A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI55POGL-P-CM9A&gdpr=0&us_privacy=1---

0
512 B

1553ms
275ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI55POGL-P-CM9A&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:59 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 15D0B743C20B4025B56F4D41C54620A1 Ref B: VIEEDGE4112 Ref C: 2023-05-26T22:51:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8oJInXsnMGIdIjxG8kA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI55POGL-P-CM9A&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AB4A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/4Ht7oIHGzwuFWpGMTVIXFQ?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C_HINM1E2oJBDX_.VPixpe6DvuaFB.2_kvxNuw--~A

42 B
690 B

133ms
133ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C_HINM1E2oJBDX_.VPixpe6DvuaFB.2_kvxNuw--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 26 May 2023 22:50:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C_HINM1E2oJBDX_.VPixpe6DvuaFB.2_kvxNuw--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AB4A
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=&expires=30

42 B
678 B

241ms
133ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AB4A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7Zm01dslTM2c7s9DcQue_A&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7Zm01dslTM2c7s9DcQue_A&gdpr=0

43 B
479 B

225ms
225ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7Zm01dslTM2c7s9DcQue_A&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:51:00 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZWQN0SHEZFYGH334A8MK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7Zm01dslTM2c7s9DcQue_A&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB4A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEk1NVBPR0wtUC1DTTlB&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEARc1Zr6R6HvVWAjy4b2-GM&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk1NVBPR0wtUC1DTTlB&google_push=&gdpr=0

170 B
188 B

139ms
139ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk1NVBPR0wtUC1DTTlB&google_push=&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk1NVBPR0wtUC1DTTlB&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame AB4A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=InIecOuVQIOoGCK_Hresbg&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=InIecOuVQIOoGCK_Hresbg&gdpr=0

43 B
479 B

164ms
163ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=InIecOuVQIOoGCK_Hresbg&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:50:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3Q1V5819AZZZ5DJKV5NK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=InIecOuVQIOoGCK_Hresbg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9CBF 17 KB
6 KB 142ms
142ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 May 2023 22:50:58 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305152039000/ Frame 2CF7 222 KB
61 KB 136ms
134ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 17:00:47 GMT
age: 280211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61839
x-xss-protection: 0
server: sffe
etag: "c5e753c238beacad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 May 2024 17:00:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 2CF7 15 KB
5 KB 232ms
230ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 363667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5257
x-xss-protection: 0
server: sffe
etag: "6147d0c60b11b4b1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 2CF7 94 KB
28 KB 192ms
190ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 363667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28959
x-xss-protection: 0
server: sffe
etag: "e8b37e49415a2d9f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 2CF7 5 KB
2 KB 237ms
235ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 363667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1899
x-xss-protection: 0
server: sffe
etag: "de1853be803cb92a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 2CF7 40 KB
13 KB 220ms
219ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 363667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12945
x-xss-protection: 0
server: sffe
etag: "6b8dcbc7470d864f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2CF7 7 KB
1 KB 1425ms
138ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 22:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 22:26:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 22:50:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0819 0
0 172ms
171ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSZVWkjYiXH3AXxfra5Ipb-jj_gX7wTZYtLtHxNBtuJnP_Bpcv4xnH-ZZ7FUYSeqqK-A_JOYBwNlJ79EZBiw97fB80UYuvmB44q_gwMEWolZ9ZCEDEuf7TK9mW23UNS3vT3C817ZaOlvDzP2s8nrBz5ByfjNOKywSf7vvIcOWiCNYNzLC-j8iPdja9eoL70JY71pCylGp0n0zZnMG0u-dOT6VamsZMLkEphYxXnrYZhLjgGL4xmv-4nfMMIFO2glzoA6ribynrgiG0J01z9OHOFZGCT95La99M8YDOMiYSvx9gXsNX7xmMKdjv&sai=AMfl-YTLCxhqH03alJPlZsniG7hvb4lOgErdd4NlSrflG2rDoJ05vN4sg0zQly-irGMTrWaMXlsYuLnn1aAV32RXXxK10BM4krHH_1z1pBb6lz36veCNGh1vuyJLpgC36g&sig=Cg0ArKJSzNNcWaIBx00REAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 76E6 663 B
254 B 142ms
140ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiutpgCENGwxMYDGMSM_-ABMAE&v=APEucNUyq5yXy3tV-jnFqfJZr10emz-8ebyZVeA-J7UEm_YHsDSm5m9TsVOIZXiBn9ZU52OSLEpErtTqsK5OyUo8IEOIxcHPFA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0819 78 KB
27 KB 168ms
167ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0819 42 B
63 B 180ms
178ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5I0d7lUuLpGoJaXJ_0nLqtkGsJSHoojEE-yC-HB0wbg-A7J72zjZL4pzMV4-CmJ2c3pGayANaTeKZ8yeqjk4Ak65C0W643b6pjcfBYoJPEMI3Yyo

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0819 0
20 B 179ms
177ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6695420069891327384&x=8&ct=119

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3f428394-df77-4263-a947-42550d0cfb60
beacon-ams3.rubiconproject.com/beacon/d/ Frame 0819 43 B
227 B 561ms
137ms Image
image/avif 213.19.162.37
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/3f428394-df77-4263-a947-42550d0cfb60?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=2&e=6A1E40E384DA563B57194D699DE8F48F47BFE151C051BE497914BD12545E75DF23AF00D1A4952621BE3074C708E626DF7A3220A15E3EC91DC33742FEA7BBC263539CE1F6AAE584CC9D433DB3EBF167A64A4B6C361B6AF630280E940C1DBFF56DFF1FCF10C6182F084FFAB43FE2CEA62175709BC6CEC925E0152C606B9E023ACB2605645952F6017887309CE6B7E220C3D25497747EE00A7146E1FA7EE9F69803BB8D38A45CAC2D87953775375D43274FB0F8662F4FE92273E82A954C1004678A

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.19.162.37 , United Kingdom, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:59 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0819 171 KB
54 KB 684ms
149ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305240101/pubads_impl.js?cb=31074874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 22:50:59 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2CF7 3 KB
3 KB 132ms
132ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 00:26:43 GMT
x-content-type-options: nosniff
server: cafe
age: 80655
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 27 May 2023 00:26:43 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2CF7 344 B
368 B 142ms
141ms Image
image/png 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 33348
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 27 May 2023 13:35:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2CF7 0
0 143ms
143ms Image
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTU7YwWRQppz8p_JiPw3FplJjlyJZ7uZ0HnK8K9aH6L7f8ReRrnNxzA_Vrmgje-m-sl_dhlwQ3wMBlY-r4ukOTPGSbztw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2CF7 0
0 180ms
179ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgHD90TdxZJGnLZr03wOKyYXgDqHdud5r6digkKMQpK75h5YZEAEguoTAM2CNAqABieLV5QPIAQapAlNUmNW_ij4-4AIAqAMBqgTJAk_QnNtuZvgcowsneuiRUujGZxrnROlWfpBdj7S_6veD6z3ICi5nX2G2NaISGtvOKItZ05UWp2aQ0kmQD_XSuDAIgRbnNIhIvYNGr1UgI4zDaDTk0ScIqHHDJGGPdlsQ6VcN2ee6a6feXJc3fKaw4m_FuUrfSmyG950NeUiOePPqN8RLTkTlWKQmHnCKXHtYRMonB9dlch46Q2cXDFwDXmhKZw4rkQAiBdu2IVjzLpKqGpDKX3tDB_hgAYkIIQejKOwGQRWwVnakTbCboVlPrp4gVlUtckshL1APEuiDLE_Cs7BM0ctHKdFRRfblgT04JfyvKrR2LA27gzWdTd3zy2SKTHbfUOhlYjjzSa-1zfpg9jL1TInOULrRGfMn1_fmQyq3Lcs7wKteouAFiwE_f2bcrdR5ab8VYkkIpbgxHg_utU2KyQZhcO46wATv_8DoM-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAffnaoaqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQy5AE0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMTMyNTM0MDQyOTgyMzUwMhjKqx4&sigh=WZ2gbYRBJHg&uach_m=[UACH]&cid=CAQSOwBygQiDmEPYmoD7k0_adenBv8eg3oS729aU2ZgBwLUA8V0xwFI2EpVtGHP8zOFVHKKYUOe8_4I1xOpgGAE&template_id=492
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 142ms
142ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS90aWFuLXpodS1nZS16aS1iYW8tZmVpLXdlbi1odWFuZy1kZW5nLWh1aS1xdWFuLXNodWFuZy1mYW5nLWZ1LWhlLXlpLXpoaS14aS13YW5nLXRhLW1lbi1oZS1oYW8uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTQ0ZmFjODE3LWRhYTgtNDhmMi05ZjdlLWM1NTdhZTRmYTNiYyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1OTk5OTk5OTk5OTk5OTk5NSwicmVzcG9uc2VUaW1lIjo3MjYsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InJ1Ymljb24iLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDA1OTk5OTk5OTk5OTk5OTk5NSwid2lubmVyQWRVbml0SWQiOiI3N2VjMGFkZWQ4ODdmOGMiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzUsM10sInNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjcyOHg5MCIsInByZWJpZEF1Y3Rpb25JZCI6IjVkYmQ4Y2RjLWQxZGEtNDBiYi1hYTI1LTU2MDIwNmJjNGJlMiIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiR0UifQ%3D%3D&c_b=9969.599998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
DATA 200
OK truncated
/ Frame 2CF7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 872beb3bc5f33896799aece58cf54e85ab8db472ed025bdd6fd0e14ea1a0ec20

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6DB8 13 KB
5 KB 134ms
131ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 7627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 20:43:51 GMT
expires: Sat, 25 May 2024 20:43:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B07B 783 B
535 B 144ms
143ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

b37794ff8ffdffa7dd7582e1be26ef97ac2ce38c2e3483478bc68dd8c549533f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yQeL-KjRegG3dLsUBQ2bXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-yQeL-KjRegG3dLsUBQ2bXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:50:58 GMT
expires: Fri, 26 May 2023 22:50:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3F56 0
0 176ms
175ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305230101&jk=3017211078063100&bg=!HxylHEjNAAZu7ficTu07ADkAdvg8WqoWZNwvN_r6iCpH2UF8sYPKDOiDDeqclTSUO4yzYeHroRIFnQP-iGosM3S8pAmYo95u9Q4CAAAAm1IAAAACaAEHCgC_vI7mMuGlDxezy-OXjDtvAq4w_m_I2mO7RiDjloqwR2HmfFj3amsWvmFZDsQJH0hT8dz3LHDbWlGGSyG-bF0C749mIDLy5qZ-ufp4hfg7Cu8oiTGj2UiH4eAdmLaBdhAgZvwLEMds39OgGHUiY5xiCYJjriAkaJhlcGIWk1nJ1I7QQrhUD1zYm9VBzgZMrtSQeTjzwSpgGrwOvkmKIV-uQ7impAy4f-OsZP6vJQX61gTaB4gj4IpwBxQi1Tp6G5CZAsck8kChGEd-oyoldWSGB7EU8Pf8WMQ_K66wNZeSl3FRv_jtZR2cvF4t9XOSdVe1vNyrnsj7P1Nf_xHGH9DyGnWIlwe67JUicyz0g1wkpMOJWPEWyukrzOTqc_cOjmkNblltYXjZB8H3sr64DmlhM6VYaxPLJq_TlPZhU9QgwseSsWFjPQIzqBoNvgtDCI7yYn-R3bEnfEXD2FJRNKVuyzq8UPJHwk60aCnlpHgUvqV2ePh9idn2vrUdYIvmyCjSBJBLyiKO3pWG0GJ8CEjlOyYlmfquPPw3iVO44I4P0qBoN8wM54mnbwtkgnA5_07whkZ_CwESTJFBh6fb4Ym1jmZkVRRl3LrCv92iRlBvkL5AyHuh_mHYph68L6KZgWOp-QfNmbUJBz9De5Rw9VQ0mwDaFSqN5LPwMdhZ_oJIwM57uDKrBb8qBUq1MGfpoJpDPmEHHf5zntFA0c8yzGaCJySjauUQnDRCM-n_OB89wa5FsnHV-w5EqRqedkFKv0sMpNNOKfWHZqYuNY7er4zkPawA9NEFYuMIqQPyuvWNEg6VCLcAMjNy830MbmJguDQl8qa10KOBCSuGZmWJQEDe_HQNRwW6DDKPiPpBn7BZxWrV70qvybVOyB6jDcf6wp9i-Fim47aIbZySN0EvsAhaJFvTVghVGm8b77m3hOhR2WYHrBUxPYMpJV1lgqM5eY26Sqw-O3L-_ODyt1x5If6-U8GZBdJBZAO6HxxW9PjZ7sn2o9nNJW8_FYUIbTvgRqJ2Tm_mIKVp6mgmo7kjRSrauUycCTQgE2xTuCaXfgQ_2-0EF--srURI_1dty1FDn-1BUcQQu38zYQ-ryDhOL3lOysnYSZGn-LUOuk6oaK4LobokO-Csa2emV0NE-zQWidEycbUoxtzsiqQnUeyGo6ODOcvdf9_3exFnRgoo4GQWcLMeP7QRfsA1X4A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BEF9 0
0 180ms
180ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305230101&jk=185763171046057&bg=!d3SldCDNAAZu7ficTu07ADkAdvg8WnTezIjrsg6xjMUpY37fGZJJbzpQz5PNNeSV5kfnEp6oo1-VSaz8EYKdkPkpRBj_hR9T8tUCAAAAlVIAAAAEaAEHCgBYC9K-RbFAGBR4jE8vSCjWmXujHRmU1BAfkW_H4q5Czqu3VU598SW5lvawpY7KXrMENIz6H8sXEc3N5a4m57u4InO02IOv4rA4trzmvWAc4ajaFnbLTFQ5gZkCteyLp3JfduUsyJQV_6s-WXy8AKfSDa-e6HZRSutDplXl8yEobJ8-hpj5osz3ZnojMc4jNrAUJGNJZH2GQbM-fa93HArxZbmebVUh8TILicdpYnjDtxSdMNghAehb5CIh1SGiDhBontKun60grpbCDVjINykfhrcpJ5orcnyFUWvinLZME4KFkzFmr6HbtJZIJ7q4q_GIW1YunKfLaSu-cVs6ksxm5pvN4n1TLpfArZ7feJ7jFPmER-Qj34aAi3pa8DkrCmlkrbwzKRhHkgkMP6SF7qA7o1G-MdTva5KA3QnjZik2XFeN6QcazrV4W1I0rm1MgH9_S_4Q76e6YbvlMIxlfBOSS0o1rdnKUIIqNoBmJzC3BMYk71aoD42zOAGnyhzny9R5ChxO8d6TdJDojdF2SaDb0hh_QmWHwXjL4Bayvfd8jB-YNkOXAUQME2vDnjgbGsOWUe4TRu1VdLjlNdJv9c7GLgUubvwwNOmQORljuKMZRP177wkNieOgQu6SbDmpp2DmV1p1735EaLYEozH8YezOiLIDuSftu2FoeJLGUcn-GxUIvn9GTy9LlA9PR-mRVWgy9YcS47b76rGg6ddBvJQffBjTUStNtRMCIGLUM7Ws_d3x3hcHlqKGYN7lnVndSUctgyZrfxTlYjQz6oxKDNdY9_rA4Cupp83M7pV1nrAdNQF9zWV7NMNzgL5GiuMTSBaBu786XLk8W0ZH9dQPIDaG9ZPghvnPTAqYBNeM26EDn1hEuR9UMjdv1zeMUDrCyqJvBoIovaAJzSqjO6LucGYE6DVEbODZnq63sYa8bktYZfnEx3M_wist3CtX5vR6UrRX-5HU5evhX0MDZWhDeJr-j9LBUX5V767KzOiwFWDqUFnfJ-o6U_w0bRWkmvTzVQVmgsMCxMIlXNf3i8EZvtOmWA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B0EA 0
10 B 129ms
128ms Image
text/plain 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qOWBaA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 76E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJackjQX_bG6qOuonpWtJ7I&google_cver=1

43 B
534 B

754ms
217ms

Image
image/gif

146.20.132.150
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJackjQX_bG6qOuonpWtJ7I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiutpgCENGwxMYDGMSM_-ABMAE&v=APEucNUyq5yXy3tV-jnFqfJZr10emz-8ebyZVeA-J7UEm_YHsDSm5m9TsVOIZXiBn9ZU52OSLEpErtTqsK5OyUo8IEOIxcHPFA
Protocol: H2
Server: 146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:59 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJackjQX_bG6qOuonpWtJ7I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76E6
Redirect Chain

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Z1RlX2dQVGJ6b0U

170 B
188 B

141ms
141ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Z1RlX2dQVGJ6b0U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiutpgCENGwxMYDGMSM_-ABMAE&v=APEucNUyq5yXy3tV-jnFqfJZr10emz-8ebyZVeA-J7UEm_YHsDSm5m9TsVOIZXiBn9ZU52OSLEpErtTqsK5OyUo8IEOIxcHPFA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 26 May 2023 22:50:59 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=Z1RlX2dQVGJ6b0U
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET

rum
dsum-sec.casalemedia.com/ Frame 76E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5jnUqsQGET-P_29w4ogpI&google_cver=1

0
0

GET rrum
dsum-sec.casalemedia.com/ Frame 76E6 0
0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0819 0
20 B 172ms
172ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5922660219042&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0819 0
20 B 172ms
172ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5922660219042&version=m202301230201&ct=119&x=8&cor=6695420069891327000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0819 84 KB
35 KB 166ms
164ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbHgJdZ-z-wZsQFQhc6Ciw6hEdzuc9gqCZ-O2KlhiTsoVZytf4kuQZg2z-gR0Z-xDxXerpBSufIidHzn2eOGDSKGrKsiIKPqWfk2VYmb7Jyb5VqtEzEs6DGVOPbwZY-ss_Jsjlv1M3J_rTMiU7JUrE-CGucb73T3WotW6LvuUmAyh73Eg&cry=1&dbm_d=AKAmf-Bxc0lNvxYoowEjVDJPsqyYeAazI7jbQ-s16s3ZMDmv97aJGamI5Md8CoOWyuhfBxNnQIaC4Ru1W9U1vHJyLfUuCMhBH2H-EtKuZl2_HHVlc1aSyT5tCdz_1JSceYP1yq3T1zy5zXFM7Ru9Go86BmO1HgQcPhQLIpRCM5SUH_es9bhd6iDwG-2s-AUde-J7PqhNHao3S-JBITyWGUeDCO_fnf9kmnhdXAPYpgtcL4KDRNFeqVPOfjIfa7n8kupUpgPa8tFfatODntkMKg_Nw0s6Tw_CLx3BjNFH9uoDnRwQ7Bi5-E3HGNdw-x22qUdh4aAMa9zlXKpb9mM-tp3XC14GsaQBuO7aCjKcltp6fmxq1Q0PYj_LaxX0hUe1c5bcd76c-BvAjeVlC0SwFcepZ1LmNA6eabGCq3y6fYlyKEz8L_GKjCHvlssVeRoIb5gaT24aKvFRNHWSqrJDG8VBo7_Q9qnvoCybO5XYi4MiwVScpFJT9lDsK1VnCQUqVz0e9WqeX0nvwtsX56T7gl5kNjLaxugCYUArL-WH9HC2biykEpC3EU3lJfqzhIcp_i53KGgOJK0Utjp7Zc4440thYvpamGMfr2IIPhw2M1e7CZ6mSPpUPqwUPKZMMEXAGWXErHaAQChSkiEKDLTtub6ZDsch2Gj2Nbi56bJpSJ_ZqhEdgudwkLFgJ2q3rGElORNhzvtBTob2mbMP8Ajv5q_sAsj7_3a-c6px7wDJGrhJ2pD7I49eL_ZNcZEdWE50zuWESU9LfbFnCiKV67uTdHU7rYjq8rqiD68ho438yg4_ppSbAT5EADWR8pyfeLLR1R2aXEfMDUbnB2CcOr3_DjW2zyglzD2GHQ71baaGt9G4WB2600hTJqfhxzLb2k39d52h_zRCrkvMe83bEFbml6YCp3ZiMqaKJvzszA5_E2U7Rmm2y1Qf06kR0DuZWSa8QYmDGUuD9PH3rHFKFzYAHaxMrMK7yB7rSn5HKJnhXcIY682I754QZ5UHY2YeIwpIRQDDpwWrq1OTmm_V7Ts4R9V_zN3i-jaVgFB9KIC-3x8uiLrIoy0-w69UhoccNlX4_CbHfktEKZPTJhr7ZICdy77rNAwsTPvAAA0cjVN6yl02zGyR4BxzMv4rIx9fxZlhSnb81-K7LlF3TSDCcpG8ilyqBP-MEbg-OaBwuA2MeAb4ZPkIK9CIykwFYqQcSpM-41Qwe6MspH6iYHjFKYVZg1DIy5fba_v4yXRT1UzcCOTTj2OePjQCF9tWlEoF_1zz7mf5XGd880HOnFagUmBUHpvPMQBi5JVlUXcYgRl3259p-AU8S2AalPHVuiBKrlxctYZ9D6yxPgXJCJR6KPb6ldlMxW1KuP1q6K1Oe0_8HjDPClsnCZT02qZR0MyOMs4QoxgoVg0KnUKpVIX0qooRsIFMjyMgrXJNenygo0kIucbeD7PouacWGzf6sV8A7_qnbQz5Zshjc6HsSCT5DCGzmOLjsOyuL2sqfFq7g5Kv7ULb7YHKWvq8YKcfQVGPRSLYCNOHJT4ZPKyWu5ocRYHHItulIffvTlR7803eOKMeSBv3UIgGYFRfIjFNAdXm-bDO4oy2tAITlltQJ02MoiSIP7wrPhn9_VEuMYyO0XcRbcV5s3wwQkTqMoVgs4ZNU4U90vhqmfHmZr31BE6nfetwOhG2rXhfK3JVShLeAvD4uCHg5RL-YmKygeKE-kefz4616CCFYOLV2xgak__nHRLEHfLAKaXBGdyG4sYfNnovL1q-VRx2ne--PgiJI9TAvFSocL2DDqUOzZ1zZZ6r_yffdjCfhA65p524z-1_e9p_EtBrpge-xNeJ8VKZm3Xym0-20sgFKpHolG9Z60tXFSCZpqjD3s6kp0_L9YT0BHzA-x_liYIN7rDWSgxU22tv0ZGxzqCcIuP3NeP-rEQDj2w3uDbKXwvPBDKfkohF5eoIPpNzRxojtozeTJJSdeWhZg96t88E6JK6OJa4CmkVB1Nct6IRMZKkZYemYGzz0lejrtULwBGaOHqBKwdSFrHlw2UUF-AToN_SDk7m606Af9EuVxFsBxdIVkFkGZEfBUz3Ei5byim5TzjHhYnio4jI-q1robdUlAgoOY73d4RkZWWHTFtK1OH2zaQuLj9XcqGqNu0xwUyYbRRYeSFetzyY3Zai5XFSDwDPLgpm4-Im7sTRucP92O_1QgK4hMpHabl_b2aBP_VNNoAy3dwNrF2m4_lXqQ41hddoW-1RZBUNVtGNKSz38Uhq43z8JWsvVrie_oPpjMVWjJVHhbG1OxNCpDWsk518kBCCtkjhLkLHWtm50-mJoOYquVYySSmy_4YUhwpeZf0UDFvUcSzxfj9o25lsp2uu1j1i947BYxIFXeyTqiP_KC1ooQVbyllHPM8ouTui26VtGViQmDlIFDFv8QHK94N-e_vtnQMZFquYsB5qWqUiVzo8qoSLS4DYS9zZLuCDG5dCEMObq3J7IYfKpYVCBXxV0pkx7G4PZz9rDT3Xc0JL_uOZNOFiGU-tVcUSkVy56n4wYU2uWGVDySXxUaseIO-hoJTLCBjuUHKZQ2Av521XzSNtQDLNrOXsa9vc6q6PGzYrpUM6kC8lllKPSzLU06QAXNRP1gndMmoufFfyOGAxUbcv-bjttlWq2vzmbmOaonJQCEUjwpI_9qAT4we2YgSHPGqkaoFambMYKT0wHeri3R4PvlTB1O-M0rxwdRH3usZN78ZrCd9BC3oQE5DsN8h0HBj7IdCfyipqW5F6sKAjzBo6gA862XWXUborGVv6mnyx6N7LOHE3dCdyUAklltHu_V5hbR6HhQW0OsJSqaJR24WGUN_P16ytcyqV3F3WpLG6DgNz5g0SBlQ8pITAnCTiywUHLq2atj4xvT0gTs-_-IQHlFAf6V2-0AzyKZkZH83Ty4usDi42QwatTnVTjocf681NTwa-TQfewzqV7Byxi7XMa005oayM4GIOBnfCI-si3tKh5fXeSZrm8casnno-0-CNtcMJXjJ-kM-en3qvXJAog_mF04pS-ITwvR7wMVmTwkY5wy3UjyBzeVdED1vBvsYIlMDTSl3iGYO9RB6hKnmRlTHTqoaQUO_-rlBiToLy323hn1-axd0nEm6FbNSbrx2shWhekulTCyYDxJ2vQiVDnXcOMzEO4IsimTx-LlVFTPlmwbSg3E0LjXKpUcMYa2IdESg0-KeG5JTHOGqLmVWp5UMT-YSwy_JdXQiJ9NM4lhevHisTGmpmpvjM5_lDcmDAAt1Pg35syfEF16KSOuFLKaZsyDSH3XOyHtBTJdLCuhlIJ3IxOFqFM_Byv90_zjdGqYnZKRlw0fQVdyWl8ajXCBftSq-8yL0J_4LWmSIiCucthXDmxsD90AqTxNbp7kYe7_yhjb4yB-1PVnP-dQBtKm99uQ&pr=8%3A3588DF8A77EBCF31&cid=CAQSGwBygQiD-9uyUOwZOGydCqk4U13vo7p1rx0R7RgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&ds=l&xdt=0&iif=1&cor=6695420069891327000&adk=3559019155&idt=180&cac=0&dtd=38

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b61ec332e4250392d4b522543341d794457b17a5d8fe6a8b6ef40d5649b222a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35922
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2CF7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

140ms
139ms

Image
text/html

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 26 May 2023 22:50:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B07B 0
0 172ms
171ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230523&jk=2745031574711910&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DB8 37 KB
14 KB 138ms
138ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 16:34:33 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame D633 31 KB
10 KB 128ms
128ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:25:46 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 11 Apr 2023 09:02:41 GMT
server: nginx/1.12.1 (Ubuntu)
age: 23112
etag: W/"64352231-7a34"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9891
expires: Sat, 27 May 2023 16:25:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6DB8 0
10 B 129ms
129ms Image
text/plain 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hKOHfQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0819 106 KB
37 KB 1436ms
133ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 May 2023 10:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame 0819 11 KB
4 KB 138ms
138ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbHgJdZ-z-wZsQFQhc6Ciw6hEdzuc9gqCZ-O2KlhiTsoVZytf4kuQZg2z-gR0Z-xDxXerpBSufIidHzn2eOGDSKGrKsiIKPqWfk2VYmb7Jyb5VqtEzEs6DGVOPbwZY-ss_Jsjlv1M3J_rTMiU7JUrE-CGucb73T3WotW6LvuUmAyh73Eg&cry=1&dbm_d=AKAmf-Bxc0lNvxYoowEjVDJPsqyYeAazI7jbQ-s16s3ZMDmv97aJGamI5Md8CoOWyuhfBxNnQIaC4Ru1W9U1vHJyLfUuCMhBH2H-EtKuZl2_HHVlc1aSyT5tCdz_1JSceYP1yq3T1zy5zXFM7Ru9Go86BmO1HgQcPhQLIpRCM5SUH_es9bhd6iDwG-2s-AUde-J7PqhNHao3S-JBITyWGUeDCO_fnf9kmnhdXAPYpgtcL4KDRNFeqVPOfjIfa7n8kupUpgPa8tFfatODntkMKg_Nw0s6Tw_CLx3BjNFH9uoDnRwQ7Bi5-E3HGNdw-x22qUdh4aAMa9zlXKpb9mM-tp3XC14GsaQBuO7aCjKcltp6fmxq1Q0PYj_LaxX0hUe1c5bcd76c-BvAjeVlC0SwFcepZ1LmNA6eabGCq3y6fYlyKEz8L_GKjCHvlssVeRoIb5gaT24aKvFRNHWSqrJDG8VBo7_Q9qnvoCybO5XYi4MiwVScpFJT9lDsK1VnCQUqVz0e9WqeX0nvwtsX56T7gl5kNjLaxugCYUArL-WH9HC2biykEpC3EU3lJfqzhIcp_i53KGgOJK0Utjp7Zc4440thYvpamGMfr2IIPhw2M1e7CZ6mSPpUPqwUPKZMMEXAGWXErHaAQChSkiEKDLTtub6ZDsch2Gj2Nbi56bJpSJ_ZqhEdgudwkLFgJ2q3rGElORNhzvtBTob2mbMP8Ajv5q_sAsj7_3a-c6px7wDJGrhJ2pD7I49eL_ZNcZEdWE50zuWESU9LfbFnCiKV67uTdHU7rYjq8rqiD68ho438yg4_ppSbAT5EADWR8pyfeLLR1R2aXEfMDUbnB2CcOr3_DjW2zyglzD2GHQ71baaGt9G4WB2600hTJqfhxzLb2k39d52h_zRCrkvMe83bEFbml6YCp3ZiMqaKJvzszA5_E2U7Rmm2y1Qf06kR0DuZWSa8QYmDGUuD9PH3rHFKFzYAHaxMrMK7yB7rSn5HKJnhXcIY682I754QZ5UHY2YeIwpIRQDDpwWrq1OTmm_V7Ts4R9V_zN3i-jaVgFB9KIC-3x8uiLrIoy0-w69UhoccNlX4_CbHfktEKZPTJhr7ZICdy77rNAwsTPvAAA0cjVN6yl02zGyR4BxzMv4rIx9fxZlhSnb81-K7LlF3TSDCcpG8ilyqBP-MEbg-OaBwuA2MeAb4ZPkIK9CIykwFYqQcSpM-41Qwe6MspH6iYHjFKYVZg1DIy5fba_v4yXRT1UzcCOTTj2OePjQCF9tWlEoF_1zz7mf5XGd880HOnFagUmBUHpvPMQBi5JVlUXcYgRl3259p-AU8S2AalPHVuiBKrlxctYZ9D6yxPgXJCJR6KPb6ldlMxW1KuP1q6K1Oe0_8HjDPClsnCZT02qZR0MyOMs4QoxgoVg0KnUKpVIX0qooRsIFMjyMgrXJNenygo0kIucbeD7PouacWGzf6sV8A7_qnbQz5Zshjc6HsSCT5DCGzmOLjsOyuL2sqfFq7g5Kv7ULb7YHKWvq8YKcfQVGPRSLYCNOHJT4ZPKyWu5ocRYHHItulIffvTlR7803eOKMeSBv3UIgGYFRfIjFNAdXm-bDO4oy2tAITlltQJ02MoiSIP7wrPhn9_VEuMYyO0XcRbcV5s3wwQkTqMoVgs4ZNU4U90vhqmfHmZr31BE6nfetwOhG2rXhfK3JVShLeAvD4uCHg5RL-YmKygeKE-kefz4616CCFYOLV2xgak__nHRLEHfLAKaXBGdyG4sYfNnovL1q-VRx2ne--PgiJI9TAvFSocL2DDqUOzZ1zZZ6r_yffdjCfhA65p524z-1_e9p_EtBrpge-xNeJ8VKZm3Xym0-20sgFKpHolG9Z60tXFSCZpqjD3s6kp0_L9YT0BHzA-x_liYIN7rDWSgxU22tv0ZGxzqCcIuP3NeP-rEQDj2w3uDbKXwvPBDKfkohF5eoIPpNzRxojtozeTJJSdeWhZg96t88E6JK6OJa4CmkVB1Nct6IRMZKkZYemYGzz0lejrtULwBGaOHqBKwdSFrHlw2UUF-AToN_SDk7m606Af9EuVxFsBxdIVkFkGZEfBUz3Ei5byim5TzjHhYnio4jI-q1robdUlAgoOY73d4RkZWWHTFtK1OH2zaQuLj9XcqGqNu0xwUyYbRRYeSFetzyY3Zai5XFSDwDPLgpm4-Im7sTRucP92O_1QgK4hMpHabl_b2aBP_VNNoAy3dwNrF2m4_lXqQ41hddoW-1RZBUNVtGNKSz38Uhq43z8JWsvVrie_oPpjMVWjJVHhbG1OxNCpDWsk518kBCCtkjhLkLHWtm50-mJoOYquVYySSmy_4YUhwpeZf0UDFvUcSzxfj9o25lsp2uu1j1i947BYxIFXeyTqiP_KC1ooQVbyllHPM8ouTui26VtGViQmDlIFDFv8QHK94N-e_vtnQMZFquYsB5qWqUiVzo8qoSLS4DYS9zZLuCDG5dCEMObq3J7IYfKpYVCBXxV0pkx7G4PZz9rDT3Xc0JL_uOZNOFiGU-tVcUSkVy56n4wYU2uWGVDySXxUaseIO-hoJTLCBjuUHKZQ2Av521XzSNtQDLNrOXsa9vc6q6PGzYrpUM6kC8lllKPSzLU06QAXNRP1gndMmoufFfyOGAxUbcv-bjttlWq2vzmbmOaonJQCEUjwpI_9qAT4we2YgSHPGqkaoFambMYKT0wHeri3R4PvlTB1O-M0rxwdRH3usZN78ZrCd9BC3oQE5DsN8h0HBj7IdCfyipqW5F6sKAjzBo6gA862XWXUborGVv6mnyx6N7LOHE3dCdyUAklltHu_V5hbR6HhQW0OsJSqaJR24WGUN_P16ytcyqV3F3WpLG6DgNz5g0SBlQ8pITAnCTiywUHLq2atj4xvT0gTs-_-IQHlFAf6V2-0AzyKZkZH83Ty4usDi42QwatTnVTjocf681NTwa-TQfewzqV7Byxi7XMa005oayM4GIOBnfCI-si3tKh5fXeSZrm8casnno-0-CNtcMJXjJ-kM-en3qvXJAog_mF04pS-ITwvR7wMVmTwkY5wy3UjyBzeVdED1vBvsYIlMDTSl3iGYO9RB6hKnmRlTHTqoaQUO_-rlBiToLy323hn1-axd0nEm6FbNSbrx2shWhekulTCyYDxJ2vQiVDnXcOMzEO4IsimTx-LlVFTPlmwbSg3E0LjXKpUcMYa2IdESg0-KeG5JTHOGqLmVWp5UMT-YSwy_JdXQiJ9NM4lhevHisTGmpmpvjM5_lDcmDAAt1Pg35syfEF16KSOuFLKaZsyDSH3XOyHtBTJdLCuhlIJ3IxOFqFM_Byv90_zjdGqYnZKRlw0fQVdyWl8ajXCBftSq-8yL0J_4LWmSIiCucthXDmxsD90AqTxNbp7kYe7_yhjb4yB-1PVnP-dQBtKm99uQ&pr=8%3A3588DF8A77EBCF31&cid=CAQSGwBygQiD-9uyUOwZOGydCqk4U13vo7p1rx0R7RgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&ds=l&xdt=0&iif=1&cor=6695420069891327000&adk=3559019155&idt=180&cac=0&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:18:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 0819 29 KB
11 KB 140ms
139ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 16:58:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB3A 0
0 176ms
175ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230523&jk=3902658446120490&bg=!OzilOGzNAAZu7ficTu07ADkAdvg8WhbRzDkdhvkVYJZuN46-G7BbzFHgRCzRAxoLm-JaoLpwdzYPMKvk_GDBSwXxKFwZlmQdbIECAAAAq1IAAAAGaAEHCgCQLD2rLNIeR4feQ3fBlsG-aZvkk7fYiNB1j5dJDRArrAej-nbHYQOu_aHFkw-bzVBXQk7f1LJIdmJT2ZpwKNP5yUciPghweNpdwpboa7OSXabf-Pl2VYtrB-JKDGBtI9pcjx-ld0y72JZwT2Q_dNmQ_tBRFKxZvudYj1DCJuLmC4l8bVJg8Lxav1MDDcculibUmQK5lV9lhdyqmYv4duXRy8UAr9aXW3YD4cDkmt_H4X7bfDeCYTCiMNwKYYmPGb_pvwSSKoSfhw_eZ2EPywhZZ29zwacL3jKXknwcs5uZX-Ydtd1AGWn-9dxhmF_OHfaTIMHQCUoC7HTUY9SXQ_GHw95wpQ4pVLBwjdV9mf8jsvn4h0db08Dc8Bi9Cn7KegsyRs_5y3USXtAy-vKe8-3Ml4QcS9oU3QPLJ4dvcm3gHFk_6fBRM481Xb5LBnw2tPQKA3zI-GshymeVUU03_1RqBaCc5aW_NbRGdBDnNCW3AWNhNk69dtfGC-_02okcar69JiaCwJgtEArkUWkouX8nK947d_Ep6oSnWPxFQ_xlohfB6olLIoFEEsPZ3qiPyFfqvgsdOD1UNImFZWkV7gFGew1cRW8mOATGP9__Q31kEZRCMtGcYB_NQtWSKBrhtq-bQY2StN1p2Taog23JRl82S3dG3_O_Jjxt4Yo1pBwq8JZQ_zY3_xx_qAgNc5tAvhPCVF52YJlMcRGPPeyZkyLTmY7PX42_7QhGLtlKMv98nnTQgt5iEiAZfmB1FjLPuceaYKVmCTBsQAHndC_AhdBGTUtiQ5ffIIjyua1xeVIWRFbxIFfeRiYGmmUrbSLyQAZEAfUnVzTQ-pldtTwMR0TwpiN-cidekZ5AIuNzwO6s23E-AuoteeP9RjCyB3DsdHHuJj68bIOriWjpdJLo6DfQESCctsUQlQ41t626fQLsOQLPGht-4_axEcnqPgl4r3WwNjoOF6Hm7nCGVMiVpsIGTN9HonrHgAzqxi7ZJOAilh27KWPi6SDnccKXWXAzTZ_bDFnDqoph3r6feSGsBwNOlAVMAhMksHsTtwoIKYtS3Rl9yTPC3XZQLJ7ROApd8C8ezYITRaKh9VKJH5wcZ6c3G6EQa0g4V_EU1if8YA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame D633 80 KB
30 KB 477ms
133ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DVHD5MCPAWY0KX7X
age: 123
x-amz-server-side-encryption: AES256
x-amz-id-2: /daq52nbW+6QwjnSl+rAUuUgtvIUUN0rhwYwYb1Pou1HXTacPSb7diPA5na601GhCL7K1OkQ+MY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0819 41 KB
15 KB 130ms
130ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 May 2023 19:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 May 2024 19:05:15 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame ABA3 281 B
554 B 133ms
133ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 May 2023 22:50:59 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0819 0
0 172ms
171ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgfvuoTmwKAdd7XDexcvfCisUtaqjeEZpLC-a0vrAbiYqY7F08i9eUFXxTXa4YJBkPNYZ-d_k4RswxKgGDE8bxr22UXq2PWmeFAHPS1u4Fs0Zt-s1aAhppi-MBPOsVKv_qG9lsfNNp-JpVvkkgNWPt_2ah0zvRwNp2HxESi6MlltDb4JmmyFfl52_Zm4NrffPgTVpQ5zUTlr-SD2Z3EG61QparOUqWUi9C9YaNc2HVHFusUj0606pLxI_YbGVc3TfsQqezFGga872Rm1-q5v-lfossUpwQ9GnNh9nG5HVQQ70uu2B4-XvDsroAmiM&sai=AMfl-YSNrQSnsplT08JIc6WnJ7jWb6MJWiyzLLz-Pt22vVVr2Pcid7nQEQBGqIy84xwBH5XrKRFF5dqzxhyPtsVfBjVa6A4MqfSLAVQIzoPBqiyf117NL5kshlh3-X77MA&sig=Cg0ArKJSzHdIIGyVzSvDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:50:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 May 2023 22:50:59 GMT

GET
DATA 200
OK truncated
/ Frame 0819 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8886f77d2c37295db646a7dbd845dbd972396d30b197af37b4ed90f6895624bc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ABA3 34 KB
10 KB 145ms
145ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e9a83c407934c3ccb3f2c664afaa35b5f7e86788415e58c8ec300d5d6f49c51b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:50:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2023 14:04:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54776
Connection: keep-alive
Content-Length: 10085
Expires: Sat, 27 May 2023 14:03:55 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F771 22 KB
8 KB 130ms
130ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 226336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:58:43 GMT
expires: Thu, 23 May 2024 07:58:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame F771 37 KB
14 KB 138ms
138ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 May 2023 18:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 18:22:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9CBF 0
0 176ms
175ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230523&jk=2745031574711910&bg=!0tGl0YXNAAZu7ficTu07ADkAdvg8Ws113twHdX9DHupK_azKT5bQve5gDYoixwaMmEWK3G1D0l1618e5X46qU8GttB7E9ckICTkCAAAAY1IAAAADaAEHmQK4TjGPltaZ4p7tisjlSy3SYIf7gGPbqx1vJcNjh0KpLy6F3sMDFD0zRGnH3WdCZ1zrFQWw3tOZp7fZ78IdlPod51S0MXN1HbYzYr0wAJr6sqzRwk7GEmDNOqC8f3AP4vIO-4Ai_auAdL2_yF5eL_WhwBNnen9UA9e9-HoZmDlROs4-CWbpdvy1JL5PStD0G5j6hyrO1LB8fH_LUeinuHEyehTOCEn3QPglghFwcy5OMaM4SX9326GTHb8hb57rWvpCvBSXKWxkTOrL7Bt1dgd0cQRRPBCFzXqlLp8CUkXd6jmnDZywruhWZ1AqeEuIRpoqIt6ynUZq1asEN3rzalAfsM3LbxuyukbhB5U2ez-6uin_-eNn8lLCuUg6_MZKUa0rC4jjPhf6ZYcvj6FQINdkt3jCHtUZZ5ZJRni33tOdNAbWesyoQ_6C_TwVVAeK8IhuSBPnk6jKWhheQuafwMcQHG_RGewUymkEeVhHN5VUfb3iS7lQ2_aQg9YzugS8qpOHjvEOYY1LAIjF3Yn4hOSpzbcjGuKhxoXqYF4nkFYpHhA9G9W34n8Jw2Yw045YDYF2yJ8jVxmK6qsnAe-5K6S1I4hvw6el_XLUkujvaNWDAtct-C9yK-sQbzy6mVgYhAEb0Bp_4ZDfim2mhL_gET3wYZEaDGNE7M8TOoeEATLS7F53Vo-r7eoulIiXK5tPcsmh0lWKrnG5a0VNFNSPEPBoaH7yYoxUe_rUrno9rIdLa6Y_Db7tT_1652Pmnti5yVBjZ-XDQuFCL6smE9IbLO-jjG7XaRSxmoIblz43QRiBor-BupdGNeIdj4B2y475hQ-KsJqo4MPd4U-NijkUpRMY7Yx13RwTLMxcixaOeV2L3mDo91CTDwxyXpmVF1-dGa0HLQzsvpYV0_2W_EKjQ2NRr2-7lgd7TP7F
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame D633 4 KB
3 KB 775ms
201ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

dca51f389fa0c7dfbe1dbd465236e1fbeba0f01b909293baf3476ce66817a22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 26 May 2023 22:51:00 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 39
x-xss-protection: 1; mode=block
x-request-id: 2ee63f13-aaad-4df2-a96a-569613a12060

GET
H2 200 b
geo.yahoo.com/ Frame D633 43 B
830 B 1595ms
156ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F771 0
20 B 175ms
175ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO4rK0jdxZMrtK7ShrATyxZjgAgAAAAA4AeAEAg&bg=!KCulK3_NAAZ8_aWmXP07ADkAdvg8Wrrkth5MCkJkmkxLKL01UN_tdZdBHaFpq4f48NvBN4bK2MhbLJVvJtIxN9lX8tzRanbsTxcCAAAAalIAAAACaAEHCgDZbIIW5oxL6_79YWaliNH1odETw9kdJ-3udmSQYKSOrcIxqJSr96Ir9cb3qrpJA5hMSx3zI-ZymY8zbH9PNxx9m-fFEjViEzDOkm0sTz0z4ozyCuDAfzcjUvdKSgE-af69P0pgJJvFKaRX-0N3rqnzVlQC6YJawSWPJicLKBDD5GvjM91A19187bTEKP442E4o7z5qGjraVv2pUF6YAzWtgjGwYFKrnvO9jei27j0FOY8c06j6RS35tjYhWGwYfokvUbsWNQxxHOh03yOFV-yfQpiDf0lOYFirx5kCsIt_obtdaCD8fTDTsrJv2i6h9f-F5pEwPB8sVo2zBmG3kdYPzEavjNfouKN-TmVpl68P-jMpRu0UWPuu6jy_CHO8s3fIuGxUb6Bfx7TP3IcAoJtlCcWV4Q7Dvfg9vwocGOrOAwcpETvK_eNR4d9Mec3CO_BxthpozdLUvVXzG-A422BaQjZ2cKsRta9XK0icgoDR9k0r-KFvxpSQBsH4G30zDEpPT0jBH31lXALkjQ-FKpq-uSnwGC7_-fQIPHF-Iy2P90kLyz1X-UscFP1ytGXWWh4YPsHIjaZba4Qp8bybEensyJL1KfsYj9noEkNKL2QOc_t87QcKLvTvN6kpr8f6CrafG6B1fQUkf2ETTI_ZXX6Ypm5DhVG6Gi-evZSxb5PPbW9voWMZb7COEvh02vWoFWgOOj82xBQtK75KsXLtO_mgvnG6O9OvLNbzLJgCYMHFj2pYuA30hbs_31KLIeuvK288_LU7QbRrqDKcxe2lL4-Zrr1StQFLYeKlFxiPhGEZoAt_Ov_OSOHT3nM_hKNS09_rXgqx-zqBz1eCNHcrzWDWCAaHmTetwzn_kpl-g4Pfa4OvQag2nhR6rCGZgEozZ8ovunqmXr3X2Z4EWwA9LrcCyS-X7ou4XVL7e4c7hJzGkVWEYx5STuGs296sAakU2pX8J-x0sU0Juf8C3qNGoM7rL1fzA7I5XF5yakG9ImCs9Cebp9aE5jbXQ_utfpjMw5o5PUvm6tSqk9xn7tIRrkL4iPeEvY9P8aSQFgUadurEdAHY5mw0-ivjY7oVxByYdSBEjZJBf8U7E9_PxMHm5wpAEjr5LuA3gQapxIFcA6ncMdzklQlJK3QjCgcpgpTQCsLMJuDBGdxwUDRoXr7jQcWk9aU8KkKYzf6dIW3M5s1WxcLEHoxMTOAk428-Fx8

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2CF7 42 B
64 B 182ms
181ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvE00Xx1qP6X2mvSm9qs0-E4uZVULrNpd9M8Bm-3apm6-xg52fzIP79V0ah0oyTXOMqls566ldqQl8Q7jd2WCb15bFDU6v57R-sG5dDafosEZr6haEL1QvMqOzwgIecn9qhfoVdcmxYfdDUEpVfHZSONTM8V-Ip&sai=AMfl-YQ3m0ys3Fd6bwaOfVOe2hB2xhTdnJoqePLfdgE_PWiC8pJ79hnjX3vl9Ge1awzcVlTwL5GdOch4XLn3s8K25LFYebZkQsM8x0X1YZmOeiKNmCs2pgbj1vyAuZE&sig=Cg0ArKJSzK46e8W1Ted7EAE&cid=CAQSOwBygQiDmEPYmoD7k0_adenBv8eg3oS729aU2ZgBwLUA8V0xwFI2EpVtGHP8zOFVHKKYUOe8_4I1xOpgGAE&id=ampim&o=236,60&d=728,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=357&tls=1357&g=100&h=100&tt=1357&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:50:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 489ms
210ms XHR
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 22:51:00 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2CF7 21 KB
21 KB 654ms
132ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bg3.co
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:19:28 GMT
x-content-type-options: nosniff
age: 271892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 19:19:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0819 42 B
64 B 167ms
166ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutlbH8fGb_Mi1YFT2N4hfQO4WawZw4pSkG9oluqCSGsm-sOv9CMqymEgCo0cJ0I_zKoQs3nwTgT4loZfnnc_OB91TtHa-h7o5lY5ylQ6TeUUJVomni&sig=Cg0ArKJSzNweNKVElxMLEAE&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230524&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685141458377&rpt=877&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642 Show response
s.yimg.com/ys/ Frame D633 2 KB
1 KB 1220ms
1220ms Script
text/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ys/SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642?cb=ygscb

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 May 2023 22:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: TES7QHYM20ACZ1Z0
age: 2160287
x-amz-server-side-encryption: AES256
content-length: 822
x-amz-id-2: 5iJK90YD41vYTU0be1XacI1U7KLF2fVh3bZwos9KcwjYYJQl9ytzgcBKzUTKpiH/7kJJ4wGbY7c=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Mar 2023 04:05:54 GMT
server: ATS
etag: "fa2aa91ba592d1ae8a4853ad8af8677c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, stale-while-revalidate=30, max-age=2592000
accept-ranges: bytes

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 1444ms
144ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 26 May 2023 22:51:01 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 220693
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 145ms
138ms XHR
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 227194
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
686 B 174ms
174ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 735ddb70987a43ea94e0fa0f92749368834392f36151cd0815f55d47bfa937ab

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 May 2023 22:51:00 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sun, 25 Jun 2023 22:51:00 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame B4F7 9 KB
4 KB 676ms
141ms Document
text/html 13.32.99.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-85.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 81111
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Fri, 26 May 2023 04:07:32 GMT
etag: W/"fd0102e5847015626666169917857ba8"
last-modified: Wed, 12 Apr 2023 16:16:50 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-id: -CbORKzzbYQUdcQ2CWoZuJ6NOYtlO12EcHeH64C48lTSKuWaL-LhGA==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5: 9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256: 8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1B37 3 KB
2 KB 403ms
135ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 909
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7cd99492d88c1bcf-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 22:51:00 GMT
expires: Sat, 27 May 2023 02:51:00 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame E524 666 B
438 B 137ms
137ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 33ce6c945da285e330e45d989fa6e2fed27037f0a15981b99ada58bf9a6d096e

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 419
content-type: text/html
date: Fri, 26 May 2023 22:51:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A37A 4 KB
2 KB 137ms
136ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1685141455070

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

7f492d8c10e92f5f50f8bba82a5c203cc46c710510efe1f0e329ca0fdf2edb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1374
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 946F 281 B
554 B 132ms
132ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 May 2023 22:51:00 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame 86E7 0
0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 95C3 1 KB
2 KB 153ms
151ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 86178b6d2b740706fab7e76ec65578d165596d59f68f10ed8b24d080a31476bb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1114
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 22:51:00 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fMsZwzKyXur5&ev=1&pid=560288&gdpr_consent=&gdpr=0

43 B
376 B

143ms
143ms

Image
image/gif

185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fMsZwzKyXur5&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: ka-GE
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=fMsZwzKyXur5&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-m6fd8
expires: -1

GET smartadserver
sync.1rx.io/usersync2/ 0
0

GET
H2 204 v1
match.sharethrough.com/universal/ 0
360 B 1451ms
132ms Image
text/plain 3.124.225.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.225.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-225-209.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:02 GMT

GET
H2 400 711890.gif
id.rlcdn.com/ 0
0 1259ms
143ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

204

v1
match.sharethrough.com/sync/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=728058323622558445&gdpr=0&gdpr_consent=

0
353 B

1308ms
135ms

Image
text/plain

3.124.225.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=728058323622558445&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html
Protocol: H2
Server: 3.124.225.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-225-209.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:02 GMT

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=728058323622558445&gdpr=0&gdpr_consent=
pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 789ms
782ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1685141460671&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1521&pt=844945065&tz=0&viewable=true&ddast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: cf02816c53a21a989e4927daf0a68dbfe6a5a5dfb62313cf499cd6aee093cdfe

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
content-encoding: gzip
server: nginx
machineid: 1466
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E524
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2ab36471-37d3-4f00-99c8-ae8998130313

43 B
106 B

143ms
142ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2ab36471-37d3-4f00-99c8-ae8998130313
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 26 May 2023 22:51:00 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x25 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2ab36471-37d3-4f00-99c8-ae8998130313
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 26 May 2023 22:50:59 GMT

GET
H2 200 p-25CIknq_eSg16.gif
cms.quantserve.com/pixel/ Frame E524 35 B
372 B 133ms
132ms Image
image/gif 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E524
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7683554565452013913

43 B
106 B

143ms
141ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7683554565452013913
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7683554565452013913
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E524
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=d0a9f05a-ebf9-7f99-c657-aeb45b326c4d&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&ttd_puid=d0a9f05a-ebf9-7f99-c657-aeb45b326c4d&gdpr=0&gdpr_consent=

43 B
249 B

141ms
140ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&ttd_puid=d0a9f05a-ebf9-7f99-c657-aeb45b326c4d&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&ttd_puid=d0a9f05a-ebf9-7f99-c657-aeb45b326c4d&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame E524 170 B
188 B 139ms
138ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmNjNjIzOTAtMjI4ZS0yMTNkLWQzYjctZjQwZDkxZDBhMjJk

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E524
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJA53ZeOU07CJdOfPPmqv_o&google_cver=1

43 B
106 B

149ms
147ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJA53ZeOU07CJdOfPPmqv_o&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJA53ZeOU07CJdOfPPmqv_o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 946F 34 KB
10 KB 144ms
144ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e9a83c407934c3ccb3f2c664afaa35b5f7e86788415e58c8ec300d5d6f49c51b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 May 2023 22:51:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2023 14:04:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54775
Connection: keep-alive
Content-Length: 10085
Expires: Sat, 27 May 2023 14:03:55 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame A37A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=1&gdpr_consent=

0
291 B

136ms
135ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Fri, 26 May 2023 22:51:00 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 26 May 2023 22:50:59 GMT

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A37A 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame A37A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4527130612681197971

0
291 B

136ms
134ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4527130612681197971

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Fri, 26 May 2023 22:51:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.153; 91.239.206.153; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2f5ab6b5-93ca-44fa-9cd8-3ef89bc72356
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4527130612681197971
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame A37A 42 B
690 B 133ms
131ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=l_2KNFLw5icPZNhzDzE8gQP5cEyUu8ssiHXkGFd5jIg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A37A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiFpCF2Nuf44hrW1Tqo2YzK91KRzr4AxhkQ

170 B
188 B

142ms
141ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiFpCF2Nuf44hrW1Tqo2YzK91KRzr4AxhkQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiFpCF2Nuf44hrW1Tqo2YzK91KRzr4AxhkQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ Frame A37A 0
44 B 153ms
143ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:00 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame A37A 0
0 1120ms
142ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A37A
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=2MhIf6ZHKaHaFgoxKn93-ih0RuQbla5pKJIp07MLr9s

43 B
479 B

325ms
231ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=2MhIf6ZHKaHaFgoxKn93-ih0RuQbla5pKJIp07MLr9s

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:51:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QZD582BTEMRHV22E0GJN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=2MhIf6ZHKaHaFgoxKn93-ih0RuQbla5pKJIp07MLr9s
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame A37A 0
42 B 555ms
232ms Image
text/plain 198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:00 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame A37A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEHcj3YZQLh9HTaHJQ70HBZ0&google_cver=1

0
291 B

138ms
138ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEHcj3YZQLh9HTaHJQ70HBZ0&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEHcj3YZQLh9HTaHJQ70HBZ0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame A37A 0
38 B 137ms
134ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame A37A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=

0
291 B

135ms
135ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H2 200 sync
x.bidswitch.net/ Frame A37A 43 B
145 B 133ms
131ms Image
image/gif 35.158.42.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1685141455070
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.42.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-42-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 pixel;r=178749927;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html;uh=e51ed67dfb8d91dc24b...
pixel.quantserve.com/ 35 B
371 B 137ms
136ms Image
image/gif 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=178749927;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1541803059-1685141458216;pbc=0305cf03-427e-406e-9c81-665c3f155fb0;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1685141460771;tzo=0;ogl=;ses=07409aad-af4b-4501-85ad-7cfdf00e2780;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 95C3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

152ms
152ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 26 May 2023 22:51:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 95C3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwNjg2OTk2NDI0MjI2Njc1NDYxMA%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

151ms
150ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 95C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOe58A2F9vvprRY8yqV_pqE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

152ms
152ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOe58A2F9vvprRY8yqV_pqE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 26 May 2023 22:51:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOe58A2F9vvprRY8yqV_pqE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95C3
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwNjg2OTk2NDI0MjI2Njc1NDYxMA%3D%3D

170 B
188 B

139ms
139ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwNjg2OTk2NDI0MjI2Njc1NDYxMA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIwNjg2OTk2NDI0MjI2Njc1NDYxMA%3D%3D
date: Fri, 26 May 2023 22:51:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 95C3
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3206869964242266754610&dbredirect=true&gdpr=0&consent=
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3206869964242266754610&dbredirect=true&gdpr=0&consent=&cookiesTest=true

0
142 B

278ms
278ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3206869964242266754610&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4EEF49314C5D4AD3A84CC23A7DF27BD3 Ref B: VIEEDGE4112 Ref C: 2023-05-26T22:51:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8oJIw0tZTBAsalmJUWA==

Redirect headers

date: Fri, 26 May 2023 22:51:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3B9CF5D3F8434F96A19B67540446E58D Ref B: VIEEDGE4112 Ref C: 2023-05-26T22:51:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /setuid?partner=tripleliftdbredirect&tlUid=3206869964242266754610&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8oJIsnGjiwboF/a9rDA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 95C3
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3206869964242266754610&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=39e3809f-b454-4ef8-81c9-e847310d3f25&ssp=triplelift&expires=30&user_group=5&bsw_param=707a5598-5816-46da-9ae1-f3aa7f052183
https://eb2.3lift.com/xuid?mid=2409&xuid=707a5598-5816-46da-9ae1-f3aa7f052183&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

154ms
154ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=707a5598-5816-46da-9ae1-f3aa7f052183&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 26 May 2023 22:51:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: //eb2.3lift.com/xuid?mid=2409&xuid=707a5598-5816-46da-9ae1-f3aa7f052183&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 26 May 2023 22:51:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 95C3 42 B
667 B 1421ms
152ms Image
image/gif 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3206869964242266754610&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
last-modified: Thu, 04 May 2023 15:33:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E3E44ABF194943DC91211B3FDDE57D1A Ref B: VIEEDGE4416 Ref C: 2023-05-26T22:51:02Z
etag: "6de038c69d7ed91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 95C3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3206869964242266754610?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-oEy3SaFE2oRx3hz5S7t3G5crYQsD3HD3mB6lvoKZiQ--~A&dongle=0883

37 B
354 B

163ms
163ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-oEy3SaFE2oRx3hz5S7t3G5crYQsD3HD3mB6lvoKZiQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 26 May 2023 22:51:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 26 May 2023 22:51:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-oEy3SaFE2oRx3hz5S7t3G5crYQsD3HD3mB6lvoKZiQ--~A&dongle=0883
content-length: 0

GET triplelift
b1sync.zemanta.com/usersync/ Frame 95C3 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 95C3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=4527130612681197971&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

154ms
153ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=4527130612681197971&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 26 May 2023 22:51:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Fri, 26 May 2023 22:51:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.153; 91.239.206.153; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f47adaac-add2-4b5f-8aed-21795eee78fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=4527130612681197971&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/ Frame 8893 6 KB
2 KB 407ms
135ms Document
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

f7823407ea256b2ce46c488a2ead5259f0def0bd1b50e1b882cf02c5329ea4ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 576839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2104
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 06:37:02 GMT
expires: Sun, 19 May 2024 06:37:02 GMT
last-modified: Fri, 10 Feb 2023 11:32:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0819 0
0 464ms
183ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvDG0r1QatZnqHAcTYQwQrIZlaUIyhqWQHmuZkxlXfsSbgdWUMF2M3mCsA2Ww3zykD82Kp5znf9Kiv67IuriCTL8ur6E82BlzeIBiJxiS1CLtCUBQf5hHlyUs1cJgLDtGxkpMwBSSeSPEKCuJRlKKhr2irWyON0uXVUTzU7hGOGQXD-oxD2-L89Xa1zpiHEHGMCbWTKAzCQsTWw1miYm8vELDG5MPIEL9OMcr-qtENuGR3p7q4bG6q0b4JIUzhe6wRkUVOU-No7KUi5q5TTGyz3qm7LqQsejFCt8_oFPMXGNIGNr2DP9wj4u1aa_23c20e2A_a2fYu7D-CLPexylT7AcDLfVs3In6XPe9eIrZIOTaWNKkQdCMGDsaZwPBA5NA53lCFqs1jeTdFAAsASwQwpKmOdlJcA_fhgNlaE41s6nHJp0RsI8izb4Ul_9ha6hmBdpIeMQA-x40ogTmoBoD1vJr1ODkf01aCkG764gw5QxWeQ9dkcDTr75HrdnOCPOzcJO5Wqhd0s4ZG9HygJfgaDNoGibrbjZTeeMVS21c5eREqS5_dL-6cqXTzE9bwRchjd28YPT_04KmzlOBe0yLsXoFbBSXB8REnwhKAS3C615NpZZbv4SeEZWqxtbl4ByJtwZZXSP5YRiYNXM8v4jnFX3uvuWa0Myyn0RrCYRi4Wp6FdoTqK6k0ovnN3JyYFA7-W-YEcABqu4dB7E9Rw0ODLSPoLofJfh2fWMHgz_vcjHYUJVHNS0Np9onFWwmx0B7y2Uu1EuV8Ixg2hf2FqCenloO34m3PZNvI0O-dsbeeyWT2EFMGktbsY_JkTsx3ASUznQKtRZ7i0xGn4bmgurFVywfQG1nwfmkEGN9o0p-iP7C5zUptP0wGnq7ckyWRORiFVIrkjrDRs7c5jYbcnTVSo6I_BGyMtrlkoRPt6mQZ3avK9MGVSIIzDJdUBBqy7LdaOOqQQx9bwK1YvT4XqNFGYjmPnviudGIqrGG9hC4CH1u0BTqdYtzgZUeQgTzi-B81DoTNrrTWq55dXxZ1jH8wgS6AZEimNTOwVrctV8l_E0wk-IRukUrcxi4FtnShRrw&sai=AMfl-YRaZDpGf5SzYfR4YuvVNUj-sbRvLXYrvov34sdWlZqEAmOa9-ctI7wuQKnAro21A6lnsRFNtw8kBtCmVf44L7rj_MIgvsCqbehT2w8bEzzShBNZwAAByIcb-R3vWTbRNPaYCh5KZRhc49d1B_uU7viuWKG7bwrbRQrgE0xbRo3TMnJ-KRY&sig=Cg0ArKJSzDdpQYkpaX1-EAE&uach_m=[UACH]&pr=8:3588DF8A77EBCF31&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1968&cbvp=1&cstd=1964&cisv=r20230523.42971&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 May 2023 22:51:01 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 26 May 2023 22:51:01 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8F02
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

259ms
131ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2dd4cc12cc1ce0bb2065aa9148373e1df3bb88a90eee6c72fc245254ee7c3911

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1703
Content-Type: text/html
Date: Fri, 26 May 2023 22:51:01 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 26 May 2023 22:51:01 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame FA14 4 KB
2 KB 723ms
160ms Document
text/html 52.213.148.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.148.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-148-186.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0af010f61458399e8d30b497a19e1c7bb7925f6b6cd409fd6161d32cca25c85a

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 26 May 2023 22:51:01 GMT
etag: W/"05ff03320a015b622f0f5733877f8ea93"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 61FC 4 KB
2 KB 137ms
137ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

cbb025a7260d09438e48fe837e9b1a79e8b5a7837cdd998b827174a0ecc8949f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1396
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame E701 1 KB
1 KB 143ms
143ms Document
text/html 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: fa517df56ece4ad391f48638f59b7007817c12b6f5cba80bf3887c00a0fca180

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-length: 1070
content-type: text/html
date: Fri, 26 May 2023 22:51:01 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 17BA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
3 KB

267ms
133ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: d660c601f061229830674cb018f54eef5a0ff9e6b962eb711345c6d00853017c

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1941
Content-Type: text/html
Date: Fri, 26 May 2023 22:51:01 GMT
Expires: 0
Keep-Alive: timeout=1, max=497
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 26 May 2023 22:51:01 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
Location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 6931 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 916F 16 KB
6 KB 1727ms
202ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=94706
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 26 May 2023 22:51:02 GMT
expires: Sun, 28 May 2023 01:09:28 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame A350 0
0

GET user-sync
sync.adkernel.com/ Frame 3B38 0
0

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0C4C 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame B4F7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=4527130612681197971

0
344 B

494ms
168ms

Image
image/avif

52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=4527130612681197971
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Fri, 26 May 2023 22:51:01 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.153; 91.239.206.153; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 05976bd1-8e0a-48ff-99ee-c0995da53729
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=4527130612681197971
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET merge
ce.lijit.com/ Frame B4F7 0
0

GET pixel
ap.lijit.com/ Frame B4F7 0
0

GET rmpssp
sync.1rx.io/usersync2/ Frame B4F7 0
0

GET cm
p.rfihub.com/ Frame B4F7 0
0

GET usa
sync.go.sonobi.com/ Frame B4F7 0
0

GET

cookie
cm.adform.net/ Frame B4F7
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F421%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Deef16dff-db78-44cc-afab-810400740fe9%26bidder%3Dappnexus%26cbx%3D...
https://prebid.a-mo.net/cchain/0/421?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=eef16dff-db78-44cc-afab-810400740fe9&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&u...
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F421%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D...
https://prebid.a-mo.net/cchain/1/421?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=eef16dff-db78-44cc-afab-810400740fe9&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&...
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F421%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Deef16dff-db78-44cc-afab-810400...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame B4F7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A

0
367 B

485ms
168ms

Image
image/avif

52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A
date: Fri, 26 May 2023 22:51:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame B4F7
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-367b9236-709b-35d1-81f8-a0aea72d596a

0
358 B

158ms
157ms

Image
image/avif

52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-367b9236-709b-35d1-81f8-a0aea72d596a
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:03 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-367b9236-709b-35d1-81f8-a0aea72d596a
pragma: no-cache
date: Fri, 26 May 2023 22:51:02 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame B4F7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A

0
367 B

486ms
169ms

Image
image/avif

52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A
date: Fri, 26 May 2023 22:51:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame B4F7 0
358 B 767ms
134ms Image
text/plain 3.124.225.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.225.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-225-209.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:02 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame B4F7
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=3281430614264990000V10

0
346 B

171ms
170ms

Image
image/avif

52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=3281430614264990000V10
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 26 May 2023 22:51:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ads.servenobid.com/sync?pid=353&uid=3281430614264990000V10
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Fri, 26 May 2023 22:51:01 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8893 236 KB
63 KB 158ms
158ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 22:51:01 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/ Frame 8893 89 KB
15 KB 138ms
138ms Script
application/x-javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

848216b6d0b0e45ebec55a3143517cd78be070aeac59b15bb794c328fe3d6250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 07:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15319
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 11:32:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 19 May 2024 07:08:10 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame E701 0
344 B 483ms
167ms Image
image/avif 52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=728058323622558445&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET bsync
visitor.omnitagjs.com/visitor/ Frame E701 0
0

GET /
csync.loopme.me/ Frame E701 0
0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame E701
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a&gdpr=0&gdpr_consent=

43 B
416 B

141ms
141ms

Image
image/gif

185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1121064
content-length: 0
expires: Fri, 26 May 2023 00:00:00 GMT

GET gjIEMT18
sync-tm.everesttech.net/upi/pid/ Frame E701 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 61FC
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiFpCaAAtofXR-pNOHbyf6OYi1TQYdyZnYw

170 B
188 B

144ms
143ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiFpCaAAtofXR-pNOHbyf6OYi1TQYdyZnYw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiFpCaAAtofXR-pNOHbyf6OYi1TQYdyZnYw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 61FC 0
0 426ms
144ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
onetag-sys.com/match/ Frame 61FC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=

0
291 B

140ms
140ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Fri, 26 May 2023 22:51:01 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x26 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 26 May 2023 22:51:00 GMT

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 61FC 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 61FC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4527130612681197971

0
291 B

135ms
135ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4527130612681197971

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Fri, 26 May 2023 22:51:01 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.153; 91.239.206.153; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 74ccc0e9-36cd-48b6-b409-a81b8cbfb700
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4527130612681197971
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 61FC 42 B
690 B 137ms
132ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=2MhIf6ZHKaHaFgoxKn93-ih0RuQbla5pKJIp07MLr9s
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 61FC
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=728058323622558445

0
291 B

136ms
135ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=728058323622558445

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=728058323622558445
date: Fri, 26 May 2023 22:51:01 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 61FC
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RMN5QHfAsEpjtFOOSF2i6L1scDnOHZR0xZcJNZ74q8M

43 B
479 B

232ms
231ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RMN5QHfAsEpjtFOOSF2i6L1scDnOHZR0xZcJNZ74q8M

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:51:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 392ABEDZG5GPPF3CPXVK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RMN5QHfAsEpjtFOOSF2i6L1scDnOHZR0xZcJNZ74q8M
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 61FC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUNEQTk5QTMtMkQyMy00OTQ2LUE5MEEtMDU4OEYzN0JBRTBF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&uid=9CDA99A3-2D23-4946-A90A-0588F37BAE0E

0
291 B

136ms
135ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&uid=9CDA99A3-2D23-4946-A90A-0588F37BAE0E

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&uid=9CDA99A3-2D23-4946-A90A-0588F37BAE0E
date: Fri, 26 May 2023 22:51:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 108
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 61FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEHcj3YZQLh9HTaHJQ70HBZ0&google_cver=1

0
291 B

137ms
137ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEHcj3YZQLh9HTaHJQ70HBZ0&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEHcj3YZQLh9HTaHJQ70HBZ0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 61FC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A

0
291 B

139ms
136ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A
date: Fri, 26 May 2023 22:51:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 61FC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=

0
291 B

136ms
136ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H2

200

/
onetag-sys.com/match/ Frame 61FC
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=280ffc3e-3a7c-46b3-9d50-6db7f323fd36&ssp=onetag&gdpr=0
https://onetag-sys.com/match/?int_id=30&uid=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&us_privacy=

0
291 B

143ms
142ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=707a5598-5816-46da-9ae1-f3aa7f052183&gdpr=0&gdpr_consent=&us_privacy=
date: Fri, 26 May 2023 22:51:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 61FC 0
364 B 475ms
170ms Image
image/avif 52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=318&uid=2MhIf6ZHKaHaFgoxKn93-ih0RuQbla5pKJIp07MLr9s
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 f617a2a65b95b78a142eada6e389b344.jpeg
s.yimg.com/lo/api/res/1.2/wJwPKxAXa0DzyFJlbUK9Yg--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ Frame D633 22 KB
22 KB 137ms
135ms Image
image/jpeg 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/lo/api/res/1.2/wJwPKxAXa0DzyFJlbUK9Yg--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/f617a2a65b95b78a142eada6e389b344.jpeg

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

a4ab7ac8d9b0453f533c56f6fb83a72b66de1cf2e66358c54288b74a1f30a0ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:45:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 237921
cld_latency: 21
edge-cache-tag: 344636365562379212642263426312675001364,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
x-cache: MISS
cache-tag: 344636365562379212642263426312675001364,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: MISS
cld_hits: 0
content-length: 22165
x-xss-protection: 1; mode=block
cld_by: cache-iad-kjyo7100047-IAD
x-served-by: cache-iad-kjyo7100047-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 May 2023 04:45:16 GMT
server: ATS
x-timer: S1684903541.019535,VS0,VE21
etag: "f276ecfc52c655e96de735cea547064c"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 gemini.png
s.yimg.com/cv/apiv2/adbuilder/ Frame D633 3 KB
3 KB 134ms
132ms Image
image/png 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/cv/apiv2/adbuilder/gemini.png

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:01:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 0YPPG132AJD33408
age: 625763
x-amz-server-side-encryption: AES256
content-length: 3328
x-amz-id-2: N1ABN0ai6zd/YUZdzyGvdHfnSTMYUHpEOtplWFvQ48XoQhVCiWjylsblbASQ8f0i4BmpXoHia4M=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Mar 2019 01:45:46 GMT
server: ATS
etag: "99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame D633 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 136ms
135ms Ping
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je35o0&_p=8260&cid=650163583.1685141457&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1685141456&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&dt=%E5%A4%A9%E5%AF%A7%E5%90%84%E8%87%AA%E7%88%86%E7%B7%8B%E8%81%9E%E3%80%80%E9%BB%83%E9%90%99%E8%BC%9D%E5%8B%B8%E9%9B%99%E6%96%B9%E8%A4%87%E5%90%88%EF%BC%9A%E4%B8%80%E7%9B%B4%E5%B8%8C%E6%9C%9B%E4%BB%96%E5%80%91%E5%92%8C%E5%A5%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sdk
ads.aralego.com/ Frame BCEF 0
0

GET
H3 200 geo.jpg
s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/images/ Frame 8893 123 KB
123 KB 136ms
135ms Image
image/jpeg 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/images/geo.jpg

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

69c31e19d153f4e351d3ba5d420d298bae69414ff90dd4aaf06508a13a0cc89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14533096834936143271/geo_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:26:16 GMT
x-content-type-options: nosniff
age: 545085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125719
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 11:32:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 19 May 2024 15:26:16 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0819 0
0 175ms
173ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvDG0r1QatZnqHAcTYQwQrIZlaUIyhqWQHmuZkxlXfsSbgdWUMF2M3mCsA2Ww3zykD82Kp5znf9Kiv67IuriCTL8ur6E82BlzeIBiJxiS1CLtCUBQf5hHlyUs1cJgLDtGxkpMwBSSeSPEKCuJRlKKhr2irWyON0uXVUTzU7hGOGQXD-oxD2-L89Xa1zpiHEHGMCbWTKAzCQsTWw1miYm8vELDG5MPIEL9OMcr-qtENuGR3p7q4bG6q0b4JIUzhe6wRkUVOU-No7KUi5q5TTGyz3qm7LqQsejFCt8_oFPMXGNIGNr2DP9wj4u1aa_23c20e2A_a2fYu7D-CLPexylT7AcDLfVs3In6XPe9eIrZIOTaWNKkQdCMGDsaZwPBA5NA53lCFqs1jeTdFAAsASwQwpKmOdlJcA_fhgNlaE41s6nHJp0RsI8izb4Ul_9ha6hmBdpIeMQA-x40ogTmoBoD1vJr1ODkf01aCkG764gw5QxWeQ9dkcDTr75HrdnOCPOzcJO5Wqhd0s4ZG9HygJfgaDNoGibrbjZTeeMVS21c5eREqS5_dL-6cqXTzE9bwRchjd28YPT_04KmzlOBe0yLsXoFbBSXB8REnwhKAS3C615NpZZbv4SeEZWqxtbl4ByJtwZZXSP5YRiYNXM8v4jnFX3uvuWa0Myyn0RrCYRi4Wp6FdoTqK6k0ovnN3JyYFA7-W-YEcABqu4dB7E9Rw0ODLSPoLofJfh2fWMHgz_vcjHYUJVHNS0Np9onFWwmx0B7y2Uu1EuV8Ixg2hf2FqCenloO34m3PZNvI0O-dsbeeyWT2EFMGktbsY_JkTsx3ASUznQKtRZ7i0xGn4bmgurFVywfQG1nwfmkEGN9o0p-iP7C5zUptP0wGnq7ckyWRORiFVIrkjrDRs7c5jYbcnTVSo6I_BGyMtrlkoRPt6mQZ3avK9MGVSIIzDJdUBBqy7LdaOOqQQx9bwK1YvT4XqNFGYjmPnviudGIqrGG9hC4CH1u0BTqdYtzgZUeQgTzi-B81DoTNrrTWq55dXxZ1jH8wgS6AZEimNTOwVrctV8l_E0wk-IRukUrcxi4FtnShRrw&sai=AMfl-YRaZDpGf5SzYfR4YuvVNUj-sbRvLXYrvov34sdWlZqEAmOa9-ctI7wuQKnAro21A6lnsRFNtw8kBtCmVf44L7rj_MIgvsCqbehT2w8bEzzShBNZwAAByIcb-R3vWTbRNPaYCh5KZRhc49d1B_uU7viuWKG7bwrbRQrgE0xbRo3TMnJ-KRY&sig=Cg0ArKJSzDdpQYkpaX1-EAE&uach_m=[UACH]&pr=8:3588DF8A77EBCF31&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2744&vt=11&dtpt=776&dett=3&cstd=1964&cisv=r20230523.42971&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 May 2023 22:51:01 GMT

GET

rum
dsum-sec.casalemedia.com/ Frame 8F02
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&expiration=1687733461&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 8F02 43 B
855 B 332ms
235ms Image
image/gif 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHE31dAtzw6ns4K4GYCKPQAADHQAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:51:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CRWKY5SW4HMCTP78DS9W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET rrum
dsum-sec.casalemedia.com/ Frame 8F02 0
0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 8F02
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZHE31dAtzw6ns4K4GYCKPQAADHQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELmqqRNUB92AbaRRvNtNPGc&google_cver=1

43 B
766 B

131ms
130ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELmqqRNUB92AbaRRvNtNPGc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:51:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELmqqRNUB92AbaRRvNtNPGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET cm
p.rfihub.com/ Frame 8F02 0
0

GET index.gif
euexchangesync.digitaleast.mobi/usersync/ Frame 8F02 0
0

GET

rum
dsum-sec.casalemedia.com/ Frame 8F02
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZHE31dAtzw6ns4K4GYCKPQAA%263188&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e

0
0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 8F02 0
0 1698ms
144ms Image
text/html 104.26.10.209

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET htw-pixel.gif
cdn.indexww.com/ht/ Frame 8F02 0
0

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
408 B 227ms
227ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 97
pragma: no-cache
date: Fri, 26 May 2023 22:51:02 GMT
via: 1.1 varnish
x-served-by: cache-sof1510034-SOF
server: nginx
x-timer: S1685141462.917089,VS0,VE97
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 17BA 43 B
855 B 429ms
231ms Image
image/gif 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHE31dAtzw6ns4K4GYCKPgAADHQAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:51:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T6NZY9B7X6T0Y6TJ9S2D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 17BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZHE31dAtzw6ns4K4GYCKPgAADHQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELmqqRNUB92AbaRRvNtNPGc&google_cver=1

43 B
766 B

130ms
126ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELmqqRNUB92AbaRRvNtNPGc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 22:51:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELmqqRNUB92AbaRRvNtNPGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

rum
dsum-sec.casalemedia.com/ Frame 17BA
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&expiration=1687733461&gdpr=0&gdpr_consent=

0
0

GET rrum
dsum-sec.casalemedia.com/ Frame 17BA 0
0

GET

crum
dsum-sec.casalemedia.com/ Frame 17BA
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=728058323622558445&gdpr=0&gdpr_consent=

0
0

GET
H2 200 ZHE31dAtzw6ns4K4GYCKPgAADHQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 17BA 43 B
603 B 163ms
160ms Image
image/gif 54.72.87.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZHE31dAtzw6ns4K4GYCKPgAADHQAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.87.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-87-105.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET current
casale-match.dotomi.com/match/bounce/ Frame 17BA 0
0

GET indexexchange
sync.adotmob.com/cookie/ Frame 17BA 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 17BA 0
356 B 159ms
157ms Image
image/avif 52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZHE31dAtzw6ns4K4GYCKPgAADHQAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0819 42 B
64 B 168ms
168ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYuZYU0mRl_GLJQMcBlundOO7Lv6h6ZFjTR2s1q8M7Gi6HuLZFjavImURiwChJOLLqZpgCjh39MOH_SATvKu9OlffsKB6eUxQ&sig=Cg0ArKJSzIf71yJZJrFNEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=3559019155&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685141458377&rpt=2586&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET getuid
secure.adnxs.com/ Frame FA14 0
0

GET

sync
pool.admedo.com/ Frame FA14
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57&gdpr=0&gdpr_consent=&us_privacy=1---
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=707a5598-5816-46da-9ae1-f3aa7f052183

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FA14
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-72521f36-9406-5fe5-469a-c218cb48efbc$ip$91.239.206.153

35 B
250 B

1542ms
163ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-72521f36-9406-5fe5-469a-c218cb48efbc$ip$91.239.206.153
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 26 May 2023 22:51:03 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-72521f36-9406-5fe5-469a-c218cb48efbc$ip$91.239.206.153
Date: Fri, 26 May 2023 22:51:02 GMT
Connection: keep-alive
Content-Length: 128
Content-Type: text/html; charset=utf-8

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame FA14 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FA14
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=fMsZwzKyXur5&ev=1&pid=558355

35 B
250 B

1298ms
157ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=fMsZwzKyXur5&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 26 May 2023 22:51:03 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: ka-GE
location: https://usersync.gumgum.com/usersync?b=pln&i=fMsZwzKyXur5&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-m6fd8
expires: -1

GET redirectObuid
sync.outbrain.com/ Frame FA14 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FA14
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=2794542a-c3ec-47cf-a12c-be5993626d0b

35 B
250 B

1145ms
166ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=2794542a-c3ec-47cf-a12c-be5993626d0b
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 26 May 2023 22:51:03 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Fri, 26 May 2023 22:51:02 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=2794542a-c3ec-47cf-a12c-be5993626d0b
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FA14
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-dB.zVDBE2pe69dTPhqODuAR.RsMAKMe7szMW~A

35 B
250 B

1468ms
157ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-dB.zVDBE2pe69dTPhqODuAR.RsMAKMe7szMW~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 26 May 2023 22:51:03 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Fri, 26 May 2023 22:51:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-dB.zVDBE2pe69dTPhqODuAR.RsMAKMe7szMW~A
content-length: 0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame FA14 0
0

GET services
sync.technoratimedia.com/ Frame FA14 0
0

GET 142
match.deepintent.com/usersync/ Frame FA14 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FA14
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=9ca6004a-5304-42ce-820f-9d1c91e39d76

35 B
250 B

159ms
158ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=9ca6004a-5304-42ce-820f-9d1c91e39d76
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 26 May 2023 22:51:03 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=9ca6004a-5304-42ce-820f-9d1c91e39d76
access-control-allow-origin: *
date: Fri, 26 May 2023 22:51:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FA14
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=728058323622558445

35 B
250 B

1452ms
157ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=728058323622558445
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 26 May 2023 22:51:03 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=728058323622558445
date: Fri, 26 May 2023 22:51:01 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame FA14 0
357 B 167ms
159ms Image
image/avif 52.213.50.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.50.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-50-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:51:02 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET user-sync
sync.adkernel.com/ Frame 440B 0
0

GET e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame CF4C 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4203 16 KB
6 KB 926ms
131ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=94706
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 26 May 2023 22:51:02 GMT
expires: Sun, 28 May 2023 01:09:28 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 4F1C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3

35 B
250 B

606ms
157ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 26 May 2023 22:51:02 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 193
content-type: text/html
date: Fri, 26 May 2023 22:51:02 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 3610
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=

35 B
250 B

474ms
161ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 26 May 2023 22:51:02 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 26 May 2023 22:51:02 GMT
Expires: Fri, 26 May 2023 22:51:01 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 851 9bd98ae master cdg-pixel-x14 config_version:"unknown"
location: https://usersync.gumgum.com/usersync?b=mmh&i=2ab36471-37d3-4f00-99c8-ae8998130313&gdpr=0&gdpr_consent=

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 74CC 0
0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 6EA4 170 B
188 B 148ms
138ms Document
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMGU0ZjE2MC0yYjIxLTRhNmYtOGYyNy0xY2RiNjI0ZjdmNTc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:51:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 09A7
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZHE30cCo5uYAALE-e7wAAAAA

35 B
250 B

606ms
165ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZHE30cCo5uYAALE-e7wAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 26 May 2023 22:51:02 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Fri, 26 May 2023 22:51:02 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZHE30cCo5uYAALE-e7wAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 1
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad358.dc4p.scaleout.jp
X-SO-IP: 91.239.206.153
X-SO-Key: ZHE30cCo5uYAALE-e7wAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"91.239.206.153","key":"ZHE30cCo5uYAALE-e7wAAAAA","privacy_sensitive":false,"uid":"ZHE30cCo5uYAALE-e7wAAAAA","upstream_id":"m-ad358"}
X-SO-LB-Hostname: a-tgng40015.dc2p.scaleout.jp
X-SO-UID: ZHE30cCo5uYAALE-e7wAAAAA
X-SO-Upstream-ID: m-ad358

GET gumgum
cs.admanmedia.com/sync/ Frame 5E19 0
0

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame 31A1 43 B
766 B 256ms
130ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 26 May 2023 22:51:02 GMT
Expires: 0
Keep-Alive: timeout=1, max=494
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 6EA6
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=2dSEJAJub1ah0FLYdSj4&pi=gumgum&tc=1

35 B
250 B

554ms
161ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=2dSEJAJub1ah0FLYdSj4&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 26 May 2023 22:51:03 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 26 May 2023 22:51:02 GMT Fri, 26 May 2023 22:51:02 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=2dSEJAJub1ah0FLYdSj4&pi=gumgum&tc=1
pragma: no-cache

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 3CF0 0
0

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 4203 0
0

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 161ms
160ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1685141463671&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1521&pt=844945065&tz=0&viewable=true&ddast=V8BSQCLAYsV1ySICCkOhFYrrgkQUBIdSoAAABgYID-AEl4XBvDYLJc60YWy1o0MlnWys3EuFYNlhOHcbdZTiYWIyAJj2tjGEyWa93IYlmLRibLWrmZGNeqwXLiMO42y8nEYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ3aDodPte9Xvf73SU-z1zj9yv8oqfD7pYeXW-dyy19uiUOv1vmcrp1L7tb6HrYfW6Ry-5zC11Pt-L1sLs1R9fD7nPLHHafW-Z6C11u5dMtPTrdwqdb97D73KKHW-2yu4Uut9DhtwtNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDE4YAuTrPT8_QHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPIZUt8pqZMs9vBEpqC3CCAAAAMDWu3PmkUk6QcWiyv__f78VgCsAAAGIWkH9sFl0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyNkIvyYRmgmil3NLyAAwJpfQAAANuoGAOBNAJygQ9CKwWB1AmJ2AAAAAO78____6wGhlXOymaw8o8nKM1isHM6Rb7jyDDej2cwyMa4m2xM1zAqXbDK81GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghmJs7ZaONZuGWm5WQtGixHbolpt1rLVivjzLDwzWy20Vr0-pgutoXFZFp5kWBA314kT4t0orHMNhvLamTaDGeW2cJkXHlmC5txN1rsVqbhbDYRSzQni3Qiu-xLK-dkM1l5RpOVZ7BYOZwj33DlGW5Gs5llYlxN9p2JczbaeBZumWk5WYsGy5FbYtqt1rLVyjgzLHwzm220Fr0-pottYTGZVv7GbLhajBaj1WjfmA1Xi9FitBrtO3SG7-pzNirLKslHqLmGzi2NzWlQuAwW71S9-kY7s4PoNy06ZTK1sqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoUilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_o6bC7pUfXW-dyS59uicPvlrmcbt3L7ha6HnafW-Sy-9xC19OteD3sbs3R9bD73DKH3eeWud5Cl1v5dEuPTrfw6dY97D636OFWu-xuocstdPjtQtPbbBFLBKeLdCJ6GU8X9R855GIu2SznksFsrlhtVgkAAAAAAAAAwBJMMt0EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZAFYr7____HwcAAEBGDj0AAAD6fUBZAAAAAAAA_ApiMJwM9g9AhVir1ep2Y61WCw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv2r_vB!t45!tbt_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: cf02816c53a21a989e4927daf0a68dbfe6a5a5dfb62313cf499cd6aee093cdfe

Request headers

Referer: https://www.bg3.co/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 22:51:03 GMT
content-encoding: gzip
server: nginx
machineid: 1435
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/af5a949f04eb05139e71630b42be6b67.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7fb053c724cb11d8d289c504a11a6106.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/59b1925c794f152c6af70a8a7eff5d16.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/ffb5528d7f906f1ca854b36d8cdbc0ce.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/1255e41b84783fb1bb541e14e3d8a189.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e444d4187df62fbeff1c32fd9985cea0.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c7d1a7bb66fd1cccb15843901c7f2c0c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/35c5bcfa233b309dc0218f880287f3f8.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/a4ec54e5f5df1c2340c051bcdcb6a40e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/fc850c2b257a80235258f8f0061b5e94.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/76530765c824dd31fc70c9fd190fdd07.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8af6d4973dc6e7ffeec9594b86b39d07.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/a2ddd2c42c39061a86f4a6654d45b093.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/0b9a2515ad55b5ffb17a761a4bf41309.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/26117d3bb12d0dc1d583f29299bbc004.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/5b63dc9dbd9a4bd4184d440dfff9ddae.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202110/71735915d740e2288f6419889f895c16.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8e96407f62573ac0557d2440e49fd040.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/65d4faf68de2ae294809e3518f36abde.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/46e5075610b19368ffb790f3d3294059.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/678faee8a12b0e6c6c832a9787494541.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/cd4cdfbbf79eb17f94cb2cc2158d5601.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/d8b6bd8f52f42f04480194e35df91aee.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/88e1c6bf73207e50359b6bb763b79ee5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/d24dce7d2bd784d875c213997e5ae5cd.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/05610479d3444d2d86a96e1bbd19c672.jpg?w=150&h=100&q=100

Domain: a.teads.tv
URL: https://a.teads.tv/hb/bid-request

Domain: grid.bidswitch.net
URL: https://grid.bidswitch.net/hbjson

Domain: prebid.media.net
URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9

Domain: hb-api.omnitagjs.com
URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22603de39aede8f73%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A2%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226771c92fbd9a9ab%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%227041a6e2f3381a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220305cf03-427e-406e-9c81-665c3f155fb0%22%7D%5D%7D%5D%7D%7D

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22603de39aede8f73%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftian-zhu-ge-zi-bao-fei-wen-huang-deng-hui-quan-shuang-fang-fu-he-yi-zhi-xi-wang-ta-men-he-hao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A2%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227041a6e2f3381a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220305cf03-427e-406e-9c81-665c3f155fb0%22%7D%5D%7D%5D%7D%7D

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/adreq?cb=6347

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=42&3pid=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e&us_privacy=&gdpr=0&gdpr_consent=

Domain: id5-sync.com
URL: https://id5-sync.com/a/464/121/0/8/gif/0/0/ZGwAAmRxN9cAAAAIKlY8Aw==

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI5jnUqsQGET-P_29w4ogpI&google_cver=1

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=

Domain: pixel-eu.rubiconproject.com
URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east

Domain: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=44007&in=1

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Domain: cm.adform.net
URL: https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F421%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Deef16dff-db78-44cc-afab-810400740fe9%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID

Domain: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: pixel-eu.rubiconproject.com
URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=

Domain: ads.aralego.com
URL: https://ads.aralego.com/sdk

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&expiration=1687733461&gdpr=0&gdpr_consent=

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?in=1&pub=2079

Domain: euexchangesync.digitaleast.mobi
URL: https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e

Domain: cdn.indexww.com
URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZHE31dAtzw6ns4K4GYCKPQAA%263188

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3&expiration=1687733461&gdpr=0&gdpr_consent=

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=728058323622558445&gdpr=0&gdpr_consent=

Domain: casale-match.dotomi.com
URL: https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

Domain: pool.admedo.com
URL: https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=707a5598-5816-46da-9ae1-f3aa7f052183

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: cs.iqzone.com
URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/gumgum?puid=e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73545249&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

127 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/palmate-bg3co/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_4e9232e342e301ea9d78e38346f2b852_3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e_1685141454_1685141454_CNawjgYQ2YJdGPf5h9KFMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB
.3lift.com/sync	1970-01-20 14:15:17	Name: sync Value: CgoIoQEQ1a2I0oUxCgoI4gEQ1a2I0oUxCgoI5gEQ1a2I0oUxCgoIhwIQ1a2I0oUxCgkICRDVrYjShTEKCQg6ENWtiNKFMQoJCAsQ1a2I0oUxCgoIjAIQ1a2I0oUxCgkIXxDVrYjShTEKCQgfENWtiNKFMQ==
.aralego.com/	1970-01-20 20:51:17	Name: sspid Value: 441ff555-4d5e-3c04-b70c-3b397e08b3a3
www.bg3.co/	1970-01-20 12:05:43	Name: __AP_SESSION__ Value: b77da11d-e8ca-4eba-9082-0a7356229b9e
.scorecardresearch.com/	1970-01-20 21:41:41	Name: UID Value: 1096fdc3531520fdc09fea71685141454
.www.bg3.co/	1970-01-20 12:48:53	Name: _im_vid Value: 01H1D43ZK4HV3YHN99RWE9KCXP
www.bg3.co/	1970-01-20 12:48:53	Name: _pbjs_userid_consent_data Value: 3524755945110770
.bg3.co/	1970-01-20 12:48:53	Name: _pubcid Value: 0305cf03-427e-406e-9c81-665c3f155fb0
.aralego.com/	1970-01-20 20:51:17	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 20:51:17	Name: gdpr Value: 1
.taboola.com/	1970-01-20 20:51:17	Name: t_gid Value: 3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e
.logly.co.jp/	1970-01-20 20:51:17	Name: uid Value: 3tY3nF5RFXbbV3VJo1eqt0jaIsY
www.bg3.co/	1970-01-20 20:51:17	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e
.bg3.co/	1970-01-20 21:27:17	Name: __gads Value: ID=6bfefe051a28daf3-22932832c3e00048:T=1685141454:RT=1685141454:S=ALNI_MZojeZnv05tFYRVVBno1Gio-IHLpg
.bg3.co/	1970-01-20 21:27:17	Name: __gpi Value: UID=00000c37ca7cbd5f:T=1685141454:RT=1685141454:S=ALNI_MY2NaHQqVAJVHWpiqv-JsjB3gVTFA
.openx.net/	1970-01-20 20:51:17	Name: i Value: 0305cf03-427e-406e-9c81-665c3f155fb0\|1685141454
.smartadserver.com/	1970-01-20 20:52:43	Name: pbw Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 480002=5469050
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 20:52:43	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 12:07:07	Name: sasd Value: %24qc%3D1314590126%3B%24ql%3DUnknown%3B%24qt%3D107_0_0t%3B%24dma%3D0
.adnxs.com/	1970-01-20 14:15:17	Name: icu Value: ChgIm_VtEAoYASABKAEwz-_EowY4AUABSAEQz-_EowYYAA..
.adnxs.com/	1970-01-20 14:15:17	Name: uuid2 Value: 4527130612681197971
.smartadserver.com/	1970-01-20 20:52:43	Name: pid Value: 728058323622558445
.smartadserver.com/	1970-01-20 12:07:07	Name: sasd2 Value: q=%24qc%3D1314590126%3B%24ql%3DUnknown%3B%24qt%3D107_0_0t%3B%24dma%3D0&c=1&l=1224194952&lo=1424563188&lt=638207382549854326&o=1
.rubiconproject.com/	1970-01-20 20:51:17	Name: khaos Value: LI55POGL-P-CM9A
.adsrvr.org/	1970-01-20 20:52:43	Name: TDID Value: bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3
.logly.co.jp/	1970-01-20 20:51:17	Name: f Value: lURERgMAAAC6jMrd_P___4FMAwBhAyiiAQBhA4NMAwBjA4JMAwBiA4VMAwBlA-GGAwBlAw
.doubleclick.net/	1970-01-20 21:41:41	Name: IDE Value: AHWqTUnayB5yc9L-H0WGC0bXPBoWtvl98cxq_psbvoGqnNYWiP9tiyEJyFi0MQ7v8OA
.bidswitch.net/	1970-01-20 20:51:17	Name: tuuid Value: 707a5598-5816-46da-9ae1-f3aa7f052183
.bidswitch.net/	1970-01-20 20:51:17	Name: c Value: 1685141456
.bidswitch.net/	1970-01-20 20:51:17	Name: tuuid_lu Value: 1685141456
.bg3.co/	1970-01-20 21:41:41	Name: _ga Value: GA1.1.650163583.1685141457
.bg3.co/	1970-01-20 21:41:41	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1685141456.1.0.1685141456.0.0.0
.adform.net/	1970-01-20 12:50:19	Name: C Value: 1
.yahoo.com/	1970-01-20 20:51:39	Name: A3 Value: d=AQABBNE3cWQCEEevEqmP7mcXb3SI4W4V5HUFEgEBAQGJcmR7ZEfWPzIB_eMAAA&S=AQAAAv0GvqXFC4aq9g3EikqfmcY
.adform.net/	1970-01-20 13:32:05	Name: uid Value: 7683554565452013913
.betweendigital.com/	1970-01-20 20:51:17	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 20:51:17	Name: ss Value: 1
.betweendigital.com/	1970-01-20 20:51:17	Name: tuuid Value: d029fb03-12a7-5293-af8e-d646cbffe197
.adscale.de/	1970-01-20 20:47:57	Name: uu Value: 04e57c9ed2a3466fbb657efdde0f6047
.betweendigital.com/	1970-01-20 20:51:17	Name: ut Value: ZHE30QAINZBrJ2aPiIFgttG0pWAT4NdoP7qPoA==
.adscale.de/	1970-01-20 20:47:57	Name: cct Value: 1685141457603
.socdm.com/	1970-01-20 21:41:41	Name: SOC Value: ZHE30cCo5uYAALE-e7wAAAAA
.id5-sync.com/	1970-01-20 12:05:41	Name: callback Value: https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
.criteo.com/	1970-01-20 21:27:17	Name: uid Value: 50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a
.id5-sync.com/	1970-01-20 14:15:17	Name: id5 Value: 68b14c9f-be9f-72c1-8229-6b0caefeae26#1685141458398#2
.mfadsrvr.com/	1970-01-20 21:41:41	Name: tuuid Value: 280ffc3e-3a7c-46b3-9d50-6db7f323fd36
.mfadsrvr.com/	1970-01-20 21:41:41	Name: c Value: 1685141458
.mfadsrvr.com/	1970-01-20 21:41:41	Name: tuuid_lu Value: 1685141458
.doubleclick.net/	1970-01-20 12:05:45	Name: DSID Value: NO_DATA
.3lift.com/	1970-01-20 14:15:17	Name: tluid Value: 3206869964242266754610
.metadsp.co.uk/	1970-01-20 20:51:17	Name: ruuid Value: 7eddbb1a-a488-470e-9fc1-4cc7c3819ae1
.metadsp.co.uk/	1970-01-20 20:51:17	Name: c Value: 1685141459
.metadsp.co.uk/	1970-01-20 20:51:17	Name: ruuid_lu Value: 1685141459
.amazon-adsystem.com/	1970-01-20 21:41:41	Name: ad-privacy Value: 0
.contextweb.com/	1970-01-20 20:44:05	Name: V Value: fMsZwzKyXur5
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: bb6247c5869892e8
.mathtag.com/	1970-01-20 21:31:36	Name: uuid Value: 2ab36471-37d3-4f00-99c8-ae8998130313
.lkqd.net/	1970-01-20 20:51:17	Name: lkqdidts Value: 1685141459
.lkqd.net/	1970-01-20 20:51:17	Name: sr59 Value: 1\|CAESEJackjQX_bG6qOuonpWtJ7I\|1685141459
.lkqd.net/	1970-01-20 20:51:17	Name: lkqdid Value: tBSpaWgthBM
.adx.opera.com/	1970-01-20 20:51:17	Name: UID Value: OPUf19e9ea6f3244e8d9d28ce42c7b486c4
.crwdcntrl.net/	1970-01-20 18:34:26	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 18:34:26	Name: _cc_id Value: 46b58532ddf468f20407502538777278
sync.srv.stackadapt.com/	1970-01-20 20:51:17	Name: sa-user-id Value: s%3A0-72521f36-9406-5fe5-469a-c218cb48efbc.vholO1xSpQeFYb6Ve7ikhPXbqzU2gTzjC1lrVFOPf94
sync.srv.stackadapt.com/	1970-01-20 20:51:17	Name: sa-user-id-v2 Value: s%3AclIfNpQGX-VGmsIYy0jvvFvvzpk.9%2Bo1SPffmwZZCwZmhqwgBGS268%2FoZH3TgqvrAfnRKeE
.srv.stackadapt.com/	1970-01-20 20:51:17	Name: sa-user-id-v2 Value: s%3AclIfNpQGX-VGmsIYy0jvvFvvzpk.9%2Bo1SPffmwZZCwZmhqwgBGS268%2FoZH3TgqvrAfnRKeE
.amazon-adsystem.com/	1970-01-20 17:22:29	Name: ad-id Value: A1UGCNh1WUmLgZWkbXBTQUg
.linkedin.com/	1970-01-20 20:51:17	Name: bcookie Value: "v=2&b2610053-08de-45b9-891c-2bf9718a0df3"
.linkedin.com/	1970-01-20 12:07:07	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2575:u=1:x=1:i=1685141460:t=1685227860:v=2:sig=AQGdzB88iww2RxjX8VV9OE0ACW1B8dQx"
.openx.net/	1970-01-20 12:27:17	Name: pd Value: v2\|1685141460\|gekin0vNiygu
www.bg3.co/	1970-01-20 12:48:53	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-26T22%3A51%3A00%22%7D
.id5-sync.com/	1970-01-20 12:05:41	Name: cf Value:
.id5-sync.com/	1970-01-20 12:05:41	Name: cip Value:
.id5-sync.com/	1970-01-20 12:05:41	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:05:41	Name: car Value:
.id5-sync.com/	1970-01-20 12:05:41	Name: gdpr Value:
.quantserve.com/	1970-01-20 21:35:55	Name: mc Value: 647137d4-cc95e-c9054-bee46
.bg3.co/	1970-01-20 21:30:10	Name: __qca Value: P0-1541803059-1685141458216
.linkedin.com/	1970-01-20 14:15:17	Name: li_sugr Value: bd0088a4-10ad-4290-9a53-18247ad620f1
.openx.net/	1970-01-20 12:27:17	Name: univ_id Value: 537072971\|bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3\|1685141460999724
.onetag-sys.com/	1970-01-20 21:41:41	Name: OTP Value: RMN5QHfAsEpjtFOOSF2i6L1scDnOHZR0xZcJNZ74q8M
.prebid.a-mo.net/	1970-01-20 12:07:07	Name: _sv3_0 Value: 1
.a-mo.net/	1970-01-20 20:51:17	Name: amuid2 Value: eef16dff-db78-44cc-afab-810400740fe9
.prebid.a-mo.net/	1970-01-20 20:51:17	Name: sd_amuid2 Value: eef16dff-db78-44cc-afab-810400740fe9
.casalemedia.com/	1970-01-20 14:15:17	Name: CMPS Value: 3188
.casalemedia.com/	1970-01-20 14:15:17	Name: CMPRO Value: 3188
.rubiconproject.com/	1970-01-20 20:51:17	Name: audit Value: 1\|naVuGyos1qqVVaF14FZol+1ArEyWu9IO4HY10GQWC0bojQDh00QR1ytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Em9dRdKCTFZDCax3pyYFnS0=
.analytics.yahoo.com/	1970-01-20 20:51:17	Name: IDSYNC Value: "19cx~2bva:198o~2bva:194o~2bva"
.creative-serving.com/	1970-01-20 21:27:17	Name: tuuid Value: 39e3809f-b454-4ef8-81c9-e847310d3f25
.creative-serving.com/	1970-01-20 21:27:17	Name: c Value: 1685141461
.creative-serving.com/	1970-01-20 21:27:17	Name: tuuid_lu Value: 1685141461
.prebid.a-mo.net/	1970-01-20 12:07:07	Name: _sv3_2 Value: 1
.mfadsrvr.com/	1970-01-20 21:41:41	Name: ssh Value: !bidswitch,1685141461!taboola,1685141458
.pubmatic.com/	1970-01-20 14:15:17	Name: SyncRTB3 Value: 1686268800%3A220
.pubmatic.com/	1970-01-20 12:05:41	Name: ipc Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^1^0
.pubmatic.com/	1970-01-20 12:07:07	Name: pi Value: 159706:2
.pubmatic.com/	1970-01-20 20:51:17	Name: KADUSERCOOKIE Value: 9CDA99A3-2D23-4946-A90A-0588F37BAE0E
.pubmatic.com/	1970-01-20 14:15:17	Name: chkChromeAb67Sec Value: 1
.media.net/	1970-01-20 20:51:17	Name: visitor-id Value: 3281430614264990000V10
.media.net/	1970-01-20 20:51:17	Name: data-pbs Value: setstatuscode~~1
.smartadserver.com/	1970-01-20 20:52:43	Name: csync Value: 79:50e8abe2-6ebd-48a4-9e8b-f5aa238c9f1a\|92:fMsZwzKyXur5\|107:3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e
.casalemedia.com/	1970-01-20 20:51:17	Name: CMID Value: ZHE31dAtzw6ns4K4GYCKPgAA
.servenobid.com/	1970-01-20 12:15:46	Name: pid_317 Value: 728058323622558445
.servenobid.com/	1970-01-20 12:15:46	Name: pid_337 Value: y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A
.servenobid.com/	1970-01-20 12:15:46	Name: pid_312 Value: 4527130612681197971
.servenobid.com/	1970-01-20 12:15:46	Name: pid_339 Value: y-FWj2t.1E2uExB8ntp9k.CqvnTPnB7PFfumyVVqk-~A
.servenobid.com/	1970-01-20 12:15:46	Name: pid_318 Value: 2MhIf6ZHKaHaFgoxKn93-ih0RuQbla5pKJIp07MLr9s
.servenobid.com/	1970-01-20 12:15:46	Name: pid_353 Value: 3281430614264990000V10
.gumgum.com/	1970-01-20 20:51:17	Name: vst Value: e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57
.servenobid.com/	1970-01-20 12:15:46	Name: pid_333 Value: ZHE31dAtzw6ns4K4GYCKPgAADHQAAAAB
match.sharethrough.com/	1970-01-20 12:15:46	Name: AWSALBCORS Value: iwLjA7sPslGf73V6o85l00z7t53cuyPio8eoPYaOT0AJx1sIjkP4mHCLACChje2+twVS6Brm/lJ6PAD//ET7iua5fPxOb/uN4//urnDbe6HHztAptkzOWvtPFV78
.contextweb.com/	1970-01-20 20:51:17	Name: pb_rtb_ev Value: 3-1kt5\|5Ql.0.3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e\|7bq.0.1
.servenobid.com/	1970-01-20 12:15:46	Name: pid_309 Value: e_10e4f160-2b21-4a6f-8f27-1cdb624f7f57
.bing.com/	1970-01-20 21:27:17	Name: MUID Value: 2878941DD55C64EF05688700D48565F2
.c.bing.com/	1970-01-20 12:15:46	Name: MR Value: 0
.adsrvr.org/	1970-01-20 20:52:43	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCIzi-8K2ke87EAUSFgoHc3Z4OXQ1MBILCOSsrtu2ke87EAUSFQoGY2FzYWxlEgsI9NrF5LaR7zsQBRgBIAEoAjILCLzKpJTNke87EAU4AVoGZ3VtZ3VtYAI.
.creativecdn.com/	1970-01-20 20:51:17	Name: u Value: 2dSEJAJub1ah0FLYdSj4
.creativecdn.com/	1970-01-20 20:51:17	Name: ts Value: 1685141462
.prebid.a-mo.net/	1970-01-20 12:07:07	Name: _sv3_8 Value: 1
.demdex.net/	1970-01-20 16:24:53	Name: demdex Value: 63688520227944709111107928925722670841
.dpm.demdex.net/	1970-01-20 16:24:53	Name: dpm Value: 63688520227944709111107928925722670841
.ads.pubmatic.com/	1970-01-20 12:07:07	Name: KCCH Value: YES
.id5-sync.com/	1970-01-20 14:15:17	Name: 3pi Value: 464#1685141458536#1319129002#3b964c3a-f492-409d-b475-65e8f0a7ff64-tuctb6abd4e\|3#1685141459488#-2121634291#2ab36471-37d3-4f00-99c8-ae8998130313\|19#1685141460526#-757378377#46b58532ddf468f20407502538777278\|485#1685141463010#756570101\|264#1685141458911#-245427755#bcf2ab9e-c3d4-4365-ba9a-6b8a149237d3\|285#1685141460796#-975873477#LI55POGL-P-CM9A
.disqus.com/	1970-01-20 20:51:17	Name: zeta-ssp-user-id Value: ua-367b9236-709b-35d1-81f8-a0aea72d596a
.servenobid.com/	1970-01-20 12:15:46	Name: pid_346 Value: ua-367b9236-709b-35d1-81f8-a0aea72d596a

30 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/c7d1a7bb66fd1cccb15843901c7f2c0c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/a4ec54e5f5df1c2340c051bcdcb6a40e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e444d4187df62fbeff1c32fd9985cea0.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/af5a949f04eb05139e71630b42be6b67.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/59b1925c794f152c6af70a8a7eff5d16.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/fc850c2b257a80235258f8f0061b5e94.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/35c5bcfa233b309dc0218f880287f3f8.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7fb053c724cb11d8d289c504a11a6106.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/1255e41b84783fb1bb541e14e3d8a189.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/ffb5528d7f906f1ca854b36d8cdbc0ce.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/a2ddd2c42c39061a86f4a6654d45b093.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/76530765c824dd31fc70c9fd190fdd07.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8af6d4973dc6e7ffeec9594b86b39d07.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/0b9a2515ad55b5ffb17a761a4bf41309.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/5b63dc9dbd9a4bd4184d440dfff9ddae.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/26117d3bb12d0dc1d583f29299bbc004.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202110/71735915d740e2288f6419889f895c16.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/65d4faf68de2ae294809e3518f36abde.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8e96407f62573ac0557d2440e49fd040.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/46e5075610b19368ffb790f3d3294059.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/678faee8a12b0e6c6c832a9787494541.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/cd4cdfbbf79eb17f94cb2cc2158d5601.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/d8b6bd8f52f42f04480194e35df91aee.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/88e1c6bf73207e50359b6bb763b79ee5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/d24dce7d2bd784d875c213997e5ae5cd.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/05610479d3444d2d86a96e1bbd19c672.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvdGlhbi16aHUtZ2UtemktYmFvLWZlaS13ZW4taHVhbmctZGVuZy1odWktcXVhbi1zaHVhbmctZmFuZy1mdS1oZS15aS16aGkteGktd2FuZy10YS1tZW4taGUtaGFvLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66570716e3c675b4a2b3351a14a05cf3.safeframe.googlesyndication.com
691e9e2891f8a25b4776585bf50a05ef.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.sitemaji.com
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.ge
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
audiencedata.im-apps.net
b.logly.co.jp
b1sync.zemanta.com
be0782d7f8c2998aa76bc9e852638eb0.safeframe.googlesyndication.com
beacon-ams3.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
casale-match.dotomi.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.iqzone.com
cs.lkqd.net
csync.loopme.me
d-1405376643990224854.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.im-apps.net
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.yahoo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
ih.adscale.de
il-trc-events.taboola.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imprammp.taboola.com
js-sec.indexww.com
l.logly.co.jp
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
match.taboola.com
nt.compass-fit.jp
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.go.sonobi.com
sync.ipredictive.com
sync.logly.co.jp
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.teads.tv
acdn.adnxs.com
ads.aralego.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
casale-match.dotomi.com
cdn.indexww.com
ce.lijit.com
cm.adform.net
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.iqzone.com
csync.loopme.me
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
grid.bidswitch.net
hb-api.omnitagjs.com
htlb.casalemedia.com
id5-sync.com
image6.pubmatic.com
match.deepintent.com
p.rfihub.com
pixel-eu.rubiconproject.com
pool.admedo.com
prebid.media.net
secure-assets.rubiconproject.com
secure.adnxs.com
static.bg3.co
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.technoratimedia.com
visitor.omnitagjs.com
104.18.11.47
104.26.10.209
108.138.36.44
13.107.21.200
13.107.42.14
13.113.148.165
13.32.121.21
13.32.99.85
141.226.224.32
141.226.228.48
142.250.181.227
142.250.181.232
142.250.184.226
142.250.184.238
142.250.185.162
142.250.185.194
142.250.185.225
142.250.185.226
142.250.185.230
142.250.185.66
142.250.186.34
142.250.186.66
142.250.186.67
142.250.186.74
142.250.186.98
142.250.74.193
146.20.132.150
147.75.84.158
151.101.1.229
151.101.129.44
151.101.65.44
162.210.196.208
172.217.18.97
172.64.161.31
172.67.71.254
173.194.76.155
178.250.7.10
178.250.7.11
178.250.7.13
178.250.7.2
18.196.84.192
18.66.122.127
185.106.33.48
185.184.8.90
185.29.134.248
185.64.189.110
185.64.191.210
185.80.39.216
185.86.138.32
185.86.139.93
185.86.139.94
188.125.72.139
188.42.34.64
192.96.203.13
198.47.127.18
2.21.20.138
202.241.208.54
208.93.169.131
213.19.162.37
213.19.162.41
216.58.212.130
216.58.212.132
23.201.255.110
23.212.88.20
23.32.184.192
23.36.163.106
23.50.131.208
23.50.131.209
23.97.225.52
3.124.225.209
3.125.82.56
3.127.26.106
3.233.146.109
3.33.220.150
3.75.62.37
34.120.96.193
34.230.171.182
34.98.64.218
35.156.69.156
35.158.42.58
35.186.215.140
35.208.249.213
35.210.239.72
35.244.159.8
35.244.174.68
37.157.3.30
37.252.171.85
51.89.9.254
52.17.185.171
52.210.15.1
52.213.148.186
52.213.50.95
52.46.151.131
52.58.86.197
52.94.223.37
54.160.251.62
54.168.198.133
54.65.183.34
54.72.87.105
69.16.175.10
69.173.144.139
69.173.144.165
69.173.151.100
76.223.111.18
82.145.213.8
84.17.37.44
87.248.100.137
87.248.119.251
91.228.74.200
99.84.88.56
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0112171d171eee1e3283993a8c01cb478032895f9ddd70238ed7d06cbc717567
03853dc53fb780a8ece5cd8f5ef799729a85932b58b87c78c67fe73f8be95350
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
050abc1b9cd0d46e15042902b72f457eca5be10d82a5562b3ea44b8d40a342d3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0af010f61458399e8d30b497a19e1c7bb7925f6b6cd409fd6161d32cca25c85a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca78e8d1923a071bc5fa4b68044bc5644a11b856668a24814f1e9a56e9bf8d0
117d672d13737b9fd296dbf791dfcb05ba56c07786fe50973fa48f2d06b30a5a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1368da1e83df113f410875e4817af9df14edf91e7050f7b03298b141ede30fc7
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
15b28511b14bb31f527775102771a551335be9b80177d00395c3ebf2f5e9b12a
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b20082cbcce0fdcfc56d6af332c757d8bb1b7df96dcdbccbf3679bda6e3fa66
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d6c917cea545cbcff8c7988de594c3e060694883165721b9fb9eafc5cc81f8f
1e737cb70c5600e8176fb678cd23d2b1c607f9cb4313e69dbc986714df91dfcf
213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b
23205dc8bb2f752461eab7cf823df6459634564948681a16acec2ee52c1e76bd
24fe78f1280f51c6051b193b5649f2501922d573c810cc60e330e26e8438b6a1
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
282057dd9bf8e2f008b00af38206a5f16ebf74893ed4f266ad80cf88eb57026e
284a15abaa50d9f7160c5e84df25030e811179539a5112add89415198fb92713
28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3
28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828
29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2dd4cc12cc1ce0bb2065aa9148373e1df3bb88a90eee6c72fc245254ee7c3911
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
330b1e9ee51be3e724fa47637a4e97cf7e2f3c8ae353f439282799f15a0f6bfc
332178c76008a6c2d64d1956767df4abcba64c510ba40e92b8cbf374a8ac6ab5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33ce6c945da285e330e45d989fa6e2fed27037f0a15981b99ada58bf9a6d096e
36326e3d5288ee0e69db6442325fd10eefcdb7fc051d1594713370270f68d400
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
38b589bc56ec20453b96771f6cb0c18e9bc76fa71459e9656b785b812fd49cf8
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3c9ddd5ff1645b8c3521d0cfd0198e84e27f7ab1dee9255835af969b6a448f80
3d327d5c64fb137f28739815f35d7093f5f131adceb8c8b13bcd5eea29038fa1
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3e8a04aa6da962836e04232ed30ee6499ad034fb417d31f013d8da873b1b9a88
3f12d3a041ced1e53fad6e9f33a1983fdc7132a99957acd0390c41181dcb60ff
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffe02e100446a078afa22e54d347694b5c6e695d1276a3222253bd7a0f6dfdb
437188c03d4888e1ef3b56de8235c7df66e16eeb0ead2ef1d532668d8fd52385
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46df493ce0b3cfef85a95ca969ae64517f79066ab7b23958216dbd757c1837af
487f9625d6d17402d2907c65a39e0b5044a1188bab736fe3775b5a4abde12930
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5547ccd000f55d51916dde9e7ba9e0c34b77445032d345abdfdbb25cc3d0b337
555f0737b5f8db31c1cc839a2b385e0f367fa6cf1bdd1dec5161ce76099797ed
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151
5d468ecdf73315b4cc8c3a7975de8a1573c1bcfbc9c07a9e0bde113754c47fda
60bff1f3d1652febff5190c494944d027b4239d3d030d189763a8e923d8d40a7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ec5eee82ce6141d1ccafe647de368c6d8eeca50b121815d587fe69cb4f3ca7
64844f8925b251163ea6b1ce7684859a3c1cc2fd394e68b5406214fb8dc53750
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
69c31e19d153f4e351d3ba5d420d298bae69414ff90dd4aaf06508a13a0cc89f
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6be2f75adb91ea6250947c3508fa1a8e76a88c8ac755061454f7cd91fcc04966
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6eb1bf07cd76fdce9fc2081b02dd0ebd9e6e4f4b1fcc507fd9607715ba799c3c
6fa0dc7a67252172df21e60b47265d378fff05207134366c5c57babaca609709
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
735ddb70987a43ea94e0fa0f92749368834392f36151cd0815f55d47bfa937ab
7468580033ac8a046998cbe5610fbce05da0da545c9da12326b8117e76714038
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
797f132f6e565fb3aa7b8c4816413a03596f0698a0226f7ce0c88546f36893dd
7e568c30edf804cc98633ab5ae2276b00cffd465216cb285624921fbe84f2f45
7f492d8c10e92f5f50f8bba82a5c203cc46c710510efe1f0e329ca0fdf2edb22
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6
8139a8c30c1cacaf38528bab917738fb1acffb9929a0b60c039e2d6795569a45
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8383516338f5835732c6de7d6ec893a86fd895cd4476e4e154cc97a8ee892bfe
848216b6d0b0e45ebec55a3143517cd78be070aeac59b15bb794c328fe3d6250
86178b6d2b740706fab7e76ec65578d165596d59f68f10ed8b24d080a31476bb
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
872beb3bc5f33896799aece58cf54e85ab8db472ed025bdd6fd0e14ea1a0ec20
8886f77d2c37295db646a7dbd845dbd972396d30b197af37b4ed90f6895624bc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1
8ccebd6eaa8c3b5dcccebcd861e06f4375eeb5cc4bffc59621f6ba1ebf494852
8e069f8c722538db5324c0a3f58fa7a129f21f9fac0b5342c07c3817ccfc498f
8f5b5d6f6720286a6dc28d6e5d127372a201743e15e338380fb41ecb74a630ce
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
930c92b1c71d3d7a6ec973ad3c36f52a541c14c3815b46677ea010bf4f5c5f46
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
968cc7900177ffa477dad5edb28e891902a920638439e503a26d360101ba0ba7
98b74791957dac4ea78deb4f6e232f9bd34af58610b5b92b403ad65b65aac389
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a191d55f9058efbace2ed692f0184471aab389ec8163dbce42e113183a1111da
a2586cde6229481b56e7a8dbae2313a5c6fcc852c7377c998c16fc4c41f4f7ec
a4141c2367637ec9020460c5d68a52cd3e4eb21f542a1605fbf3589fe0f5cb66
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ab7ac8d9b0453f533c56f6fb83a72b66de1cf2e66358c54288b74a1f30a0ef
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a885ac1238669b388d2db29120b8251134d73a975039d620b8fc2c47bae76795
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa68ed08f4d02e37ae3c678389cb97923a5120cc7dcbd15aca9bdf96b7d438c4
aa74ec2d64c5a2de329092b7cf137fc5dd95107094f4226b3b987b50ba6c1e3c
acb155ffcece7a604401c12fc986b266451dd4442e5aa5df45bcc294bb2ac25a
ae3fe956f01d67dac4ad2dea27165d9c2e3f24c96277bd0f6d65f20a8107a60f
b00a30ddc758e8acae56a71f3061f00d16e2abc0b17fe59f23c2b2dafc992316
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b37794ff8ffdffa7dd7582e1be26ef97ac2ce38c2e3483478bc68dd8c549533f
b3b9759af81dcc8a4227ccf3302eb6cc3a8fe834eda47b8ef8aa5affa97abbfe
b61ec332e4250392d4b522543341d794457b17a5d8fe6a8b6ef40d5649b222a4
bb0ceb16cda37d8f04287ee88f24bf3362e1fe0b7e0656a47eddd8fef6e477b0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd5e797ea55318cb551cad54e7a85c301782e6119dc50159104e35853ded0e2f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3de40caecf3f4e1897e809cc72606a83f3d83a580b037dc768cdac6192e8c5d
c65c5526041cd9324c68c18d951d19d1afc8f8b4c4ec3f78517aeb6f6535dc65
c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
c7f054101f77558c19041c38f048c80ff4ee7554db4606298f88211c325c5afb
c93794353afab50509f28bb4792ed22d0e5038b15040fe3a05ba1296b5cc1193
cbb025a7260d09438e48fe837e9b1a79e8b5a7837cdd998b827174a0ecc8949f
ce96b7455707acb927c6898bf4f93639954c1eaca2c7addf48f97e51bddec7f2
cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f
cf02816c53a21a989e4927daf0a68dbfe6a5a5dfb62313cf499cd6aee093cdfe
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3
d624d73020496137fb703c9c176de6fe9d6b71605213e4584edc0223dbeccb61
d660c601f061229830674cb018f54eef5a0ff9e6b962eb711345c6d00853017c
d86d18bdd18b25ed9084e7ca8f406ff01c070dd4a15c259d926fcdaacbe9f4bb
daff8aabf176b66270a2ed05549b731cb25820c715497c703ef80cab1dc0a580
dbeeb1bfc48b4211161d49425bf79a1520b30e948f00a84397798ac553512321
dca51f389fa0c7dfbe1dbd465236e1fbeba0f01b909293baf3476ce66817a22d
dd5614c135b5affbbdfe242efdfb1dbc185d2603464a85a12322420f6ac26f9b
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e46b3fe6d0dc58c0831f4fb756c3f028147fffa55f4e3b2e01b5c001e7d283ae
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
e6684f23a237776b9bbcf8f28c143d8d0ea7ac4b6062c44d206cbab2faaa9b88
e9a83c407934c3ccb3f2c664afaa35b5f7e86788415e58c8ec300d5d6f49c51b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef97770ddc1eb372523c9e0f547138c0a2abae4b4dcabf659a1d2c231ab497f1
f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7
f6730c15db80fe82a65709b12516db931af231d96c057f1b7f735e5b935c012f
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7823407ea256b2ce46c488a2ead5259f0def0bd1b50e1b882cf02c5329ea4ed
f7dac3af3c01cb6b74ccf5cd9d195a76fd90acfe304caecf5c3c6e1f66f5f93e
fa517df56ece4ad391f48638f59b7007817c12b6f5cba80bf3887c00a0fca180
fb05b670537df6c97d6f2e404a9e15f34ff47c262a716eaef3fd3cb8124e1c8e
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc1853387bfb1697d08611e99356e428d09c9ed6242cb8cd7aad96f6add47c8a
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 84.17.37.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

479 Requests

66 %HTTPS

0 %IPv6

96 Domains

166 Subdomains

93 IPs

15 Countries

3400 kBTransfer

10480 kBSize

127 Cookies

14 Outgoing links

Redirected requests

479 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
84.17.37.44 Public Scan

Screenshot
Live screenshot

Full Image

479
Requests

66 %
HTTPS

0 %
IPv6

96
Domains

166
Subdomains

93
IPs

15
Countries

3400 kB
Transfer

10480 kB
Size

127
Cookies

479 HTTP transactions
4 data transactions